Introduce safety checkin for ConcurrentValue conformance.

Introduce checking of ConcurrentValue conformances:
- For structs, check that each stored property conforms to ConcurrentValue
- For enums, check that each associated value conforms to ConcurrentValue
- For classes, check that each stored property is immutable and conforms
  to ConcurrentValue

Because all of the stored properties / associated values need to be
visible for this check to work, limit ConcurrentValue conformances to
be in the same source file as the type definition.

This checking can be disabled by conforming to a new marker protocol,
UnsafeConcurrentValue, that refines ConcurrentValue.
UnsafeConcurrentValue otherwise his no specific meaning. This allows
both "I know what I'm doing" for types that manage concurrent access
themselves as well as enabling retroactive conformance, both of which
are fundamentally unsafe but also quite necessary.

The bulk of this change ended up being to the standard library, because
all conformances of standard library types to the ConcurrentValue
protocol needed to be sunk down into the standard library so they
would benefit from the checking above. There were numerous little
mistakes in the initial pass through the stsandard library types that
have now been corrected.

Author: DougGregor

include/swift/AST/DiagnosticsSema.def

@@ -4319,6 +4319,17 @@ WARNING(non_concurrent_function_type,none,
         "`@concurrent` %select{function type|closure}0 has "
         "non-concurrent-value %select{parameter|result}1 type %2",
         (bool, bool, Type))
+ERROR(non_concurrent_type_member,none,
+      "%select{stored property %1|associated value %1}0 of "
+      "'ConcurrentValue'-conforming %2 %3 has non-concurrent-value type %4",
+      (bool, DeclName, DescriptiveDeclKind, DeclName, Type))
+ERROR(concurrent_value_class_mutable_property,none,
+      "stored property %0 of 'ConcurrentValue'-conforming %1 %2 is mutable",
+      (DeclName, DescriptiveDeclKind, DeclName))
+ERROR(concurrent_value_outside_source_file,none,
+      "conformance 'ConcurrentValue' must occur in the same source file as "
+      "%0 %1; use 'UnsafeConcurrentValue' for retroactive conformance",
+      (DescriptiveDeclKind, DeclName))
 
 ERROR(actorindependent_let,none,
       "'@actorIndependent' is meaningless on 'let' declarations because "

include/swift/AST/KnownProtocols.def

@@ -81,6 +81,7 @@ PROTOCOL(Encodable)
 PROTOCOL(Decodable)
 
 PROTOCOL(ConcurrentValue)
+PROTOCOL(UnsafeConcurrentValue)
 
 PROTOCOL_(ObjectiveCBridgeable)
 PROTOCOL_(DestructorSafeContainer)

lib/IRGen/GenMeta.cpp

@@ -5139,6 +5139,7 @@ SpecialProtocol irgen::getSpecialProtocolID(ProtocolDecl *P) {
   case KnownProtocolKind::FloatingPoint:
   case KnownProtocolKind::Actor:
   case KnownProtocolKind::ConcurrentValue:
+  case KnownProtocolKind::UnsafeConcurrentValue:
     return SpecialProtocol::None;
   }
 

lib/Sema/TypeCheckConcurrency.cpp

@@ -2429,3 +2429,68 @@ static bool shouldDiagnoseExistingDataRaces(const DeclContext *dc) {
 
   return false;
 }
+
+void swift::checkConcurrentValueConformance(ProtocolConformance *conformance) {
+  auto conformanceDC = conformance->getDeclContext();
+  auto nominal = conformance->getType()->getAnyNominal();
+  if (!nominal)
+    return;
+
+  // Actors implicitly conform to ConcurrentValue and protect their state.
+  auto classDecl = dyn_cast<ClassDecl>(nominal);
+  if (classDecl && classDecl->isActor())
+    return;
+
+  // ConcurrentValue can only be used in the same source file.
+  auto conformanceDecl = conformanceDC->getAsDecl();
+  if (!conformanceDC->getParentSourceFile() ||
+      conformanceDC->getParentSourceFile() != nominal->getParentSourceFile()) {
+    conformanceDecl->diagnose(
+        diag::concurrent_value_outside_source_file,
+        nominal->getDescriptiveKind(), nominal->getName());
+    return;
+  }
+
+  // Stored properties of structs and classes must have
+  // ConcurrentValue-conforming types.
+  if (isa<StructDecl>(nominal) || classDecl) {
+    for (auto property : nominal->getStoredProperties()) {
+      if (classDecl && property->supportsMutation()) {
+        property->diagnose(diag::concurrent_value_class_mutable_property, property->getName(), nominal->getDescriptiveKind(),
+            nominal->getName());
+        continue;
+      }
+
+      auto propertyType =
+          conformanceDC->mapTypeIntoContext(property->getInterfaceType());
+      if (!isConcurrentValueType(conformanceDC, propertyType)) {
+        property->diagnose(
+            diag::non_concurrent_type_member, false, property->getName(),
+            nominal->getDescriptiveKind(), nominal->getName(), propertyType);
+        continue;
+      }
+    }
+
+    return;
+  }
+
+  // Associated values of enum cases must have ConcurrentValue-conforming
+  // types.
+  if (auto enumDecl = dyn_cast<EnumDecl>(nominal)) {
+    for (auto caseDecl : enumDecl->getAllCases()) {
+      for (auto element : caseDecl->getElements()) {
+        if (!element->hasAssociatedValues())
+          continue;
+        
+        auto elementType = conformanceDC->mapTypeIntoContext(
+            element->getArgumentInterfaceType());
+        if (!isConcurrentValueType(conformanceDC, elementType)) {
+          element->diagnose(
+              diag::non_concurrent_type_member, true, element->getName(),
+              nominal->getDescriptiveKind(), nominal->getName(), elementType);
+          continue;
+        }
+      }
+    }
+  }
+}

lib/Sema/TypeCheckConcurrency.h

@@ -36,6 +36,7 @@ class Expr;
 class FuncDecl;
 class Initializer;
 class PatternBindingDecl;
+class ProtocolConformance;
 class TopLevelCodeDecl;
 class TypeBase;
 class ValueDecl;
@@ -242,6 +243,9 @@ bool diagnoseNonConcurrentTypesInFunctionType(
     const AnyFunctionType *fnType, const DeclContext *dc, SourceLoc loc,
     bool isClosure);
 
+/// Check the correctness of the given ConcurrentValue conformance.
+void checkConcurrentValueConformance(ProtocolConformance *conformance);
+
 } // end namespace swift
 
 #endif /* SWIFT_SEMA_TYPECHECKCONCURRENCY_H */

lib/Sema/TypeCheckProtocol.cpp

@@ -5590,6 +5590,8 @@ void TypeChecker::checkConformancesInContext(IterableDeclContext *idc) {
   auto &Context = dc->getASTContext();
   MultiConformanceChecker groupChecker(Context);
 
+  ProtocolConformance *concurrentValueConformance = nullptr;
+  ProtocolConformance *unsafeConcurrentValueConformance = nullptr;
   bool anyInvalid = false;
   for (auto conformance : conformances) {
     // Check and record normal conformances.
@@ -5610,14 +5612,24 @@ void TypeChecker::checkConformancesInContext(IterableDeclContext *idc) {
       }
     }
 
-    if (conformance->getProtocol()->
-          isSpecificProtocol(KnownProtocolKind::StringInterpolationProtocol)) {
+    auto proto = conformance->getProtocol();
+    if (proto->isSpecificProtocol(
+            KnownProtocolKind::StringInterpolationProtocol)) {
       if (auto typeDecl = dc->getSelfNominalTypeDecl()) {
         diagnoseMissingAppendInterpolationMethod(typeDecl);
       }
+    } else if (proto->isSpecificProtocol(KnownProtocolKind::ConcurrentValue)) {
+      concurrentValueConformance = conformance;
+    } else if (proto->isSpecificProtocol(
+                   KnownProtocolKind::UnsafeConcurrentValue)) {
+      unsafeConcurrentValueConformance = conformance;
     }
   }
 
+  // Check constraints of ConcurrentValue.
+  if (concurrentValueConformance && !unsafeConcurrentValueConformance)
+    checkConcurrentValueConformance(concurrentValueConformance);
+
   // Check all conformances.
   groupChecker.checkAllConformances();
 

stdlib/public/core/Array.swift

@@ -1984,3 +1984,5 @@ internal struct _ArrayAnyHashableBox<Element: Hashable>
     return true
   }
 }
+
+extension Array: ConcurrentValue where Element: ConcurrentValue { }

stdlib/public/core/ArrayBuffer.swift

@@ -673,3 +673,6 @@ extension _ArrayBuffer {
   }
 }
 #endif
+
+extension _ArrayBuffer: ConcurrentValue, UnsafeConcurrentValue
+  where Element: ConcurrentValue { }

stdlib/public/core/ArraySlice.swift

@@ -1516,3 +1516,6 @@ extension ArraySlice {
         shiftedToStartIndex: _startIndex))
   }
 }
+
+extension ArraySlice: ConcurrentValue, UnsafeConcurrentValue
+  where Element: ConcurrentValue { }

stdlib/public/core/Bool.swift

@@ -61,7 +61,7 @@
 /// that functions, methods, and properties imported from C and Objective-C
 /// have a consistent type interface.
 @frozen
-public struct Bool {
+public struct Bool: ConcurrentValue {
   @usableFromInline
   internal var _value: Builtin.Int1