Generalized Newtype Deriving not allowed in Safe Haskell
David Terei
dave.terei at gmail.com
Fri Apr 10 08:37:57 UTC 2015
I'll prepare a patch for the userguide soon.
As for something better, yes I think we can and should. It's on my
todo list :) Basically, the new-GND design has all the mechanisms to
be safe, but sadly the defaults are rather worrying. Without explicit
annotations from the user, module abstractions are broken. This is why
we left GND out of Safe Haskell for the moment as it is a subtle and
easy mistake to make.
If the module contained explicit role annotations then it could be
allowed. The discussion in
https://ghc.haskell.org/trac/ghc/ticket/8827 has other solutions that
I prefer, such as only exporting the Coerce instance if all the
constructors are exported, it seems that the ship sailed on these
bigger changes sadly.
Cheers,
David
On 9 April 2015 at 00:56, Simon Peyton Jones <simonpj at microsoft.com> wrote:
> There is a long discussion on https://ghc.haskell.org/trac/ghc/ticket/8827
> about whether the new Coercible story makes GND ok for Safe Haskell. At a
> type-soundness level, definitely yes. But there are other less-clear-cut
> issues like “breaking abstractions” to consider. The decision on the ticket
> (comment:36) seems to be: GND stays out of Safe Haskell for now, but there
> is room for a better proposal.
>
>
>
> I don’t have an opinion myself. David Terei and David Mazieres are in the
> driving seat, but I’m sure they’ll be responsive to user input.
>
>
>
> However, I think the user manual may not have kept up with #8827. The
> sentence “GeneralizedNewtypeDeriving — It can be used to violate constructor
> access control, by allowing untrusted code to manipulate protected data
> types in ways the data type author did not intend, breaking invariants they
> have established.” vanished from the 7.8 user manual (links below). Maybe
> it should be restored.
>
>
>
> Safe Haskell aficionados, would you like to offer a patch for the manual?
> And maybe also a less drastic remedy than omitting GND altogether?
>
>
>
> Simon
>
>
>
> From: Omari Norman [mailto:omari at smileystation.com]
> Sent: 09 April 2015 02:44
> To: haskell Cafe
> Subject: Generalized Newtype Deriving not allowed in Safe Haskell
>
>
>
> When compiling code with Generalized Newtype Deriving and the -fwarn-unsafe
> flag, I get
>
>
>
> -XGeneralizedNewtypeDeriving is not allowed in Safe Haskell
>
>
>
> This happens both in GHC 7.8 and GHC 7.10.
>
>
>
> I thought I remembered reading somewhere that GNTD is now part of the safe
> language? The GHC manual used to state that GNTD is not allowed in Safe
> Haskell:
>
>
>
> https://downloads.haskell.org/~ghc/7.6.3/docs/html/users_guide/safe-haskell.html#safe-language
>
>
>
> But this language on GNTD not being part of the safe language was removed in
> the 7.8 manual:
>
>
>
> https://downloads.haskell.org/~ghc/7.8.2/docs/html/users_guide/safe-haskell.html#safe-language
>
>
>
> The GHC release notes don't say anything about this one way or the other.
> Thoughts?
>
>
> _______________________________________________
> ghc-devs mailing list
> ghc-devs at haskell.org
> http://mail.haskell.org/cgi-bin/mailman/listinfo/ghc-devs
>
More information about the ghc-devs
mailing list