On Thu, 10 Jan 2008, David Roundy wrote: > On Thu, Jan 10, 2008 at 08:10:57PM +0000, Sebastian Sylvan wrote: > > On Jan 10, 2008 8:06 PM, Ketil Malde <[EMAIL PROTECTED]> wrote: > > > "David Roundy" <[EMAIL PROTECTED]> writes: > > > > > > >> > I just want to point out that unsafePerformIO is at the core of the > > > >> > (safe) bytestring library. As SPJ et al pointed out, this is crucial > > > >> > functionality, and is only unsafe if unsafely used. > > > > > > >> In Modula-3 modules using hacks must be explicitly marked as UNSAFE. > > > >> See > > > >> http://www.cs.purdue.edu/homes/hosking/m3/reference/unsafe.html > > > >> Maybe this is also an option for Haskell? > > > > > > > I don't think this is a good idea. > > > > > > I think the point is (should be) to mark functions unsafe when they > > > may be unsafe to /use/, > > > > I think using the IO monad for this works well... > > Would you suggest moving head and tail into the IO monad?
I'm afraid we are talking about different notions of 'safe'. Modula-3's 'safe' means no "segmentation fault", but program abortion due to ASSERT is still allowed. Ported to Haskell this means: 'head' and 'tail' are safe, but not total. I've seen function definitions like 'safeHead', that I would have named 'maybeHead'. For running untrusted code this means: I think it is ok that the program aborts with an error or runs into an infinite loop and must be terminated after a time-out, but it is not ok, that it overwrites some memory area or deletes some files, because unsafePerformIO was invoked. _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe
