Göran Weinholt writes:
These paragraphs are from R6RS:
The standard libraries whose exports are described by this document are said to be safe libraries. Libraries and top-level programs that import only from safe libraries are also said to be safe.
As defined by this document, the Scheme programming language is safe in the following sense: The execution of a safe top-level program cannot go so badly wrong as to crash or to continue to execute while behaving in ways that are inconsistent with the semantics described in this document, unless an exception is raised.
Contrast that with this paragraph from R7RS-small draft 9:
For example, it is an error for a procedure to be passed an argument of a type that the procedure is not explicitly specified to handle, even though such domain errors are seldom mentioned in this report. Implementations may signal an error, extend a procedure's domain of definition to include such arguments, or fail catastrophically.
Formalising catastrophic failure as an acceptable evaluation strategy is not a good idea. I also believe it conflicts with this requirement from the WG1 charter: "Semantics compatible with interactive read/eval/print loops should be provided."