#8827: Inferring Safe mode with GeneralizedNewtypeDeriving is wrong -------------------------------------+------------------------------------ Reporter: goldfire | Owner: Type: bug | Status: new Priority: normal | Milestone: 7.8.1 Component: Compiler | Version: 7.8.1-rc2 Resolution: | Keywords: Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: 8226, 8745 -------------------------------------+------------------------------------ Comment (by nomeata): Just as a data point:
Though controlling instance exports does not have a precedent, another option might be to special-case the Coerce class and only export instances of Coerce when all constructors of a type are also exported. This would prevent anyone from using Coerce to do things they couldn't already do manually.
This is what we had originally; the check was removed in 59722295bb8da8f01d37356fbed6aef7321a8195/ghc. It wouldn’t be hard to re- introduce it; but it will mean that a lot of uses of `coerce` or GND in Safe Haskell will fail, including `coerce :: Set Age -> Set Int`. Maybe requiring a `deriving (Coercible)`, or `-XDeriveCoerce`, or a standalone deriving declaration to get the coerce-under-type constructor behaviour isn’t such a bad idea after all, even outside the context of Safe Haskell? It would turn the current blacklisting (“add role annotatoin if it is not safe”) into whitelisting (“tell us that Coercing is safe, and how”). For additional convenience we could retain the previous behaviour of „instance available if all constructors are in scope“, so that the author of simple cases like `[]`, `Either`, `Maybe` do not have to do something; only those who hide their constructors have to act to allow their users to coerce under their type constructor. TL;DR: Coercing under a type constructor is allowed if (a) all involved constructors are in scope (“could write it by hand test”) ''or'' (b) someone who had access to the constructors (most likely the author) explicitly declared the instance, using some form of `deriving`. No special behaviour needed for Safe Haskell. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8827#comment:14 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler