Generalize read-only adaptation

 - Also adapt in type arguments, refinements, and function results
 - Also adapt to readonly if target is a mutable, read-only type

Author: odersky

compiler/src/dotty/tools/dotc/cc/CaptureSet.scala

@@ -136,6 +136,8 @@ sealed abstract class CaptureSet extends Showable:
   final def isReadOnly(using Context): Boolean =
     elems.forall(_.isReadOnly)
 
+  final def isAlwaysReadOnly(using Context): Boolean = isConst && isReadOnly
+
   final def isExclusive(using Context): Boolean =
     elems.exists(_.isExclusive)
 
@@ -1385,8 +1387,8 @@ object CaptureSet:
     def apply(t: Type) = mapOver(t)
 
     override def fuse(next: BiTypeMap)(using Context) = next match
-      case next: Inverse if next.inverse.getClass == getClass => assert(false); Some(IdentityTypeMap)
-      case next: NarrowingCapabilityMap if next.getClass == getClass => assert(false)
+      case next: Inverse if next.inverse.getClass == getClass => Some(IdentityTypeMap)
+      case next: NarrowingCapabilityMap if next.getClass == getClass => Some(this)
       case _ => None
 
     class Inverse extends BiTypeMap:
@@ -1395,8 +1397,8 @@ object CaptureSet:
       def inverse = NarrowingCapabilityMap.this
       override def toString = NarrowingCapabilityMap.this.toString ++ ".inverse"
       override def fuse(next: BiTypeMap)(using Context) = next match
-        case next: NarrowingCapabilityMap if next.inverse.getClass == getClass => assert(false); Some(IdentityTypeMap)
-        case next: NarrowingCapabilityMap if next.getClass == getClass => assert(false)
+        case next: NarrowingCapabilityMap if next.inverse.getClass == getClass => Some(IdentityTypeMap)
+        case next: NarrowingCapabilityMap if next.getClass == getClass => Some(this)
         case _ => None
 
     lazy val inverse = Inverse()

compiler/src/dotty/tools/dotc/cc/CheckCaptures.scala

@@ -1568,17 +1568,81 @@ class CheckCaptures extends Recheck, SymTransformer:
      *  to narrow to the read-only set, since that set can be propagated
      *  by the type variable instantiation.
      */
-    private def improveReadOnly(actual: Type, expected: Type)(using Context): Type = actual match
-      case actual @ CapturingType(parent, refs)
-      if parent.derivesFrom(defn.Caps_Mutable)
-          && expected.isValueType
-          && !expected.derivesFromMutable
-          && !expected.isSingleton
-          && !expected.isBoxedCapturing =>
-        actual.derivedCapturingType(parent, refs.readOnly)
-          .showing(i"improv ro $actual vs $expected = $result", capt)
+    private def improveReadOnly(actual: Type, expected: Type)(using Context): Type = reporting.trace(i"improv ro $actual vs $expected"):
+      actual.dealiasKeepAnnots match
+      case actual @ CapturingType(parent, refs) =>
+        val parent1 = improveReadOnly(parent, expected)
+        val refs1 =
+          if parent1.derivesFrom(defn.Caps_Mutable)
+              && expected.isValueType
+              && (!expected.derivesFromMutable || expected.captureSet.isAlwaysReadOnly)
+              && !expected.isSingleton
+              && actual.isBoxedCapturing == expected.isBoxedCapturing
+          then refs.readOnly
+          else refs
+        actual.derivedCapturingType(parent1, refs1)
+      case actual @ FunctionOrMethod(aargs, ares) =>
+        expected.dealias.stripCapturing match
+          case FunctionOrMethod(eargs, eres) =>
+            actual.derivedFunctionOrMethod(aargs, improveReadOnly(ares, eres))
+          case _ =>
+            actual
+      case actual @ AppliedType(atycon, aargs) =>
+        def improveArgs(aargs: List[Type], eargs: List[Type], formals: List[ParamInfo]): List[Type] =
+          aargs match
+            case aargs @ (aarg :: aargs1) =>
+              val aarg1 =
+                if formals.head.paramVariance.is(Covariant)
+                then improveReadOnly(aarg, eargs.head)
+                else aarg
+              aargs.derivedCons(aarg1, improveArgs(aargs1, eargs.tail, formals.tail))
+            case Nil =>
+              aargs
+        val expected1 = expected.dealias.stripCapturing
+        val esym = expected1.typeSymbol
+        expected1 match
+          case AppliedType(etycon, eargs) =>
+            if atycon.typeSymbol == esym then
+              actual.derivedAppliedType(atycon,
+                improveArgs(aargs, eargs, etycon.typeParams))
+            else if esym.isClass then
+              // This case is tricky: Try to lift actual to the base type with class `esym`,
+              // improve the resulting arguments, and figure out if anything can be
+              // deduced from that for the original arguments.
+              actual.baseType(esym) match
+                case base @ AppliedType(_, bargs) =>
+                  // If any of the base type arguments can be improved, check
+                  // whether they are the same as an original argument, and in this
+                  // case improve the original argument.
+                  val iargs = improveArgs(bargs, eargs, etycon.typeParams)
+                  if iargs ne bargs then
+                    val updates =
+                      for
+                        (barg, iarg) <- bargs.lazyZip(iargs)
+                        if barg ne iarg
+                        aarg <- aargs.find(_ eq barg)
+                      yield (aarg, iarg)
+                    if updates.nonEmpty then AppliedType(atycon, aargs.map(updates.toMap))
+                    else actual
+                  else actual
+                case _ => actual
+            else actual
+          case _ =>
+            actual
+      case actual @ RefinedType(aparent, aname, ainfo) =>
+        expected.dealias.stripCapturing match
+          case RefinedType(eparent, ename, einfo) if aname == ename =>
+            actual.derivedRefinedType(
+              improveReadOnly(aparent, eparent),
+              aname,
+              improveReadOnly(ainfo, einfo))
+          case _ =>
+            actual
+      case actual @ AnnotatedType(parent, ann) =>
+        actual.derivedAnnotatedType(improveReadOnly(parent, expected), ann)
       case _ =>
         actual
+    end improveReadOnly
 
     /* Currently not needed since it forms part of `adapt`
     private def improve(actual: Type, prefix: Type)(using Context): Type =

tests/neg-custom-args/captures/matrix.check

@@ -0,0 +1,32 @@
+-- Error: tests/neg-custom-args/captures/matrix.scala:27:10 ------------------------------------------------------------
+27 |  mul(m1, m2, m2) // error: will fail separation checking
+   |          ^^
+   |Separation failure: argument of type  Matrix^{m2.rd}
+   |to method mul: (x: Matrix^{cap.rd}, y: Matrix^{cap.rd}, z: Matrix^): Unit
+   |corresponds to capture-polymorphic formal parameter y of type  Matrix^{cap.rd}
+   |and hides capabilities  {m2.rd}.
+   |Some of these overlap with the captures of the third argument with type  (m2 : Matrix^).
+   |
+   |  Hidden set of current argument        : {m2.rd}
+   |  Hidden footprint of current argument  : {m2.rd}
+   |  Capture set of third argument         : {m2}
+   |  Footprint set of third argument       : {m2}
+   |  The two sets overlap at               : {m2}
+   |
+   |where:    cap is a fresh root capability created in method Test when checking argument to parameter y of method mul
+-- Error: tests/neg-custom-args/captures/matrix.scala:30:11 ------------------------------------------------------------
+30 |  mul1(m1, m2, m2) // error: will fail separation checking
+   |           ^^
+   |Separation failure: argument of type  Matrix^{m2.rd}
+   |to method mul1: (x: Matrix^{cap.rd}, y: Matrix^{cap.rd}, z: Matrix^): Unit
+   |corresponds to capture-polymorphic formal parameter y of type  Matrix^{cap.rd}
+   |and hides capabilities  {m2.rd}.
+   |Some of these overlap with the captures of the third argument with type  (m2 : Matrix^).
+   |
+   |  Hidden set of current argument        : {m2.rd}
+   |  Hidden footprint of current argument  : {m2.rd}
+   |  Capture set of third argument         : {m2}
+   |  Footprint set of third argument       : {m2}
+   |  The two sets overlap at               : {m2}
+   |
+   |where:    cap is a fresh root capability created in method Test when checking argument to parameter y of method mul1

tests/neg-custom-args/captures/matrix.scala

@@ -0,0 +1,36 @@
+import caps.Mutable
+import caps.cap
+
+trait Rdr[T]:
+  def get: T
+
+class Ref[T](init: T) extends Rdr[T], Mutable:
+  private var current = init
+  def get: T = current
+  mut def put(x: T): Unit = current = x
+
+abstract class IMatrix:
+  def apply(i: Int, j: Int): Double
+
+class Matrix(nrows: Int, ncols: Int) extends IMatrix, Mutable:
+  val arr = Array.fill(nrows, ncols)(0.0)
+  def apply(i: Int, j: Int): Double = arr(i)(j)
+  mut def update(i: Int, j: Int, x: Double): Unit = arr(i)(j) = x
+
+
+def mul(x: Matrix, y: Matrix, z: Matrix^): Unit = ???
+def mul1(x: Matrix^{cap.rd}, y: Matrix^{cap.rd}, z: Matrix^): Unit = ???
+
+def Test(c: Object^): Unit =
+  val m1 = Matrix(10, 10)
+  val m2 = Matrix(10, 10)
+  mul(m1, m2, m2) // error: will fail separation checking
+  mul(m1, m1, m2) // should be ok
+
+  mul1(m1, m2, m2) // error: will fail separation checking
+  mul(m1, m1, m2) // should be ok
+
+  def f2(): Matrix^ = Matrix(10, 10)
+
+  val i1: IMatrix^{cap.rd} = m1
+  val i2: IMatrix^{cap.rd} = f2()

tests/neg-custom-args/captures/ro-mut-conformance.check

@@ -0,0 +1,14 @@
+-- Error: tests/neg-custom-args/captures/ro-mut-conformance.scala:8:4 --------------------------------------------------
+8 |  a.set(42)  // error
+  |  ^^^^^
+  |  cannot call update method set from (a : Ref),
+  |  since its capture set {a} is read-only
+-- [E007] Type Mismatch Error: tests/neg-custom-args/captures/ro-mut-conformance.scala:10:21 ---------------------------
+10 |  val t: Ref^{cap} = a  // error
+   |                     ^
+   |                     Found:    (a : Ref)
+   |                     Required: Ref^
+   |
+   |                     where:    ^ refers to a fresh root capability in the type of value t
+   |
+   | longer explanation available when compiling with `-explain`

tests/neg-custom-args/captures/ro-mut-conformance.scala

@@ -0,0 +1,11 @@
+import language.experimental.captureChecking
+import caps.*
+class Ref extends Mutable:
+  private var _data: Int = 0
+  def get: Int = _data
+  mut def set(x: Int): Unit = _data = x
+def test1(a: Ref^{cap.rd}): Unit =
+  a.set(42)  // error
+def test2(a: Ref^{cap.rd}): Unit =
+  val t: Ref^{cap} = a  // error
+  t.set(42)

tests/pos-custom-args/captures/deep-adapt.scala

@@ -0,0 +1,23 @@
+import caps.Mutable
+import caps.cap
+
+trait Rdr[T]:
+  def get: T
+
+class Ref[T](init: T) extends Rdr[T], Mutable:
+  private var current = init
+  def get: T = current
+  mut def put(x: T): Unit = current = x
+
+case class Pair[+A, +B](x: A, y: B)
+class Swap[+A, +B](x: A, y: B) extends Pair[B, A](y, x)
+
+def Test(c: Object^): Unit =
+  val refs = List(Ref(1), Ref(2))
+  val rdrs: List[Ref[Int]^{cap.rd}] = refs
+  val rdrs2: Seq[Ref[Int]^{cap.rd}] = refs
+
+  val swapped = Swap(Ref(1), Ref("hello"))
+  val _: Swap[Ref[Int]^{cap.rd}, Ref[String]^{cap.rd}] = swapped
+  val _: Pair[Ref[String]^{cap.rd}, Ref[Int]^{cap.rd}] @unchecked = swapped
+

tests/pos-custom-args/captures/matrix.scala

@@ -1,6 +1,5 @@
 import caps.Mutable
 import caps.cap
-import language.`3.7` // fails separation checking right now
 
 trait Rdr[T]:
   def get: T
@@ -25,10 +24,7 @@ def mul1(x: Matrix^{cap.rd}, y: Matrix^{cap.rd}, z: Matrix^): Unit = ???
 def Test(c: Object^): Unit =
   val m1 = Matrix(10, 10)
   val m2 = Matrix(10, 10)
-  mul(m1, m2, m2) // error: will fail separation checking
   mul(m1, m1, m2) // should be ok
-
-  mul1(m1, m2, m2) // error: will fail separation checking
   mul(m1, m1, m2) // should be ok
 
   def f2(): Matrix^ = Matrix(10, 10)