#8745: GeneralizedNewtypeDeriving is still not Safe -------------------------------------+------------------------------------ Reporter: goldfire | Owner: Type: bug | Status: new Priority: normal | Milestone: Component: Compiler | Version: 7.8.1-rc1 Resolution: | Keywords: Safe Operating System: Unknown/Multiple | Architecture: Unknown/Multiple Type of failure: None/Unknown | Difficulty: Unknown Test Case: | Blocked By: Blocking: | Related Tickets: -------------------------------------+------------------------------------ Comment (by nomeata): We have some special handling in Safe mode in place where we do the Coerible thing, but it is neither well tested nor well discussed. (`getCoercibleInst` in `TcInteract`) Currently, in Safe Mode, the following additional restrictions exist when checking whether something is `Coercible`:
To coerce under a type constructor, ''all'' data constructors of ''all'' type constructors involved in the definition of that type constructors need to be in scope.
No additional constraint is put on unfolding a newtype, but there we already require the constructor to be in scope. I believe that this condition is sufficient for “the use can implement coerce himself (ignoring the run-time cost)”. If anything, it might turn out too strong. If that works as intended, `Coercible` and GND should be safe. There might possibly be ways to break it, maybe with different modules, some safe and some not... but that would simply be bugs then, and I’m not claiming bug freeness. A trustworthy `GHC.Coerce` might be nice. Or maybe even `Data.Coerce`? After all the interface could be provided by other compilers as well... Not only for Safe, but to avoid people having to import the mingle-mangle of `GHC.Exts`. -- Ticket URL: http://ghc.haskell.org/trac/ghc/ticket/8745#comment:3 GHC http://www.haskell.org/ghc/ The Glasgow Haskell Compiler