From 239fdd456e72a08465e8ef51bff12d5dbfac43dc Mon Sep 17 00:00:00 2001 From: Melody Horn Date: Mon, 19 Oct 2020 16:27:42 -0600 Subject: super rough draft of memory safety --- index.md | 53 +++++++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 22 deletions(-) (limited to 'index.md') diff --git a/index.md b/index.md index f9f71e9..72e2572 100644 --- a/index.md +++ b/index.md @@ -1,22 +1,31 @@ ---- -title: Crowbar Spec ---- - -This is entirely a work-in-progress, and should not be relied upon to be stable in any way. - -# Context - -- [Rust is not a good C replacement](https://drewdevault.com/2019/03/25/Rust-is-not-a-good-C-replacement.html) - -# cactus's Blog Posts - -- [Crowbar: Defining a good C replacement](https://www.boringcactus.com/2020/09/28/crowbar-1-defining-a-c-replacement.html) -- [Crowbar: Simplifying C's type names](https://www.boringcactus.com/2020/10/13/crowbar-2-simplifying-c-type-names.html) - -# Syntax - -[Read the Syntax chapter of the spec.](syntax.md) - -# Semantics - -[![Creative Commons BY-SA License](https://i.creativecommons.org/l/by-sa/4.0/80x15.png)](http://creativecommons.org/licenses/by-sa/4.0/) +Crowbar: the good parts of C, with a little bit extra. + +This is entirely a work-in-progress, and should not be relied upon to be stable in any way. + +# Context + +- [Rust is not a good C replacement](https://drewdevault.com/2019/03/25/Rust-is-not-a-good-C-replacement.html) + +# cactus's Blog Posts + +- [Crowbar: Defining a good C replacement](https://www.boringcactus.com/2020/09/28/crowbar-1-defining-a-c-replacement.html) +- [Crowbar: Simplifying C's type names](https://www.boringcactus.com/2020/10/13/crowbar-2-simplifying-c-type-names.html) + +# Additions to C + +For Crowbar to be "the good parts of C, with a little bit extra", we must first decide what C lacks. +C has several widely known footguns, some of which are misfeatures that can simply be not supported, but some of which are insecure-by-default. +As such, new features must be added to engage the safeties on these proverbial footguns. + +- C is generous with memory in ways that are unreliable by default. + Crowbar adds [memory safety guarantees](safety.md) to make correctness the default behavior. + +# Syntax + +[Read the Syntax chapter of the spec.](syntax.md) + +# Semantics + +TODO + +[![Creative Commons BY-SA License](https://i.creativecommons.org/l/by-sa/4.0/80x15.png)](http://creativecommons.org/licenses/by-sa/4.0/) -- cgit v1.2.3