- 
                Notifications
    You must be signed in to change notification settings 
- Fork 1.1k
Exclusive capabilities 3rd attempt #22588
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
| @bracevac You told me this morning you triggered another run of this PR, I don't see it (I just see my three attempts). | 
| It could be a resource problem, that some resource is exhausted and then compilation becomes a lot slower. Two characteristics of this PR make it more likely: 
 | 
992f46e    to
    ffcb4c9      
    Compare
  
    When printing a type `C^` where `C` extends `Capability`, don't show the `^`. This is overridden under -Yprint-debug.
 - Add Mutable trait and mut modifier.
 - Add dedicated tests `isMutableVar` and `isMutableVarOrAccessor`
   so that update methods can share the same flag `Mutable` with mutable vars.
 - Disallow update methods overriding normal methods
 - Disallow update methods which are not members of classes extending Mutable
 - Add design document from papers repo to docs/internals
 - Add readOnly capabilities
 - Implement raeadOnly access
 - Check that update methods are only called on references with exclusive capture sets.
 - Use cap.rd as default capture set of Capability subtypes
 - Make Mutable a Capability, this means Mutable class references get {cap.rd} as
   default capture set.
 - Use {cap} as captu
    ….toCap If existentials are mapped to fresh, it matters where they are opened. Pure or not arguments don't have anything to do with that.
These are represented as Fresh.Cap(hidden) where hidden is the set of
capabilities subsumed by a fresh. The underlying representation is as
an annotated type `T @annotation.internal.freshCapability`.
Require -source `3.7` for caps to be converted to Fresh.Cap
Also:
 - Refacture and document CaputureSet
 - Make SimpleIdentitySets showable
 - Refactor VarState
    - Drop Frozen enum
    - Make VarState subclasses inner classes of companion object
    - Rename them
    - Give implicit parameter VarState of subCapture method a default value
 - Fix printing of capturesets containing cap and some other capability
 - Revise handing of @uncheckedAnnotation
    Check separation from source 3.7 on. We currently only check applications, other areas of separation checking are still to be implemented.
Check that a capability that gets hidden in the (result-)type of some definition is not used afterwards in the same or a nested scope.
When checking whether two items overlap we should always check their deep capture sets. Buried aliases should count as well.
This is necessary since capability sets are IdentitySets.
Downgrade to -source 3.6 to turn it off.
Allow them only in @consume methods
Also: Fixes to computations of overlapWith and -- on Refs that take account of pathss, where shorter paths cover deeper ones.
This partially reverts commit 7b3d3f4. It looks like this fixes the problems we had with CI timeouts as well.
ffcb4c9    to
    2f32cf9      
    Compare
  
    | Superseded by #22539 | 
This is based on #22588 and contains changes to make product types containing fresh entities work (at least in simple cases). There's a neat combination with both path capabilities and reach capabilities which makes this work. In short, if we have ```scala class Ref { var current: Int } case class Pair[+A, +B](fst: A, snd: B) ``` then we can form a `Pair[Ref^, Ref^]`: ```scala val r1 = Ref() val r2 = Ref() val p_exact: Pair[Ref^{r1}, Ref^{r2}] = Pair(r1, r2) val p: Pair[Ref^, Ref^] = p_exact ``` And if `p` has this type, then we can also take it apart: ```scala val x = p.fst val y = p.snd ``` With types added, this is ```scala val x: Ref^{p.fst*} = p.fst val y: Ref^{p.snd*} = p.snd ``` That is, we can get at the position of the boxed first element with `p.fst` and we can access what's in the box via `p.fst*`. Furthermore, `p.fst*` is known to be separate from `p.snd*`, so this means we can form another pair from them: ```scala val p2: Pair[Ref^, Ref^] = Pair(x, y) ``` In short, separation is preserved by forming products and taking them apart. It took quite a bit of work to get there.
Cherry-picked exclusive capabilities PR and fixes on top of main.
We should use this as a basis for experiments to find the root issue for the CI timeouts. We should merge only if all merge tests are green (last time it was test-non-bootstrapped that failed).