[R6RS] Safe/unsafe mode

William D Clinger will at ccs.neu.edu
Thu Jul 20 13:39:38 EDT 2006


Mike wrote:
> > I'm sure those additions were made with the best
> > of intent, but they are factually incorrect, for
> > reasons both obvious and subtle.  The draft of
> > safety.txt alludes to one of the subtle reasons,
> > albeit subtly, and flatly states one of the
> > more obvious reasons.
> 
> Could you be more specific?

Yes.

One of the additions was:

    Proposal 2 requires the macro expander to pass declare
    forms through to the output, but otherwise to ignore
    their presence.

This text actually appears twice; the first time, it
should refer to Proposal 1 rather than Proposal 2.

One of the more obvious reasons Kent's statement is
incorrect is that the output of the macro expander
is wildly implementation-dependent; therefore any
claim that any proposal must include any particular
syntactic form within its output is incorrect, and
obviously so.

Another reason Kent's statement is incorrect is that
the very same technique that Kent used to express the
effect of implicit non-hygienic binding in Proposal 3
can be used to express the implicit non-hygienic
binding of the safe quality in Proposals 1 and 2.
That is, where Kent illustrated Proposal 3 with

    For example,

        (lambda (x)
          (declare (safe 0))
          (let ((y (cdr x)))
            (declare (safe 1))
            (car y)))

    expands to

        (#u:lambda (x)
          (#u:let ((y (#u:cdr x)))
            (#s:car x)))

the corresponding expansion for Proposals 1 and 2
is to

        (#u:lambda (x)
          (#u:let ((y (#u:call cdr x)))
            (#s:call car x)))

Obviously, there are no declare forms in this output.

Will



More information about the R6RS mailing list