9 Sep
2008
9 Sep
'08
9:36 a.m.
Ryan Ingram wrote:
If the function isn't pure, you need to do a lot more proofs to assure that this is safe. In particular, the function must be able to be called with invalid input. If you are confident that this is the case, you can use unsafeIOToSTM to convert a call to that function into an STM primitive.
...not only must it be safe to be called with invalid inputs, but it most not have any long-term effects, whether the input is valid or invalid, since I do not believe that there is any way for the function to 'undo' its effect at 'retry' time. Jules