Commit 4356dacb authored by kanetw's avatar kanetw Committed by Austin Seipp

Forbid annotations when Safe Haskell safe mode is enabled.

For now, this fails compliation immediately with an error. If desired, this
can be a warning that annotations in Safe Haskell are ignored.
Signed-off-by: kanetw's avatarDavid Kraeutmann <kane@kane.cx>

Reviewed By: goldfire, austin

Differential Revision: https://phabricator.haskell.org/D1226

GHC Trac Issues: #10826
parent dbb4e415
...@@ -12,6 +12,8 @@ module TcAnnotations ( tcAnnotations, annCtxt ) where ...@@ -12,6 +12,8 @@ module TcAnnotations ( tcAnnotations, annCtxt ) where
#ifdef GHCI #ifdef GHCI
import {-# SOURCE #-} TcSplice ( runAnnotation ) import {-# SOURCE #-} TcSplice ( runAnnotation )
import Module import Module
import DynFlags
import Control.Monad ( when )
#endif #endif
import HsSyn import HsSyn
...@@ -47,7 +49,14 @@ tcAnnotation (L loc ann@(HsAnnotation _ provenance expr)) = do ...@@ -47,7 +49,14 @@ tcAnnotation (L loc ann@(HsAnnotation _ provenance expr)) = do
let target = annProvenanceToTarget mod provenance let target = annProvenanceToTarget mod provenance
-- Run that annotation and construct the full Annotation data structure -- Run that annotation and construct the full Annotation data structure
setSrcSpan loc $ addErrCtxt (annCtxt ann) $ runAnnotation target expr setSrcSpan loc $ addErrCtxt (annCtxt ann) $ do
-- See #10826 -- Annotations allow one to bypass Safe Haskell.
dflags <- getDynFlags
when (safeLanguageOn dflags) $ failWithTc safeHsErr
runAnnotation target expr
where
safeHsErr = vcat [ ptext (sLit "Annotations are not compatible with Safe Haskell.")
, ptext (sLit "See https://ghc.haskell.org/trac/ghc/ticket/10826") ]
annProvenanceToTarget :: Module -> AnnProvenance Name -> AnnTarget Name annProvenanceToTarget :: Module -> AnnProvenance Name -> AnnTarget Name
annProvenanceToTarget _ (ValueAnnProvenance (L _ name)) = NamedTarget name annProvenanceToTarget _ (ValueAnnProvenance (L _ name)) = NamedTarget name
......
...@@ -100,6 +100,15 @@ ...@@ -100,6 +100,15 @@
See <xref linkend="injective-ty-fams"/> for details. See <xref linkend="injective-ty-fams"/> for details.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Due to a <ulink href="https://ghc.haskell.org/trac/ghc/ticket/10826">
security issue
</ulink>, Safe Haskell now forbids annotations in programs marked as
<literal>-XSafe</literal>
</para>
</listitem>
</itemizedlist> </itemizedlist>
</sect3> </sect3>
......
...@@ -946,6 +946,12 @@ ...@@ -946,6 +946,12 @@
Wiki</ulink>. Wiki</ulink>.
</para> </para>
<para>
Additionally, the use of <link linkend="annotations">annotations</link>
is forbidden, as that would allow bypassing Safe Haskell restrictions.
See <ulink url="https://ghc.haskell.org/trac/ghc/ticket/10826">ticket #10826</ulink>.
</para>
</sect2> </sect2>
</sect1> </sect1>
......
{-# LANGUAGE Safe #-}
module Test (hook) where
import System.IO.Unsafe
{-# ANN hook (unsafePerformIO (putStrLn "Woops.")) #-}
hook = undefined
T10826.hs:6:1: error:
Annotations are not compatible with Safe Haskell.
See https://ghc.haskell.org/trac/ghc/ticket/10826
In the annotation:
{-# ANN hook (unsafePerformIO (putStrLn "Woops.")) #-}
...@@ -18,7 +18,7 @@ test('annfail10', req_interp, compile_fail, ['']) ...@@ -18,7 +18,7 @@ test('annfail10', req_interp, compile_fail, [''])
test('annfail11', normal, compile_fail, ['']) test('annfail11', normal, compile_fail, [''])
test('annfail12', req_interp, compile_fail, ['-v0']) test('annfail12', req_interp, compile_fail, ['-v0'])
test('annfail13', normal, compile_fail, ['']) test('annfail13', normal, compile_fail, [''])
test('T10826', normal, compile_fail, [''])
"""" """"
Helpful things to C+P: Helpful things to C+P:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment