Changes to Mutable #24352
Open
Changes to Mutable #24352
+1,067
−294
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
odersky
force-pushed
the
drop-mutable-classifier
branch
from
d8ec775 to
676b85f
Compare
1. Mutable and ExclsuiveCapability are not longer classifiers. This means
Mutable classes can capture other capabilities. Red is still a classifier.
2. Update methods in nested classes can access exclsuive capabilities external
to enclosing classes.
- Allow to charge read-only set on unboxing (previously it was always the exclusive set that was charged). - Treat also methods outside Mutable types as read-only members. Previously we charged read-only when calling a read-only method of a mutable type, but not when calling an inherited method such as `eq`. - Use the same criterion for read-only everywhere. - Distinguish between read- and write-accesses to mutable fields.
…hecking We do get sometimes capabilities like `async.rd` where `async` is shared. It does not look straightforward to prevent that, so instead we count async.rd as shared if async is.
odersky
force-pushed
the
drop-mutable-classifier
branch
from
2bc9435 to
d40f1f9
Compare
We need a way to distinguish C^{} and C^{cap} when printing. We
print C^{cap} as C is C is a capability class.
This fix removed quite a few spurious error notes.
Contributor
|
I am playing with this PR, and found the following code compile: import language.experimental.captureChecking
import language.experimental.separationChecking
import caps.*
class Logger extends SharedCapability, Mutable: // (1) does this make sense?
private var _state: Int = 0
update def log(msg: String): Unit = ()
def onlyShared(x: Object^{cap.only[SharedCapability]}): Unit = ()
def main(): Unit =
onlyShared(Logger()) // even if we allow (1), why would this type check?
val t: Logger^{} = Logger() // and this type checks too, thus the above line I guess
|
Contributor
Author
|
We currently have deep problems with Mutables carrying the empty capture set. I am trying to fix them but it turns out it's not easy. Also, no probably combining SharedCapability and Mutable should be forbidden. |
Contributor
|
Another example: import language.experimental.captureChecking
import language.experimental.separationChecking
import caps.*
class Logger extends SharedCapability:
def log(msg: String): Unit = ()
class TracedRef(logger: Logger^{cap.only[SharedCapability]}) extends Mutable:
private var _data: Int = 0
update def set(newValue: Int): Unit =
logger.log("set")
_data = newValue
def get: Int =
logger.log("get") // error, but should it be allowed?
_dataRight now using a shared capability in a non-update method inside a |
Contributor
This might be conflicting, since it would mean a However from a practical point of view I agree we should exempt this case |
Needed to invalidate the relation
C^{} <: C^
for Mutable types C
odersky
force-pushed
the
drop-mutable-classifier
branch
from
5bbca48 to
a737c80
Compare
odersky
force-pushed
the
drop-mutable-classifier
branch
from
bdecf4b to
acf9df6
Compare
- New section in separation checking doc page - Slight generalization of expectsReadOnly - Lots of tests variations of scala#24373
odersky
force-pushed
the
drop-mutable-classifier
branch
from
acf9df6 to
e853b59
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Mutable and ExclsuiveCapability are not longer classifiers. This means Mutable classes can capture other capabilities. Read is still a classifier.
Update methods in nested classes can access exclusive capabilities external to enclosing classes.