my feelings on the basis hack

Henry Cejtin henry@sourcelight.com
Thu, 12 Jul 2001 15:31:39 -0500 

I want to indicate how EXTREMELY STRONGLY I disagree with the modification to
the basis library to include calls to  the  unsafe  arithmetic  ops.   In  my
opinion  this  is  a  huge  mistake for many reasons which I will try to make
explicit.

First philosophical arguments: the notion of a safe language is one, I think,
that  we all agree with.  This way if an error occurs you will know about it.
Look at the legion of buffer-overflow security exploits in C  code.   All  of
this code was considered to be safe by the author.

I  don't  disagree  that  overflows are less likely then buffer overruns, but
note that they have happened in C code and caused security problems  as  well
(the  most  recent  ssh  problems).   I  also  don't disagree that functional
programming lets you make it easier to convince yourself  that  the  code  is
safe:  the  canonical  example being something like Array.tabulate.  The fact
that the function generating the elements is NOT part of  the  definition  of
tabulate makes it clearer.  Despite this, mistakes happen.

A  second  slightly  less philosophical objection comes from the fact that it
makes the basis library special.  Note, there are NO unsafe operations in ML.
(You could fake them using convert args to word, Word.+ and then convert them
back, but I ignore that.)  This is REALLY bad.  It means  that  if  a  person
doesn't like the basis library (and note, none of us like its curried aspects
and argument order) then they will write their own and it  will  run  slower.
Giving the basis library special privileges is really not a good thing.

Next, I will descend to the expedient: sadly all decisions in such things are
mix of the moral and the expedient.  If I were to win a  factor  of  1000,  I
would  be tempted to do this hack.  A factor of 2 would not be enough for me.
In fact, the speed up is pretty squat-like.

Finally, this hack will discourage putting the optimization where it belongs:
in the compiler.  This is very bad since we need all the encouragement we can
get.

I don't expect to convince any one, but I again really  want  to  express  my
disagreement with this decision.