Arc Forumnew | comments | leaders | submitlogin
1 point by evanrmurphy 3285 days ago | link | parent

> "G3: Dangerous [things] should be impossible to program by accident" is pretty bogus, and even if I give it the benefit of the doubt, it's poorly phrased.

The paper actually says, "Dangerous things should be difficult to do by accident" [1]. I don't mean to nitpick, but in this context I think the difference between "difficult" and "impossible" is significant.

Update: I just realized that Shutt's dissertation and the R-1RK are distinct, but the quote is consistent across them.


[1] From page 88 of jshutt.pdf, downloadable at

2 points by rocketnia 3285 days ago | link

That difference is significant too, but I'm specifically talking about the difference between trying to make something difficult and neglecting to make it easy. I pick a tool in the first place because it lets me do things more easily.

...Oh, I misquoted it. XD Yeah, thanks for catching that.

Another thing I missed was finishing the efficiency sentence. I was going to devote another paragraph to criticizing the efficiency-should-only-arise-naturally rule for being hypocritical--that an eye to efficiency influences and probably compromises other aspects of the design from the outset--but I determined I actually agree with that rule for Kernel. I think efficiency of fexprs is one of the most significant things Kernel stands to prove, so I don't mind an explicit and upfront goal of efficiency, but efficiency isn't in itself a goal motivating Kernel (I think), so it's good for the rule to be nuanced a bit. (Had I completed the sentence, it would have covered some part of that, but I'm not sure which. XD )


1 point by rocketnia 3285 days ago | link

Oh, that dissertation is new(-ish)! Last time I looked into Kernel it was just the R-1RK. Gotta read that sometime. ^_^