Hermeticum/slovo
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d3e628553f
slovo/docs/language/DESIGN.md
sanjin 19b0454b3f Import Slovo 1.0.0-beta monorepo
2026-05-22 08:38:43 +02:00

292 lines
5.4 KiB
Markdown
Raw Blame History

# Slovo Design Notes
> **Design is how the manifesto survives contact with implementation.**
`MANIFEST.md` explains why Slovo exists.
`DESIGN.md` explains how Slovo should resist drift.
`SPEC-v0.md` defines the first tiny version.
---
## 1. Design Thesis
Slovo is a typed structural language aimed at systems programming.
Its defining promise is continuity of structure:
```text
source form
parsed tree
checked tree
lowered tree
LLVM IR
machine code
```
The tree should remain visible across the pipeline.
The written form should not be a disguise.
The written form should be the beginning of the compiler's truth.
---
## 2. Design Laws
### Law 1: The Tree Is the Language
Source code should map directly to tree structure.
No operator precedence.
No grammar puzzles.
No hidden parse tricks.
### Law 2: Canonical Core, Possible Surface
Slovo may eventually have surface conveniences.
But every convenience must lower into one canonical core meaning.
Convenience must not hide meaning.
### Law 3: Explicit Beats Implicit
No hidden numeric casts.
No magic imports.
No invisible control flow.
No unmarked unsafe behavior.
### Law 4: Lowering Is a Contract
Every feature must explain how it lowers.
A feature is not accepted because it is expressive.
A feature is accepted when its meaning remains visible after lowering.
### Law 5: Tooling Is Part of the Language
Parser, formatter, type checker, structured diagnostics, lowering inspector, test runner, and package layout are part of the language promise.
A feature that cannot be formatted, diagnosed, lowered, and tested is not ready.
### Law 6: Safety Must Be Precise
Safety claims must be specific.
If Slovo says code is safe, it must define what kind of machine-level danger safe code excludes.
### Law 7: Hype Must Not Design the Language
Slovo is LLM-friendly, but not AI-hype-driven.
The goal is durable structure useful to humans, tools, compilers, and machines.
---
## 3. Safety Model v0
Safe Slovo code should guarantee:
- values are initialized before use
- nullable absence uses `option`
- recoverable failure uses `result`
- casts are explicit
- safe array and slice access is bounds-checked
- raw pointers require `unsafe`
- allocation and deallocation primitives require `unsafe`
- unsafe code is lexically visible
- uninitialized memory is not observable from safe code
Safe Slovo does **not** initially guarantee:
- data-race freedom
- deterministic real-time behavior
- absence of panics/traps
- absence of logic errors
- absence of resource leaks
- full memory safety across FFI
- Rust-like borrow checking
---
## 4. Memory Model v0
The recommended v0 memory model:
```text
safe code:
- managed heap values
- no raw pointer operations
- bounds-checked slices
- option/result instead of null/exceptions
unsafe code:
- raw pointers
- explicit allocation APIs
- explicit deallocation APIs
- pointer load/store
- pointer arithmetic, if added, only in unsafe
```
No concurrency memory model is defined in v0.
Possible v1+ directions:
- arenas
- regions
- ownership
- affine resources
- FFI memory contracts
- layout annotations
- controlled unsafe abstractions
The v0 goal is not to beat Rust.
The v0 goal is to be honest, implementable, and structurally clean.
---
## 5. Type-System Restraint
Slovo begins with explicit types and limited inference.
Inference may be allowed only where the expected type is already clear from context.
Initial type families:
```text
primitive:
bool
i8 i16 i32 i64
u8 u16 u32 u64
f32 f64
char
string
unit
never
compound:
(ptr T)
(array T N)
(slice T)
(option T)
(result T E)
```
Generics should wait until the core is stable.
---
## 6. Lowering Discipline
Every feature must have:
1. surface syntax
2. typed-core representation
3. lowering rule
4. diagnostic behavior
5. formatter behavior
6. test examples
A feature without a lowering rule is incomplete.
A feature without diagnostics is incomplete.
A feature without formatting is incomplete.
A feature without tests is incomplete.
---
## 7. Diagnostics Contract
Human-readable diagnostic:
```text
Cannot call add with argument 2.
Expected:
i32
Found:
string
At:
(add 3 "hello")
Hint:
Use an integer value or convert explicitly.
```
Machine-readable diagnostic:
```slo
(error
(code TypeMismatch)
(expected i32)
(found string)
(span "main.slo" 12 8 12 15)
(hint "Use an integer value or convert explicitly."))
```
Diagnostics should include:
- stable error code
- source span
- expected value/type/form
- found value/type/form
- explanation
- possible repair hint when safe
Diagnostics are a tool API, not only user messages.
---
## 8. Formatter Contract
The formatter is canonical.
A Slovo implementation that accepts code the formatter cannot canonicalize is incomplete.
The formatter should:
- normalize indentation
- preserve tree structure
- avoid stylistic alternatives
- make nested forms readable
- never change program meaning
Formatting is shared understanding.
---
## 9. Feature Admission Checklist
Before adding a feature, ask:
1. Does it preserve visible structure?
2. Does it lower into typed core?
3. Can the formatter canonicalize it?
4. Can diagnostics explain it?
5. Can tools inspect it?
6. Can LLMs generate and repair it reliably?
7. Does it keep unsafe behavior explicit?
8. Does it avoid hidden machine costs?
9. Does it strengthen Slovo's identity?
10. Can it wait?
If it can wait, it probably should.
Reference in New Issue View Git Blame Copy Permalink