Difference between revisions of "Unsafe functions"
Jump to navigation
Jump to search
m |
m (Initial quote replaced) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | <blockquote> |
||
| − | <div style="border-left:1px solid lightgray; padding: 1em" alt="blockquote"> |
||
| + | [Using the FFI] you can import any C function with a pure type, |
||
| − | A colleague [...] asked me today whether I know how to use <code>unsafePerformIO</code> safely. And I realized I have no idea. [...] |
||
| + | which also allows you to wreak arbitrary havoc. We enable |
||
| + | the user to disguise arbitrary machine code as a Haskell |
||
| + | function of essentially arbitrary type. In comparison, |
||
| + | <code>unsafePerformIO</code> seems angelic. |
||
| + | :<small>[[QuotesPage|Manuel Chakravarty]]</small> |
||
| − | <small>[https://discourse.haskell.org/t/using-unsafeperformio-safely/4146 Richard Eisenberg.]</small> |
||
| − | </ |
+ | </blockquote> |
| − | <sub> </sub> |
||
There are a number of '''unsafe functions''' in the libraries. |
There are a number of '''unsafe functions''' in the libraries. |
||
| ⚫ | |||
* <hask>unsafePerformIO :: IO a -> a</hask> |
* <hask>unsafePerformIO :: IO a -> a</hask> |
||
| + | * <hask>inlinePerformIO :: IO a -> a</hask> |
||
* <hask>unsafeInterleaveIO :: IO a -> IO a</hask> |
* <hask>unsafeInterleaveIO :: IO a -> IO a</hask> |
||
* <hask>unsafeInterleaveST :: ST s a -> ST s a</hask> |
* <hask>unsafeInterleaveST :: ST s a -> ST s a</hask> |
||
| Line 15: | Line 20: | ||
* <hask>unsafeFreeze</hask>, <hask>unsafeThaw</hask> |
* <hask>unsafeFreeze</hask>, <hask>unsafeThaw</hask> |
||
* <hask>unsafeCoerce# :: a -> b</hask> |
* <hask>unsafeCoerce# :: a -> b</hask> |
||
| ⚫ | |||
| − | Unsafe functions can |
+ | Unsafe functions can: |
| − | * type safety (<code>unsafeCoerce#</code>, <code>unsafePerformIO</code>), |
+ | * break type safety (<code>unsafeCoerce#</code>, <code>unsafeLocalState</code>, <code>unsafePerformIO</code>), |
| − | * [https://okmij.org/ftp/Haskell/index.html#lazyIO-not-True equational reasoning] (<code>unsafeInterleaveIO</code>) |
+ | * or break [https://okmij.org/ftp/Haskell/index.html#lazyIO-not-True equational reasoning] (<code>unsafeInterleaveIO</code>). |
| ⚫ | |||
| − | * or [http://en.wikipedia.org/wiki/Parametricity parametricity] (<code>seq</code>). |
||
| − | |||
| − | Their use (except in the case of <code>seq</code>) would require some |
||
| ⚫ | |||
| − | is safe. |
||
<code>unsafe</code> is also a keyword which can be used in a [http://haskell.org/haskellwiki/Performance/FFI foreign import declaration]. |
<code>unsafe</code> is also a keyword which can be used in a [http://haskell.org/haskellwiki/Performance/FFI foreign import declaration]. |
||
| − | |||
{{stub}} |
{{stub}} |
||
Latest revision as of 12:02, 24 September 2024
[Using the FFI] you can import any C function with a pure type, which also allows you to wreak arbitrary havoc. We enable the user to disguise arbitrary machine code as a Haskell function of essentially arbitrary type. In comparison,
unsafePerformIOseems angelic.
There are a number of unsafe functions in the libraries.
unsafeLocalState :: IO a -> aunsafePerformIO :: IO a -> ainlinePerformIO :: IO a -> aunsafeInterleaveIO :: IO a -> IO aunsafeInterleaveST :: ST s a -> ST s aunsafeIOToST :: IO a -> ST s aunsafeIOToSTM :: IO a -> STM aunsafeFreeze,unsafeThawunsafeCoerce# :: a -> b
Unsafe functions can:
- break type safety (
unsafeCoerce#,unsafeLocalState,unsafePerformIO),
- or break equational reasoning (
unsafeInterleaveIO).
Their use would require some kind of assurance on the part of the programmer that what they're doing is safe.
unsafe is also a keyword which can be used in a foreign import declaration.
This article is a stub. You can help by expanding it.