Improve verification for store_borrow

Add ScopedAddressOperand and ScopedAddressValue abstraction utilities
Introduce verification for store_borrow to validate its uses are correctly enclosed in their scope.

Include end_borrow/end_access as implicit uses while validating a borrow introducer

Add flow sensitive verifier rule for store_borrow/end_borrow pair

Make sure store_borrow is always to an alloc_stack

Make sure uses to store borrow location are via its return address only

Author: meg-gupta

include/swift/SIL/ScopedAddressUtils.h

@@ -0,0 +1,105 @@
+//===--- ScopedAddressUtils.h ---------------------------------------------===//
+//
+// This source file is part of the Swift.org open source project
+//
+// Copyright (c) 2014 - 2018 Apple Inc. and the Swift project authors
+// Licensed under Apache License v2.0 with Runtime Library Exception
+//
+// See https://swift.org/LICENSE.txt for license information
+// See https://swift.org/CONTRIBUTORS.txt for the list of Swift project authors
+//
+//===----------------------------------------------------------------------===//
+
+#ifndef SWIFT_SIL_SCOPEDADDRESSUTILS_H
+#define SWIFT_SIL_SCOPEDADDRESSUTILS_H
+
+#include "swift/Basic/Debug.h"
+#include "swift/Basic/LLVM.h"
+#include "swift/SIL/PrunedLiveness.h"
+#include "swift/SIL/SILBasicBlock.h"
+#include "swift/SIL/SILInstruction.h"
+#include "swift/SIL/SILValue.h"
+
+namespace swift {
+
+class ScopedAddressValueKind {
+public:
+  enum Kind : uint8_t {
+    Invalid = 0,
+    StoreBorrow,
+    BeginAccess,
+  };
+
+private:
+  Kind value;
+
+public:
+  static ScopedAddressValueKind get(SILValue value) {
+    switch (value->getKind()) {
+    default:
+      return Kind::Invalid;
+    case ValueKind::StoreBorrowInst:
+      return Kind::StoreBorrow;
+    case ValueKind::BeginAccessInst:
+      return Kind::BeginAccess;
+    }
+  }
+
+  ScopedAddressValueKind(Kind newValue) : value(newValue) {}
+
+  operator Kind() const { return value; }
+
+  void print(llvm::raw_ostream &os) const;
+  SWIFT_DEBUG_DUMP { print(llvm::dbgs()); }
+};
+
+llvm::raw_ostream &operator<<(llvm::raw_ostream &os,
+                              ScopedAddressValueKind kind);
+
+struct ScopedAddressValue {
+  SILValue value;
+  ScopedAddressValueKind kind = ScopedAddressValueKind::Invalid;
+
+  ScopedAddressValue() = default;
+
+  explicit ScopedAddressValue(SILValue value) {
+    kind = ScopedAddressValueKind::get(value);
+    if (kind)
+      this->value = value;
+  }
+
+  operator bool() const {
+    return kind != ScopedAddressValueKind::Invalid && value;
+  }
+
+  void print(llvm::raw_ostream &os) const;
+  SWIFT_DEBUG_DUMP { print(llvm::dbgs()); }
+
+  // Helpers to allow a ScopedAddressValue to easily be used as a SILValue
+  // programatically.
+  SILValue operator->() { return value; }
+  SILValue operator->() const { return value; }
+  SILValue operator*() { return value; }
+  SILValue operator*() const { return value; }
+
+  /// Returns true if \p op is a scope edning use of the scoped address value.
+  bool isScopeEndingUse(Operand *op) const;
+  /// Pass all scope ending instructions to the visitor.
+  bool visitScopeEndingUses(function_ref<bool(Operand *)> visitor) const;
+  /// Returns false, if liveness cannot be computed due to pointer escape or
+  /// unkown address use. Add this scope's live blocks into the PrunedLiveness
+  /// result.
+  bool computeLiveness(PrunedLiveness &liveness) const;
+};
+
+llvm::raw_ostream &operator<<(llvm::raw_ostream &os,
+                              const ScopedAddressValue &value);
+
+/// Returns true if there are other store_borrows enclosed within a store_borrow
+/// \p sbi's scope
+bool hasOtherStoreBorrowsInLifetime(StoreBorrowInst *sbi,
+                                    PrunedLiveness *liveness,
+                                    DeadEndBlocks *deadEndBlocks);
+} // namespace swift
+
+#endif

lib/SIL/Utils/CMakeLists.txt

@@ -14,6 +14,7 @@ target_sources(swiftSIL PRIVATE
   PrettyStackTrace.cpp
   Projection.cpp
   PrunedLiveness.cpp
+  ScopedAddressUtils.cpp
   SILBridging.cpp
   SILInstructionWorklist.cpp
   SILRemarkStreamer.cpp

lib/SIL/Utils/OwnershipUtils.cpp

@@ -20,6 +20,7 @@
 #include "swift/SIL/Projection.h"
 #include "swift/SIL/PrunedLiveness.h"
 #include "swift/SIL/SILArgument.h"
+#include "swift/SIL/SILBuilder.h"
 #include "swift/SIL/SILInstruction.h"
 
 using namespace swift;

lib/SIL/Utils/ScopedAddressUtils.cpp

@@ -0,0 +1,172 @@
+//===--- ScopedAddressUtils.cpp -------------------------------------------===//
+//
+// This source file is part of the Swift.org open source project
+//
+// Copyright (c) 2014 - 2018 Apple Inc. and the Swift project authors
+// Licensed under Apache License v2.0 with Runtime Library Exception
+//
+// See https://swift.org/LICENSE.txt for license information
+// See https://swift.org/CONTRIBUTORS.txt for the list of Swift project authors
+//
+//===----------------------------------------------------------------------===//
+
+#include "swift/SIL/ScopedAddressUtils.h"
+#include "swift/SIL/OwnershipUtils.h"
+#include "swift/SIL/PrunedLiveness.h"
+#include "swift/SIL/SILArgument.h"
+#include "swift/SIL/SILBuilder.h"
+#include "swift/SIL/SILInstruction.h"
+
+using namespace swift;
+
+void ScopedAddressValueKind::print(llvm::raw_ostream &os) const {
+  switch (value) {
+  case ScopedAddressValueKind::Invalid:
+    llvm_unreachable("Using invalid case?!");
+  case ScopedAddressValueKind::StoreBorrow:
+    os << "StoreBorrow";
+    return;
+  case ScopedAddressValueKind::BeginAccess:
+    os << "BeginAccess";
+    return;
+  }
+  llvm_unreachable("Covered switch isn't covered?!");
+}
+
+llvm::raw_ostream &swift::operator<<(llvm::raw_ostream &os,
+                                     ScopedAddressValueKind kind) {
+  kind.print(os);
+  return os;
+}
+
+bool ScopedAddressValue::isScopeEndingUse(Operand *op) const {
+  switch (kind) {
+  case ScopedAddressValueKind::Invalid:
+    llvm_unreachable("Using invalid case?!");
+  case ScopedAddressValueKind::StoreBorrow: {
+    if (auto *endBorrow = dyn_cast<EndBorrowInst>(op->getUser())) {
+      return endBorrow->getOperand() == value;
+    }
+    return false;
+  }
+  case ScopedAddressValueKind::BeginAccess: {
+    if (auto *endAccess = dyn_cast<EndAccessInst>(op->getUser())) {
+      return endAccess->getOperand() == value;
+    }
+    return false;
+  }
+  }
+}
+
+bool ScopedAddressValue::visitScopeEndingUses(
+    function_ref<bool(Operand *)> visitor) const {
+  switch (kind) {
+  case ScopedAddressValueKind::Invalid:
+    llvm_unreachable("Using invalid case?!");
+  case ScopedAddressValueKind::StoreBorrow: {
+    for (auto *use : value->getUses()) {
+      if (isa<EndBorrowInst>(use->getUser())) {
+        if (!visitor(use))
+          return false;
+      }
+    }
+    return true;
+  }
+  case ScopedAddressValueKind::BeginAccess: {
+    for (auto *use : value->getUses()) {
+      if (isa<EndAccessInst>(use->getUser())) {
+        if (!visitor(use))
+          return false;
+      }
+    }
+    return true;
+  }
+  }
+}
+
+bool ScopedAddressValue::computeLiveness(PrunedLiveness &liveness) const {
+  auto addressKind = findTransitiveUsesForAddress(value);
+  if (addressKind != AddressUseKind::NonEscaping) {
+    return false;
+  }
+
+  liveness.initializeDefBlock(value->getParentBlock());
+  visitScopeEndingUses([&](Operand *endOp) {
+    liveness.updateForUse(endOp->getUser(), /* isLifetimeEnding */ true);
+    return true;
+  });
+  return true;
+}
+
+void ScopedAddressValue::createScopeEnd(SILBasicBlock::iterator insertPt,
+                                        SILLocation loc) const {
+  switch (kind) {
+  case ScopedAddressValueKind::StoreBorrow: {
+    SILBuilderWithScope(insertPt).createEndBorrow(loc, value);
+    return;
+  }
+  case ScopedAddressValueKind::BeginAccess: {
+    SILBuilderWithScope(insertPt).createEndAccess(loc, value, false);
+    return;
+  }
+  case ScopedAddressValueKind::Invalid:
+    llvm_unreachable("Using invalid case?!");
+  }
+}
+
+void ScopedAddressValue::endScopeAtLivenessBoundary(
+    PrunedLiveness *liveness) const {
+  // If no users exist, create scope ending instruction immediately after the
+  // scoped address value.
+  if (liveness->empty()) {
+    createScopeEnd(value->getNextInstruction()->getIterator(),
+                   RegularLocation::getAutoGeneratedLocation());
+    return;
+  }
+
+  PrunedLivenessBoundary scopedAddressBoundary;
+  scopedAddressBoundary.compute(*liveness);
+  // Go over the boundary and create scope ending instructions.
+  scopedAddressBoundary.visitInsertionPoints(
+      [&](SILBasicBlock::iterator insertPt) {
+        createScopeEnd(insertPt, RegularLocation::getAutoGeneratedLocation());
+      });
+}
+
+bool swift::hasOtherStoreBorrowsInLifetime(StoreBorrowInst *storeBorrow,
+                                           PrunedLiveness *liveness,
+                                           DeadEndBlocks *deadEndBlocks) {
+  SmallVector<StoreBorrowInst *, 4> otherStoreBorrows;
+  // Collect all other store_borrows to the destination of \p storeBorrow
+  for (auto *destUse : storeBorrow->getDest()->getUses()) {
+    if (auto *user = dyn_cast<StoreBorrowInst>(destUse->getUser())) {
+      if (user == storeBorrow) {
+        continue;
+      }
+      otherStoreBorrows.push_back(user);
+    }
+  }
+
+  for (auto *otherStoreBorrow : otherStoreBorrows) {
+    // Return true, if otherStoreBorrow was in \p storeBorrow's scope
+    if (liveness->isWithinBoundaryOfDef(otherStoreBorrow, storeBorrow)) {
+      return true;
+    }
+  }
+  return false;
+}
+
+void ScopedAddressValue::print(llvm::raw_ostream &os) const {
+  os << "ScopedAddressIntroducingValue:\n"
+        "Kind: "
+     << kind
+     << "\n"
+        "Value: "
+     << value;
+}
+
+llvm::raw_ostream &swift::operator<<(llvm::raw_ostream &os,
+                                     const ScopedAddressValue &value) {
+  value.print(os);
+  return os;
+}

lib/SIL/Verifier/MemoryLifetimeVerifier.cpp

@@ -274,11 +274,11 @@ void MemoryLifetimeVerifier::requireBitsSet(const Bits &bits, SILValue addr,
   }
 }
 
-void MemoryLifetimeVerifier::requireNoStoreBorrowLocation(SILValue addr,
-                                                  SILInstruction *where) {
-  if (isStoreBorrowLocation(addr)) {
+void MemoryLifetimeVerifier::requireNoStoreBorrowLocation(
+    SILValue addr, SILInstruction *where) {
+  if (isa<StoreBorrowInst>(addr)) {
     reportError("store-borrow location cannot be written",
-                locations.getLocation(addr)->selfAndParents.find_first(), where);
+                locations.getLocationIdx(addr), where);
   }
 }
 

lib/SIL/Verifier/SILOwnershipVerifier.cpp

@@ -38,6 +38,7 @@
 #include "swift/SIL/SILModule.h"
 #include "swift/SIL/SILVTable.h"
 #include "swift/SIL/SILVisitor.h"
+#include "swift/SIL/ScopedAddressUtils.h"
 #include "swift/SIL/TypeLowering.h"
 
 #include "llvm/ADT/DenseSet.h"
@@ -363,6 +364,14 @@ bool SILValueOwnershipChecker::gatherUsers(
         reborrowVerifier.verifyReborrows(scopedOperand, value);
       }
 
+      if (auto *svi = dyn_cast<SingleValueInstruction>(op->getUser())) {
+        if (auto scopedAddress = ScopedAddressValue(svi)) {
+          scopedAddress.visitScopeEndingUses([&](Operand *endOp) {
+            nonLifetimeEndingUsers.push_back(endOp);
+            return true;
+          });
+        }
+      }
       // Next see if our use is an interior pointer operand. If we have an
       // interior pointer, we need to add all of its address uses as "implicit
       // regular users" of our consumed value.