Delaying 7.10?
José Pedro Magalhães
dreixel at gmail.com
Thu Jan 29 18:32:33 UTC 2015
On Thu, Jan 29, 2015 at 6:27 PM, Bardur Arantsson <spam at scientician.net>
wrote:
> On 01/29/2015 06:58 PM, Simon Peyton Jones wrote:
> > Friends
> > In a call with a bunch of type hackers, we were discussing
> > https://ghc.haskell.org/trac/ghc/ticket/9858
> > This is a pretty serious bug. It allows a malicious person to construct
> his own unsafeCoerce, and so completely subverts Safe Haskell.
> > Actually there are two bugs (see comment:19). The first is easily
> fixed. But the second is not.
> > We explored various quick fixes, but the real solution is not far out of
> reach. It amounts to this:
> >
>
> I'm definitely not qualified to "vote" on this, but out of curiosity is
> this something which will affect *existing* and *deployed* (or, I guess,
> soon-to-be-deployed-after-being-recompiled-with-7.10-without-changes)
> code? It it something which will "just" affect Try Haskell and similar
> initiatives which must use Safe Haskell to avoid trivial DoS and
> exploitation?
>
> Would the "do not derive Typeable for polykinded type constructors"
> break huge amounts of existing pre-7.10 code, etc.?
>
I am particularly afraid of that, yes. Not being able to derive Typeable
for polykinded type constructors also means no SYB for those types. And
many libraries have moved to generalise their type constructors to be
polykinded whenever possible.
Cheers,
Pedro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/ghc-devs/attachments/20150129/4ed22a66/attachment.html>
More information about the ghc-devs
mailing list