[Haskell-cafe] Safe Haskell?

Carter Schonwald carter.schonwald at gmail.com
Tue May 4 18:38:43 UTC 2021 

Are you sure?

It also says  "The use of Safe to compile Danger restricts the features of
Haskell that can be used to a safe subset. This includes disallowing
unsafePerformIO, Template Haskell, pure FFI functions, RULES and
restricting the operation of Overlapping Instances."


On Tue, May 4, 2021 at 8:32 AM Oleg Grenrus <oleg.grenrus at iki.fi> wrote:

> The GHC manual says [1]
>
> RULES — Rewrite rules defined in a module M compiled with Safe are
> dropped. Rules defined in Trustworthy modules that M imports are still
> valid and will fire as usual.
>
> So rules are still in use, and e.g. list fusion works. Library authors
> cannot define their own RULES in Safe modules, but they are (always, no
> need to -Wall) warned about the fact that these rules are ignored. I
> don't see a possibility for silent performance regressions.
>
> - Oleg
>
> [1]:
>
> https://downloads.haskell.org/ghc/9.0.1/docs/html/users_guide/exts/safe_haskell.html#building-secure-systems-restricted-io-monads
>
> On 4.5.2021 15.10, Carter Schonwald wrote:
>
> > Default safety isn’t quite what you want in normal packages, because
> > that disables all user land rewrite rules! It may have other
> > implications too, but short of augmenting ghc with a proof system for
> > correctness of rewrite rules, default safehaskell is at odds with
> > optimized builds.
> >
> > On Mon, May 3, 2021 at 10:28 AM Richard Eisenberg <rae at richarde.dev
> > <mailto:rae at richarde.dev>> wrote:
> >
> >
> >
> >>     On May 3, 2021, at 7:40 AM, Tom Smeding <x at tomsmeding.com
> >>     <mailto:x at tomsmeding.com>> wrote:
> >>
> >>     But perhaps I'm being ignorant of other existing cases where this
> >>     already matters, and I've been living in an idealised world until
> >>     now.
> >
> >     Sad to say it, but order does matter here.
> >
> >     In the very simple case, if you have {-# LANGUAGE
> >     FlexibleContexts, NoFlexibleContexts #-}, that's different from
> >     {-# LANGUAGE NoFlexibleContexts, FlexibleContexts #-} -- later
> >     extensions override earlier ones. This problem becomes more
> >     confounding when we recognize that some extensions imply others.
> >     For example {-# LANGUAGE TypeFamilies, NoMonoLocalBinds #-} means
> >     something different from {-# LANGUAGE NoMonoLocalBinds,
> >     TypeFamilies #-} because TypeFamilies implies MonoLocalBinds.
> >     Perhaps even worse, {-# LANGUAGE CUSKs, StandaloneKindSignatures
> >     #-} differs from {-# LANGUAGE StandaloneKindSignatures, CUSKs #-}
> >     because StandaloneKindSignatures implies NoCUSKs.
> >
> >     Returning to Safe Haskell:
> >
> >     It's true that Safe cannot be overridden locally. This is
> >     implemented by the fact that NoSafe does not exist. To me, this
> >     design makes sense, because it means that compiling with `ghc
> >     -XSafe` is guaranteed to use Safe Haskell. So we would need
> >     something like a default-safety field in Cabal, that could be
> >     overridden locally.
> >
> >     But, still, this may be easier than the status quo.
> >
> >     Do we think this would work? Specifically:
> >
> >     * Introduce a new flag -fdefault-safety={safe,trustworthy,unsafe}
> >     that changes the module-level default. This default names the
> >     safety level in effect for any module that declares none of Safe,
> >     Trustworthy, or Unsafe.
> >     * If -fdefault-safety is not specified at the command line, it is
> >     as if the user wrote -fdefault-safety=unsafe.
> >
> >     And that's it.
> >
> >     Consequence: Safe-inference would never take place, because every
> >     module would have a declared level of Safety. The Safe-inference
> >     code could thus be removed.
> >
> >     Further work: Introduce default-safety in Cabal, but that's not
> >     really necessary to make the changes above.
> >
> >     What do we think?
> >
> >     Richard
> >     _______________________________________________
> >     Haskell-Cafe mailing list
> >     To (un)subscribe, modify options or view archives go to:
> >     http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-cafe
> >     Only members subscribed via the mailman list are allowed to post.
> >
> >
> > _______________________________________________
> > Haskell-Cafe mailing list
> > To (un)subscribe, modify options or view archives go to:
> > http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-cafe
> > Only members subscribed via the mailman list are allowed to post.
> _______________________________________________
> Haskell-Cafe mailing list
> To (un)subscribe, modify options or view archives go to:
> http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell-cafe
> Only members subscribed via the mailman list are allowed to post.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/haskell-cafe/attachments/20210504/652903a4/attachment.html>

More information about the Haskell-Cafe mailing list