That would be an optimistic model of stm. but I think STM isn’t actually optimistic in haskell.
Indeed the docs say “The STM implementation will abort transactions that are known to be invalid and need to be restarted. This may happen in the middle of unsafeIOToSTM, so make sure you don’t acquire any resources that need releasing (exception handlers are ignored when aborting the transaction). That includes doing any IO using Handles, for example. Getting this wrong will probably lead to random deadlocks.”.
Unlike what is described in the initial STM papers, STM stops threads dead in their tracks if they are inconsistent or rolled-back on every “validation” which occurs on every GC, whether or not they finish. This is necessary because otherwise transactions might get stuck in a loop due to an inconsistent state.
So I think in some sense the “safe” operations to unsafeIOToSTM would be those which are guaranteed to not be only “partway done” when a GC kicks off. But I think GCs can occur at just about any point in time, so, I suppose they’re also those which if they are stopped at any point at all, its fine.