safe vs. unsafe (Was: Haskell Platform proposal: Add the vector package)

Brandon Allbery allbery.b at gmail.com
Thu Jul 12 01:38:11 CEST 2012


On Wed, Jul 11, 2012 at 7:27 PM, Johan Tibell <johan.tibell at gmail.com>wrote:

> For example, most functions in bytestring are unsafe because their
> implementation uses unsafePerformIO. To be very concrete, if 'map' on
> ByteStrings is unsafe it needs to be moved from
>

While I share your distrust of the whole Safe Haskell movement as being a
lot of effort for an unproven benefit from a definition of "safe" that is
not demonstrated to be of practical usefulness or practical concern, I
think you're wrong here.

unsafePerformIO is unsafe.

Data.ByteString.map is only unsafe if it allows unsafePerformIO to be
abused.

If it can verify that nothing actually unsafe takes place — which it does,
by dint of the promise inherent in it being exposed as pure —
Data.ByteString.map is *not* unsafe.  The mechanical application of "oh, it
uses unsafePerformIO, we don't care whether it proves it has used it
safely:  it must by definition be unsafe" just complicates things even
more.  If indeed it's not simply a strawman.

-- 
brandon s allbery                                      allbery.b at gmail.com
wandering unix systems administrator (available)     (412) 475-9364 vm/sms
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.haskell.org/pipermail/libraries/attachments/20120711/605bc217/attachment-0001.htm>


More information about the Libraries mailing list