LifetimeDependenceDiagnostics: check for on-stack trivial copies

atrick · atrick · commit 72b02eab169e · 2025-09-10T20:59:19.000-07:00
Add a diagnostic to catch addressable dependencies on a trivial values that have
been copied to a temporary stack location. SILGen should never copy the source
of an addressable dependency to a temporary stack location, but this diagnostic
catches such compiler bugs rather than allowing miscompilation.

Fixes rdar://159680262 ([nonescapable] diagnose dependence on a temporary copy
of a global array)
diff --git a/SwiftCompilerSources/Sources/Optimizer/Utilities/LifetimeDependenceUtils.swift b/SwiftCompilerSources/Sources/Optimizer/Utilities/LifetimeDependenceUtils.swift
@@ -456,7 +456,7 @@ extension LifetimeDependence.Scope {
       }
       let address = initializer.initialAddress
       if address.type.objectType.isTrivial(in: address.parentFunction) {
-        return nil
+        return LifetimeDependence.Scope.computeAddressableRange(initializer: initializer, context)
       }
       return LifetimeDependence.Scope.computeInitializedRange(initializer: initializer, context)
     case let .unknown(value):
@@ -503,6 +503,39 @@ extension LifetimeDependence.Scope {
     }
     return range
   }
+
+  // For trivial values, compute the range in which the value may have its address taken.
+  // Returns nil unless the address has both an addressable parameter use and a dealloc_stack use.
+  private static func computeAddressableRange(initializer: AccessBase.Initializer, _ context: Context)
+    -> InstructionRange? {
+    switch initializer {
+    case .argument, .yield:
+      return nil
+    case let .store(initializingStore, initialAddr):
+      guard initialAddr is AllocStackInst else {
+        return nil
+      }
+      var isAddressable = false
+      var deallocInst: DeallocStackInst?
+      for use in initialAddr.uses {
+        let inst = use.instruction
+        switch inst {
+        case let apply as ApplyInst:
+          isAddressable = isAddressable || apply.isAddressable(operand: use)
+        case let dealloc as DeallocStackInst:
+          deallocInst = dealloc
+        default:
+          break
+        }
+      }
+      guard let deallocInst = deallocInst, isAddressable else {
+        return nil
+      }
+      var range = InstructionRange(begin: initializingStore, context)
+      range.insert(deallocInst)
+      return range
+    }
+  }
 }
 
 // =============================================================================
diff --git a/test/SILOptimizer/lifetime_dependence/verify_diagnostics.sil b/test/SILOptimizer/lifetime_dependence/verify_diagnostics.sil
@@ -2,21 +2,21 @@
 // RUN:   --lifetime-dependence-diagnostics \
 // RUN:   -verify \
 // RUN:   -sil-verify-all \
-// RUN:   -module-name Swift \
 // RUN:   -enable-experimental-feature Lifetimes \
+// RUN:   -enable-experimental-feature AddressableTypes \
 // RUN:   -o /dev/null
 
 // REQUIRES: swift_in_compiler
 // REQUIRES: swift_feature_Lifetimes
+// REQUIRES: swift_feature_AddressableTypes
 
 // Verify diagnostics from the LifetimeDependenceDiagnostics pass.
 
 sil_stage raw
 
 import Builtin
-
-@_marker protocol Copyable: ~Escapable {}
-@_marker protocol Escapable: ~Copyable {}
+import Swift
+import SwiftShims
 
 class C {}
 
@@ -61,6 +61,14 @@ sil @getTrivialNE : $@convention(thin) (@in_guaranteed TrivialHolder) -> @lifeti
 sil @makeHolder: $@convention(method) (@thin Holder.Type) -> @owned Holder // user: %6
 sil @getGeneric : $@convention(thin) <τ_0_0 where τ_0_0 : ~Escapable> (@guaranteed Holder, @thick τ_0_0.Type) -> @lifetime(borrow 0) @out τ_0_0 // user: %12
 
+@_addressableForDependencies
+public struct InlineInt {
+  var i: Int
+}
+sil @globalAddress : $@convention(thin) () -> Builtin.RawPointer
+sil @addressInt : $@convention(thin) (@in_guaranteed InlineInt) -> @lifetime(borrow address_for_deps 0) @owned Span<Int>
+sil @useSpan : $@convention(thin) (@guaranteed Span<Int>) -> ()
+
 // Test returning a owned dependence on a trivial value
 sil [ossa] @return_trivial_dependence : $@convention(thin) (@guaranteed C) -> @lifetime(borrow 0) @owned NE {
 entry(%0 : @guaranteed $C):
@@ -246,3 +254,36 @@ bb0(%0 : $*NE, %1 : $*Holder):
   %18 = tuple ()
   return %18
 }
+
+// Test a address dependency on a trivial value temporarily copied to the stack. The value's addressable range only
+// extends to the dealloc_stack.
+//
+// SILGen should never generate temporary stack copies for addressable dependencies, but we need to diagnose them anyway
+// so that a SILGen bug does not become a miscompile.
+//
+// rdar://159680262 ([nonescapable] diagnose dependence on a temporary copy of a global array)
+sil hidden [noinline] [ossa] @testTrivialStackCopy : $@convention(thin) () -> () {
+bb0:
+  %0 = function_ref @globalAddress : $@convention(thin) () -> Builtin.RawPointer
+  %1 = apply %0() : $@convention(thin) () -> Builtin.RawPointer
+  %2 = pointer_to_address %1 to [strict] $*InlineInt
+  %3 = begin_access [read] [dynamic] %2 // expected-note{{it depends on this scoped access to variable ''}}
+  %4 = load [trivial] %3
+  end_access %3
+  %6 = alloc_stack $InlineInt
+  store %4 to [trivial] %6
+
+  %8 = function_ref @addressInt : $@convention(thin) (@in_guaranteed InlineInt) -> @lifetime(borrow address_for_deps 0) @owned Span<Int>
+  %9 = apply %8(%6) : $@convention(thin) (@in_guaranteed InlineInt) -> @lifetime(borrow address_for_deps 0) @owned Span<Int>
+  %10 = mark_dependence [unresolved] %9 on %6
+  %11 = move_value [var_decl] %10 // expected-error{{lifetime-dependent value escapes its scope}}
+  dealloc_stack %6
+  %13 = begin_borrow %11
+
+  %14 = function_ref @useSpan : $@convention(thin) (@guaranteed Span<Int>) -> ()
+  %15 = apply %14(%13) : $@convention(thin) (@guaranteed Span<Int>) -> ()
+  end_borrow %13
+  destroy_value %11 // expected-note{{this use of the lifetime-dependent value is out of scope}}
+  %18 = tuple ()
+  return %18
+}
diff --git a/test/SILOptimizer/lifetime_dependence/verify_diagnostics.swift b/test/SILOptimizer/lifetime_dependence/verify_diagnostics.swift
@@ -1,4 +1,4 @@
-// RUN: %target-swift-frontend %s -emit-sil \
+// RUN: %target-swift-frontend -primary-file %s -parse-as-library -emit-sil \
 // RUN:   -o /dev/null \
 // RUN:   -verify \
 // RUN:   -sil-verify-all \
@@ -315,3 +315,17 @@ func inoutToImmortal(_ s: inout RawSpan) {
   s = _overrideLifetime(tmp, borrowing: ())
 }
 
+// =============================================================================
+// addressable dependencies
+// =============================================================================
+
+@available(Span 0.1, *)
+var values: InlineArray<_, Int> = [0, 1, 2]
+
+// rdar://159680262 ([nonescapable] diagnose dependence on a temporary copy of a global array)
+@available(Span 0.1, *)
+func test() -> Int {
+  let span = values.span // expected-error{{lifetime-dependent variable 'span' escapes its scope}}
+  // expected-note@-1{{it depends on this scoped access to variable 'values'}}
+  return span[3] // expected-note{{this use of the lifetime-dependent value is out of scope}}
+}
