[R6RS] safe and unsafe; declarations

William D Clinger will at ccs.neu.edu
Fri Mar 3 15:52:32 EST 2006


Mike wrote:
> I'm not sure I understand this now---the main reason, I think is this
> talk of exception handlers.  Isn't the R6RS mostly going to specify
> what exceptions are *raised*, and leave the handling to the
> application?

My concept is that the R6RS will specify which exceptions
are raised (whether required, encouraged, or allowed).

The R6RS will also specify how exceptions are handled in
safe mode.

The R6RS will explicitly *not* specify how exceptions are
handled in unsafe mode.  This allows implementations to
handle exceptions in arbitrarily perverse ways when in
unsafe mode.

As I say, that is my concept.  The editors don't have to
agree to it.

> Anyway, would a correct inference from what you're writing be:
> 
> "Anything within the dynamic extent of expressions within the scope of
> an unsafe declaration is allowed to do something completely
> unspecified whenever it would raise an exception in safe mode."

I intended something even worse:

"Anything within the dynamic extent of expressions within
the scope of an unsafe declaration is allowed to do
something completely unspecified whenever the R6RS would
allow the implementation to raise an exception in safe mode."

In particular, a violation in unsafe mode may break any of
the system invariants that, in safe mode, are guaranteed by
the compiler, garbage collector, and other pieces of the
runtime system.  Once these invariants are broken, really
strange things can happen, even within code that was compiled
in safe mode.  All bets are off.

Will



More information about the R6RS mailing list