[Haskell-cafe] safe code to run in finalizers: ACIO revisited

[Robert Dockins]

Due to one of the threads on cafe recently, I have been doing some
thinking about finalizers.  There is this sort of intuitive notion that
some things shouldn't be done inside finalizers.  For example, no output
should be produced, because the output handles may have been finalized
already, and finalizers can't be ordered.

So, to be safe, the action of a finalizer must commute with every other
finalizer (they must be central).  And because the finalizers might not
be run (compiler can't provide guarantees), their result should not be
directly observable, and if the finalizer is not run, the program should
still be correct (they must be affine).  So a separate ACIO monad for
affine central IO actions would be the appropriate context for
finalizers.  The orignial ACIO proposal was presented in the context of
module initalization.

http://www.haskell.org//pipermail/haskell-cafe/2004-November/007664.html


It strikes me that "module init time" and "finalizer time" are very
similar execution contexts.  They are

 1) outside the normal program flow
 2) mostly intended to make the bookeeping work out
 3) non-deterministic wrt when/if they will be run
 4) if used in the "wrong" ways, they can break program safety.
 5) they both are viewed with disfavor for the bad things people can do
with them

I'm not sure where I am going with this observation, but it seems that
if some solution (such as an ACIO monad) could make both of these kinds
of action safe, it would probably be worth a second thought.