about summary refs log tree commit diff stats
path: root/tools/iso/kernel.soso
diff options
context:
space:
mode:
authorKartik Agaram <vc@akkartik.com>2020-06-15 17:00:26 -0700
committerKartik Agaram <vc@akkartik.com>2020-06-15 17:13:04 -0700
commitd292196ff5ab9f103364e05c42a1edc03dc1b5ab (patch)
tree2e80472fd9d248f3631903aaf2282f7e0831a075 /tools/iso/kernel.soso
parent5a6d2d0db7ccc1d6b09ce898e3b57f62a5b1b787 (diff)
downloadmu-d292196ff5ab9f103364e05c42a1edc03dc1b5ab.tar.gz
6529 - don't let `addr`s escape functions
I've gone back and forth on this. I initially disallowed this, then allowed
it because I forgot why I disallowed it. The reason to disallow it: if
you return an `addr` to a variable allocated on the stack, the space might
be reused for a different type, which violates type-safety. And once you
can reinterpret bits of one type as another you lose memory-safety as well.

This has some interesting implications for Mu programs; certain kinds of
helper functions become impossible to write. Now I find myself relying a
lot more on scopes (and editor folding support) for abstracting details.
And they won't help manage duplication. We'll see how this goes.

While I'm being draconian about `addr`s on the stack, I'm still abusing
`addr`s on the heap, with the expectation that future checks on reclamation
will protect me. The boon and bane of stack space is that it's constantly
reclaimed.
Diffstat (limited to 'tools/iso/kernel.soso')
0 files changed, 0 insertions, 0 deletions