Safe and Unsafe Calls (original) (raw)

ANSI Common Lisp 3 Evaluation and Compilation 3.5 Error Checking in Function Calls 3.5.1 Argument Mismatch Detection

3.5.1.1 Safe and Unsafe Calls

A call is a safe call if each of the following is either safe code or system code (other than_system code_ that results from macro expansion of programmer code):

• the call.
• the definition of the function being called.
• the point of functional evaluation

The following special cases require some elaboration:

• If the function being called is a generic function, it is considered safe if all of the following are_safe code_ or system code:
  • -- its definition (if it was defined explicitly).
  • -- the method definitions for all applicable methods.
  • -- the definition of its method combination.
• For the form (coerce x 'function), where x is a lambda expression, the value of the optimize quality safetyin the global environment at the time the coerceis executed applies to the resulting function.
• For a call to the function ensure-generic-function, the value of the_optimize quality_ safety in the environment object passed as the :environment argument applies to the resulting generic function.
• For a call to compile with a lambda expression as the_argument_, the value of the optimize quality safetyin the global environment at the time compile is _called_applies to the resulting compiled function.
• For a call to compile with only one argument, if the original definition of the function was safe, then the resulting _compiled function_must also be safe.
• A call to a method by call-next-method must be considered safe if each of the following is safe code or system code:
  • -- the definition of the generic function (if it was defined explicitly).
  • -- the method definitions for all applicable methods.
  • -- the definition of the method combination.
  • -- the point of entry into the body of the method defining form, where the binding of call-next-method is established.
  • -- the point of functional evaluation of the name call-next-method.

An unsafe call is a call that is not a safe call.

The informal intent is that the programmer can rely on a _call_to be safe, even when system code is involved, if all reasonable steps have been taken to ensure that the call is safe. For example, if a programmer calls mapcar from safe code and supplies a function that was _compiled_as safe, the implementation is required to ensure thatmapcar makes a safe call as well.

3.5.1.1.1 Error Detection Time in Safe Calls