Introduce a new attribute @_unsafeSelfDependentResult

It can be used in borrow/mutate accessors to unsafely specify that the
result is dependent on the self access.

Author: meg-gupta

include/swift/AST/DeclAttr.def

@@ -902,7 +902,12 @@ DECL_ATTR(specialized, Specialized,
   AllowMultipleAttributes | LongAttribute | UserInaccessible | ABIStableToAdd | ABIStableToRemove | APIStableToAdd | APIStableToRemove | ForbiddenInABIAttr,
   172)
 
-LAST_DECL_ATTR(Specialized)
+SIMPLE_DECL_ATTR(_unsafeSelfDependentResult, UnsafeSelfDependentResult,
+  OnAccessor,
+  UserInaccessible | ABIStableToAdd | ABIStableToRemove | APIBreakingToAdd | APIBreakingToRemove | EquivalentInABIAttr,
+  173)
+
+LAST_DECL_ATTR(UnsafeSelfDependentResult)
 
 #undef DECL_ATTR_ALIAS
 #undef CONTEXTUAL_DECL_ATTR_ALIAS

include/swift/AST/DiagnosticsSema.def

@@ -8929,5 +8929,8 @@ ERROR(attr_inline_always_requires_inlinable,none,
 ERROR(attr_inline_always_no_usable_from_inline,none,
       "cannot use '@inline(always)' together with '@usableFromInline'", ())
 
+ERROR(unsafe_self_dependent_result_attr_on_invalid_decl,none,
+      "invalid use of @_unsafeSelfDependentResult", ())
+
 #define UNDEFINE_DIAGNOSTIC_MACROS
 #include "DefineDiagnosticMacros.h"

lib/AST/ASTDumper.cpp

@@ -5062,6 +5062,7 @@ class PrintAttribute : public AttributeVisitor<PrintAttribute, void, Label>,
   TRIVIAL_ATTR_PRINTER(WeakLinked, weak_linked)
   TRIVIAL_ATTR_PRINTER(Nonexhaustive, nonexhaustive)
   TRIVIAL_ATTR_PRINTER(Concurrent, concurrent)
+  TRIVIAL_ATTR_PRINTER(UnsafeSelfDependentResult, unsafe_self_dependent_result)
 
 #undef TRIVIAL_ATTR_PRINTER
 

lib/ASTGen/Sources/ASTGen/DeclAttrs.swift

@@ -309,7 +309,8 @@ extension ASTGenVisitor {
         .UsableFromInline,
         .Used,
         .WarnUnqualifiedAccess,
-        .WeakLinked:
+        .WeakLinked,
+        .UnsafeSelfDependentResult:
 
         return handle(self.generateSimpleDeclAttr(attribute: node, kind: attrKind!))
 

lib/SILGen/SILGenStmt.cpp

@@ -738,35 +738,26 @@ void SILGenFunction::emitReturnExpr(SILLocation branchLoc,
     }
   } else if (F.getConventions().hasGuaranteedResult() ||
              F.getConventions().hasGuaranteedAddressResult()) {
-    // If the return expression is a literal, emit as a regular return
-    // expression/
+    auto *afd = cast<AbstractFunctionDecl>(FunctionDC->getAsDecl());
     if (isa<LiteralExpr>(ret)) {
+      // If the return expression is a literal, emit as a regular return
+      // expression.
       auto RV = emitRValue(ret);
       std::move(RV).forwardAll(*this, directResults);
     } else {
-      // If the return expression is not a projection, diagnose as error.
       FormalEvaluationScope scope(*this);
       auto storageRefResult =
           StorageRefResult::findStorageReferenceExprForBorrow(ret);
       auto lvExpr = storageRefResult.getTransitiveRoot();
+      // If the return expression is not an lvalue, diagnose.
       if (!lvExpr) {
         diagnose(getASTContext(), ret->getStartLoc(),
                  diag::invalid_borrow_accessor_return);
         diagnose(getASTContext(), ret->getStartLoc(),
                  diag::borrow_accessor_not_a_projection_note);
         return;
       }
-      // If the return expression is not a projection of self, diagnose as
-      // error.
-      auto *baseExpr = lookThroughProjections(storageRefResult.getStorageRef());
-      if (!baseExpr->isSelfExprOf(
-              cast<AbstractFunctionDecl>(FunctionDC->getAsDecl()))) {
-        diagnose(getASTContext(), ret->getStartLoc(),
-                 diag::invalid_borrow_accessor_return);
-        diagnose(getASTContext(), ret->getStartLoc(),
-                 diag::borrow_accessor_not_a_projection_note);
-        return;
-      }
+
       // Emit return value at +0.
       LValueOptions options;
       auto lvalue = emitLValue(ret,
@@ -776,34 +767,71 @@ void SILGenFunction::emitReturnExpr(SILLocation branchLoc,
                                F.getConventions().hasGuaranteedResult()
                                    ? options.forGuaranteedReturn(true)
                                    : options.forGuaranteedAddressReturn(true));
-      auto result =
-          tryEmitProjectedLValue(ret, std::move(lvalue), TSanKind::None);
-      if (!result) {
-        diagnose(getASTContext(), ret->getStartLoc(),
-                 diag::invalid_borrow_accessor_return);
-        diagnose(getASTContext(), ret->getStartLoc(),
-                 diag::borrow_accessor_not_a_projection_note);
-        return;
-      }
-      // For now diagnose multiple return statements in borrow/mutate accessors.
-      // We need additional support for this.
-      // 1. Address phis are banned in SIL.
-      // 2. borrowed from is not inserted in SILGenCleanup.
-      if (!ReturnDest.getBlock()->getPredecessorBlocks().empty()) {
-        diagnose(getASTContext(), ret->getStartLoc(),
-                 diag::invalid_multiple_return_borrow_accessor);
-        return;
-      }
 
-      auto resultValue = result->getValue();
-      SILType selfType = F.getSelfArgument()->getType();
-      if (selfType.isMoveOnly() && F.getConventions().hasGuaranteedResult()) {
-        // If we are returning the result of borrow accessor, strip the
-        // unnecessary copy_value + mark_unresolved_non_copyable_value
-        // instructions.
-        resultValue = lookThroughMoveOnlyCheckerPattern(resultValue);
+      if (afd->getAttrs().hasAttribute<UnsafeSelfDependentResultAttr>()) {
+        // If the accessor is annotated with @_unsafeSelfDependentResultAttr,
+        // disable diagnosing the return expression.
+        // This is needed to implement borrow accessors for Unsafe*Pointer based
+        // Container types where the compiler cannot analyze the safety of
+        // return expressions based on pointer arithmetic and unsafe addressors.
+        // Example:
+        // public struct Container<Element: ~Copyable>: ~Copyable {
+        //   var _storage: UnsafeMutableBufferPointer<Element>
+        //   var _count: Int
+        //
+        //   public subscript(index: Int) -> Element {
+        //     @_unsafeSelfDependentResult
+        //     borrow {
+        //       precondition(index >= 0 && index < _count, "Index out of
+        //       bounds") return
+        //       _storage.baseAddress.unsafelyUnwrapped.advanced(by:
+        //       index).pointee
+        //     }
+        //   }
+        // }
+        auto resultValue = emitBorrowedLValue(ret, std::move(lvalue));
+        directResults.push_back(resultValue.getValue());
+      } else {
+        // If the return expression is not a transitive projection of self,
+        // diagnose.
+        auto *baseExpr =
+            lookThroughProjections(storageRefResult.getStorageRef());
+        if (!baseExpr->isSelfExprOf(afd)) {
+          diagnose(getASTContext(), ret->getStartLoc(),
+                   diag::invalid_borrow_accessor_return);
+          diagnose(getASTContext(), ret->getStartLoc(),
+                   diag::borrow_accessor_not_a_projection_note);
+          return;
+        }
+        auto result =
+            tryEmitProjectedLValue(ret, std::move(lvalue), TSanKind::None);
+        if (!result) {
+          diagnose(getASTContext(), ret->getStartLoc(),
+                   diag::invalid_borrow_accessor_return);
+          diagnose(getASTContext(), ret->getStartLoc(),
+                   diag::borrow_accessor_not_a_projection_note);
+          return;
+        }
+        // For now diagnose multiple return statements in borrow/mutate
+        // accessors. We need additional support for this.
+        // 1. Address phis are banned in SIL.
+        // 2. borrowed from is not inserted in SILGenCleanup.
+        if (!ReturnDest.getBlock()->getPredecessorBlocks().empty()) {
+          diagnose(getASTContext(), ret->getStartLoc(),
+                   diag::invalid_multiple_return_borrow_accessor);
+          return;
+        }
+
+        auto resultValue = result->getValue();
+        SILType selfType = F.getSelfArgument()->getType();
+        if (selfType.isMoveOnly() && F.getConventions().hasGuaranteedResult()) {
+          // If we are returning the result of borrow accessor, strip the
+          // unnecessary copy_value + mark_unresolved_non_copyable_value
+          // instructions.
+          resultValue = lookThroughMoveOnlyCheckerPattern(resultValue);
+        }
+        directResults.push_back(resultValue);
       }
-      directResults.push_back(resultValue);
     }
   } else {
     // SILValue return.

lib/Sema/TypeCheckAttr.cpp

@@ -483,6 +483,7 @@ class AttributeChecker : public AttributeVisitor<AttributeChecker> {
   void visitAddressableSelfAttr(AddressableSelfAttr *attr);
   void visitAddressableForDependenciesAttr(AddressableForDependenciesAttr *attr);
   void visitUnsafeAttr(UnsafeAttr *attr);
+  void visitUnsafeSelfDependentResultAttr(UnsafeSelfDependentResultAttr *attr);
 };
 
 } // end anonymous namespace
@@ -8461,6 +8462,18 @@ void AttributeChecker::visitUnsafeAttr(UnsafeAttr *attr) {
   }
 }
 
+void AttributeChecker::visitUnsafeSelfDependentResultAttr(
+    UnsafeSelfDependentResultAttr *attr) {
+  // TODO: Introduce a new experimental feature and check for presence
+  auto *accessor = dyn_cast<AccessorDecl>(D);
+  if (accessor &&
+      (accessor->isBorrowAccessor() || accessor->isMutateAccessor())) {
+    return;
+  }
+  Ctx.Diags.diagnose(attr->getLocation(),
+                     diag::unsafe_self_dependent_result_attr_on_invalid_decl);
+}
+
 namespace {
 
 class ClosureAttributeChecker

lib/Sema/TypeCheckDeclOverride.cpp

@@ -1754,6 +1754,7 @@ namespace  {
     UNINTERESTING_ATTR(Unsafe)
     UNINTERESTING_ATTR(Safe)
     UNINTERESTING_ATTR(AddressableForDependencies)
+    UNINTERESTING_ATTR(UnsafeSelfDependentResult)
 #undef UNINTERESTING_ATTR
 
     void visitABIAttr(ABIAttr *attr) {

test/SILGen/borrow_accessor_container.swift

@@ -0,0 +1,64 @@
+// RUN:%target-swift-frontend -emit-silgen %s -verify  -enable-experimental-feature BorrowAndMutateAccessors | %FileCheck %s
+
+// REQUIRES: swift_feature_BorrowAndMutateAccessors
+
+public struct Container<Element: ~Copyable >: ~Copyable {
+  var _storage: UnsafeMutableBufferPointer<Element>
+  var _count: Int
+
+  var first: Element {
+    @_unsafeSelfDependentResult
+    borrow {
+      return _storage.baseAddress.unsafelyUnwrapped.pointee
+    }
+  }
+
+  public subscript(index: Int) -> Element {
+    @_unsafeSelfDependentResult
+    borrow {
+      precondition(index >= 0 && index < _count, "Index out of bounds")
+      return _storage.baseAddress.unsafelyUnwrapped.advanced(by: index).pointee
+    }
+  }
+}
+
+extension Container: Copyable where Element: Copyable {}
+
+
+// CHECK: sil [ossa] @$s25borrow_accessor_container9ContainerVAARi_zrlEyxSicib : $@convention(method) <Element where Element : ~Copyable> (Int, @guaranteed Container<Element>) -> @guaranteed_addr Element {
+// CHECK: bb0([[REG0:%.*]] : $Int, [[REG1:%.*]] : @guaranteed $Container<Element>):
+// CHECK:   [[REG3:%.*]] = copy_value [[REG1]]
+// CHECK:   [[REG4:%.*]] = mark_unresolved_non_copyable_value [no_consume_or_assign] [[REG3]]
+// CHECK:   [[REG6:%.*]] = alloc_stack $UnsafeMutablePointer<Element>
+// CHECK:   [[REG7:%.*]] = begin_borrow [[REG4]]
+// CHECK:   [[REG8:%.*]] = struct_extract [[REG7]], #Container._storage
+// CHECK:   [[REG9:%.*]] = function_ref @$sSr11baseAddressSpyxGSgvg : $@convention(method) <τ_0_0 where τ_0_0 : ~Copyable> (UnsafeMutableBufferPointer<τ_0_0>) -> Optional<UnsafeMutablePointer<τ_0_0>>
+// CHECK:   [[REG10:%.*]] = apply [[REG9]]<Element>([[REG8]]) : $@convention(method) <τ_0_0 where τ_0_0 : ~Copyable> (UnsafeMutableBufferPointer<τ_0_0>) -> Optional<UnsafeMutablePointer<τ_0_0>>
+// CHECK:   [[REG11:%.*]] = alloc_stack $Optional<UnsafeMutablePointer<Element>>
+// CHECK:   store [[REG10]] to [trivial] [[REG11]]
+// CHECK:   [[REG13:%.*]] = alloc_stack $UnsafeMutablePointer<Element>
+// CHECK:   [[REG14:%.*]] = function_ref @$sSq17unsafelyUnwrappedxvg : $@convention(method) <τ_0_0 where τ_0_0 : ~Escapable> (@in_guaranteed Optional<τ_0_0>) -> @lifetime(copy 0) @out τ_0_0
+// CHECK:   [[REG15:%.*]] = apply [[REG14]]<UnsafeMutablePointer<Element>>([[REG13]], [[REG11]]) : $@convention(method) <τ_0_0 where τ_0_0 : ~Escapable> (@in_guaranteed Optional<τ_0_0>) -> @lifetime(copy 0) @out τ_0_0
+// CHECK:   [[REG16:%.*]] = load [trivial] [[REG13]]
+// CHECK:   [[REG17:%.*]] = alloc_stack $UnsafeMutablePointer<Element>
+// CHECK:   store [[REG16]] to [trivial] [[REG17]]
+// CHECK:   [[REG19:%.*]] = function_ref @$ss8_PointerPsE8advanced2byxSi_tF : $@convention(method) <τ_0_0 where τ_0_0 : _Pointer> (Int, @in_guaranteed τ_0_0) -> @out τ_0_0
+// CHECK:   [[REG20:%.*]] = apply [[REG19]]<UnsafeMutablePointer<Element>>([[REG6]], [[REG0]], [[REG17]]) : $@convention(method) <τ_0_0 where τ_0_0 : _Pointer> (Int, @in_guaranteed τ_0_0) -> @out τ_0_0
+// CHECK:   dealloc_stack [[REG17]]
+// CHECK:   dealloc_stack [[REG13]]
+// CHECK:   dealloc_stack [[REG11]]
+// CHECK:   end_borrow [[REG7]]
+// CHECK:   [[REG25:%.*]] = load [trivial] [[REG6]]
+// CHECK:   [[REG26:%.*]] = function_ref @$sSpsRi_zrlE7pointeexvlu : $@convention(method) <τ_0_0 where τ_0_0 : ~Copyable> (UnsafeMutablePointer<τ_0_0>) -> UnsafePointer<τ_0_0>
+// CHECK:   [[REG27:%.*]] = apply [[REG26]]<Element>([[REG25]]) : $@convention(method) <τ_0_0 where τ_0_0 : ~Copyable> (UnsafeMutablePointer<τ_0_0>) -> UnsafePointer<τ_0_0>
+// CHECK:   [[REG28:%.*]] = struct_extract [[REG27]], #UnsafePointer._rawValue
+// CHECK:   [[REG29:%.*]] = pointer_to_address [[REG28]] to [strict] $*Element
+// CHECK:   [[REG30:%.*]] = mark_dependence [unresolved] [[REG29]] on [[REG25]]
+// CHECK:   [[REG31:%.*]] = begin_access [read] [unsafe] [[REG30]]
+// CHECK:   [[REG32:%.*]] = mark_unresolved_non_copyable_value [no_consume_or_assign] [[REG31]]
+// CHECK:   end_access [[REG31]]
+// CHECK:   dealloc_stack [[REG6]]
+// CHECK:   destroy_value [[REG4]]
+// CHECK:   return [[REG32]]
+// CHECK: }
+