swiftwasm
diff --git a/‎docs/SILProgrammersManual.md
Lines changed: 60 additions & 31 deletions b/‎docs/SILProgrammersManual.md
Lines changed: 60 additions & 31 deletions
diff --git a/‎include/swift/SIL/MemAccessUtils.h
Lines changed: 55 additions & 39 deletions b/‎include/swift/SIL/MemAccessUtils.h
Lines changed: 55 additions & 39 deletions
@@ -161,6 +161,9 @@ idioms, it becomes overly burdensome to evolve these APIs over time.
 
 ## `AccessedStorage` and `AccessPath`
 
+TODO: move this section to a separate document and refer to it from
+SIL.rst.
+
 The `AccessedStorage` and `AccessPath` types formalize memory access
 in SIL. Given an address-typed SIL value, it is possible to
 reliably identify the storage location of the accessed
@@ -193,17 +196,17 @@ address is immutable for the duration of its access scope
 
 Computing `AccessedStorage` and `AccessPath` for any given SIL address
 involves a use-def traversal to determine the origin of the
-address. It may traverse operations on address, pointer, box, and
-reference types. The logic that formalizes which SIL operations may be
-involved in the def-use chain is encapsulated with the
-`AccessUseDefChainVisitor`. The traversal can be customized by
-implementing this visitor. Customization is not expected to change the
-meaning of AccessedStorage or AccessPath. Rather, it is intended for
-additional pass-specific book-keeping or for higher-level convenience
-APIs that operate on the use-def chain bypassing AccessedStorage
-completely.
-
-Access def-use chains are divided by four points: the "root", the
+address. It may traverse operations on values of type address,
+Builtin.RawPointer, box, and reference. The logic that
+formalizes which SIL operations may be involved in the def-use chain
+is encapsulated with the `AccessUseDefChainVisitor`. The traversal can
+be customized by implementing this visitor. Customization is not
+expected to change the meaning of AccessedStorage or
+AccessPath. Rather, it is intended for additional pass-specific
+book-keeping or for higher-level convenience APIs that operate on the
+use-def chain bypassing AccessedStorage completely.
+
+Access def-use chains are divided by four points: the object "root", the
 access "base", the outer-most "access" scope, and the "address" of a
 memory operation. For example:
 ```
@@ -222,18 +225,28 @@ memory operation. For example:
   end_access %access : $*S
 ```
 
+OR
+
+```
+  %root    = alloc_box $S
+  %base    = project_box %root : ${ var S }
+  %access  = begin_access [read] [static] %base : $*S
+  %address = struct_element_addr %access : $*S, #.field
+  %value   = load [trivial] %address : $*Int64
+  end_access %access : $*S
+```
+
 #### Reference root
 
 The first part of the def-use chain computes the formal access base
-from the root of the object (e.g. `alloc_ref ->
-ref_element_addr`). The reference root might be a locally allocated
-object, a function argument, a function result, or a reference loaded
-from storage. There is no enforcement on the type of operation that
-can produce a reference; however, only reference types or
-Builtin.BridgeObject types are only allowed in this part of the
+from the root of the object (e.g. `alloc_ref -> ref_element_addr` and
+`alloc_box -> project_box`). The reference root might be a locally
+allocated object, a function argument, a function result, or a
+reference loaded from storage. There is no enforcement on the type of
+operation that can produce a reference; however, only reference types, Builtin.BridgeObject types, and box types are allowed in this part of the
 def-use chain. The reference root is the greatest common ancestor in
 the def-use graph that can identify an object by a single SILValue. If
-the root as an `alloc_ref`, then it is *uniquely identified*. The
+the root is an `alloc_ref`, then it is *uniquely identified*. The
 def-use chain from the root to the base may contain reference casts
 (`isRCIdentityPreservingCast`) and phis.
 
@@ -268,29 +281,45 @@ formal access base. The reference root is only one component of an
 `AccessedStorage` location. AccessedStorage also identifies the class
 property being accessed within that object.
 
+A reference root may be borrowed, so the use-def path from the base to
+the root may cross a borrow scope. This means that uses of one base
+may not be replaced with a different base even if it has the same
+AccessedStorage because they may not be contained within the same
+borrow scope. However, this is the only part of the access path that
+may be borrowed. Address uses with the same base can be substituted
+without checking the borrow scope.
+
 #### Access base
 
-The access base is the SILValue produced by an instruction that
-directly identifies the kind of storage being accessed without further
-use-def traversal. Common access bases are `alloc_box`, `alloc_stack`,
-`global_addr`, `ref_element_addr`, and function arguments (see
+The access base is the address or Builtin.RawPointer type SILValue
+produced by an instruction that directly identifies the kind of
+storage being accessed without further use-def traversal. Common
+access bases are `alloc_stack`, `global_addr`,
+`ref_element_addr`, `project_box`, and function arguments (see
 `AccessedStorage::Kind`).
 
 The access base is the same as the "root" SILValue for all storage
-kinds except global and class storage. Global storage has no root. For
-class storage the root is the SILValue that identifies object,
-described as the "reference root" above.
+kinds except global and reference storage. Reference storage includes
+class, tail and box storage. Global storage has no root. For reference
+storage the root is the SILValue that identifies object, described as
+the "reference root" above.
 
 "Box" storage is uniquely identified by an `alloc_box`
 instruction. Therefore, we consider the `alloc_box` to be the base of
 the access. Box storage does not apply to all box types or box
 projections, which may instead originate from arguments or indirect
 enums for example.
 
+An access scope, identified by a `begin_access` marker, may only occur
+on the def-use path between the access base and any address
+projections. The def-use path from the root to the base cannot cross
+an access scope. Likewise, the def-use between an access projection
+and the memory operation cannot cross an access scope.
+
 Typically, the base is the address-type source operand of a
 `begin_access`. However, the path from the access base to the
 `begin_access` may include *storage casts* (see
-`isAccessedStorageCast`). It may involve address, pointer, and box
+`isAccessedStorageCast`). It may involve address an pointer
 types, and may traverse phis. For some kinds of storage, the base may
 itself even be a non-address pointer. For phis that cannot be uniquely
 resolved, the base may even be a box type.
@@ -322,9 +351,9 @@ which address storage is always uniquely determined. Currently, if a
 (non-address) phi on the access path from `base` to `access` does not
 have a common base, then it is considered an invalid access (the
 AccessedStorage object is not valid). SIL verification ensures that a
-formal access always has valid AccessedStorage (WIP). In other words, the
-source of a `begin_access` marker must be a single, non-phi base. In
-the future, for further simplicity, we may generally disallow box and
+formal access always has valid AccessedStorage (WIP). In other words,
+the source of a `begin_access` marker must be a single, non-phi
+base. In the future, for further simplicity, we may also disallow
 pointer phis unless they have a common base.
 
 Not all SIL memory access is part of a formal access, but the
@@ -334,8 +363,8 @@ the use-def search does not begin at a `begin_access` marker. For
 non-formal access, SIL verification is not as strict. An invalid
 access is allowed, but handled conservatively. This is safe as long as
 those non-formal accesses can never alias with class and global
-storage. Class and global access is always guarded by formal access
-markers--at least until static markers are stripped from SIL.
+storage. Class and global access must always be guarded by formal
+access markers--at least until static markers are stripped from SIL.
 
 #### Nested access
 
 
@@ -44,7 +44,7 @@
 /// 3. getAccessBase(): Find the ultimate base of any address corresponding to
 /// the accessed object, regardless of whether the address is nested within
 /// access scopes, and regardless of any storage casts. This returns either an
-/// address type, pointer type, or box type, but never a reference type.
+/// address or pointer type, but never a reference or box type.
 /// Each object's property or its tail storage is separately accessed.
 ///
 /// For better identification an access base, use
@@ -166,6 +166,11 @@ SILValue getAccessScope(SILValue address);
 /// return the same base address, then they must also have the same storage.
 SILValue getAccessBase(SILValue address);
 
+/// Find the root of a reference, which may be a non-trivial type, box type, or
+/// BridgeObject. This is guaranteed to be consistent with
+/// AccessedStorage::getRoot() and AccessPath::getRoot().
+SILValue findReferenceRoot(SILValue ref);
+
 /// Return true if \p address points to a let-variable.
 ///
 /// let-variables are only written during let-variable initialization, which is
@@ -237,7 +242,8 @@ enum class AccessUseType { Exact, Inner, Overlapping };
 /// represent any arbitrary base address--it must at least been proven not to
 /// correspond to any class or global variable access, unless it's nested within
 /// another access to the same object. So, Unidentified can overlap with
-/// Class/Global access, but it cannot be the only formal access to that memory.
+/// Class/Global access because it was derived from another Class/Global access,
+/// but Unidentified can never be the only formal access to that memory.
 ///
 /// An *invalid* AccessedStorage object is Unidentified and associated with an
 /// invalid SILValue. This signals that analysis has failed to recognize an
@@ -268,7 +274,7 @@ class AccessedStorage {
     Global,
     Class,
     Tail,
-    Argument,
+    Argument, // Address or RawPointer argument
     Yield,
     Nested,
     Unidentified,
@@ -280,22 +286,11 @@ class AccessedStorage {
   // Give object tail storage a fake large property index for convenience.
   static constexpr unsigned TailIndex = std::numeric_limits<int>::max();
 
-  /// Directly create an AccessedStorage for class or tail property access.
-  static AccessedStorage forClass(SILValue object, unsigned propertyIndex) {
-    AccessedStorage storage;
-    if (propertyIndex == TailIndex)
-      storage.initKind(Tail);
-    else
-      storage.initKind(Class, propertyIndex);
-    storage.value = object;
-    return storage;
-  }
-
   /// Return an AccessedStorage value that best identifies a formally accessed
   /// variable pointed to by \p sourceAddress, looking through any nested
   /// formal accesses to find the underlying storage.
   ///
-  /// \p sourceAddress may be an address, pointer, or box type.
+  /// \p sourceAddress may be an address type or Builtin.RawPointer.
   ///
   /// If \p sourceAddress is within a formal access scope, which does not have
   /// "Unsafe" enforcement, then this always returns valid storage.
@@ -308,7 +303,7 @@ class AccessedStorage {
   /// Return an AccessedStorage object that identifies formal access scope that
   /// immediately encloses \p sourceAddress.
   ///
-  /// \p sourceAddress may be an address, pointer, or box type.
+  /// \p sourceAddress may be an address type or Builtin.RawPointer.
   ///
   /// If \p sourceAddress is within a formal access scope, this always returns a
   /// valid "Nested" storage value.
@@ -317,6 +312,14 @@ class AccessedStorage {
   /// the formal storage if possible, otherwise returning invalid storage.
   static AccessedStorage computeInScope(SILValue sourceAddress);
 
+  /// Create storage for the tail elements of \p object.
+  static AccessedStorage forObjectTail(SILValue object) {
+    AccessedStorage storage;
+    storage.initKind(Tail, TailIndex);
+    storage.value = findReferenceRoot(object);
+    return storage;
+  }
+
 protected:
   // Checking the storage kind is far more common than other fields. Make sure
   // it can be byte load with no shift.
@@ -389,7 +392,7 @@ class AccessedStorage {
     SILGlobalVariable *global;
   };
 
-  void initKind(Kind k, unsigned elementIndex = InvalidElementIndex) {
+  void initKind(Kind k, unsigned elementIndex) {
     Bits.opaqueBits = 0;
     Bits.AccessedStorage.kind = k;
     Bits.AccessedStorage.elementIndex = elementIndex;
@@ -401,7 +404,7 @@ class AccessedStorage {
   }
 
 public:
-  AccessedStorage() : value() { initKind(Unidentified); }
+  AccessedStorage() : value() { initKind(Unidentified, InvalidElementIndex); }
 
   AccessedStorage(SILValue base, Kind kind);
 
@@ -418,6 +421,7 @@ class AccessedStorage {
 
   SILValue getValue() const {
     assert(getKind() != Global && getKind() != Class && getKind() != Tail);
+    assert(value && "Invalid storage has an invalid value");
     return value;
   }
 
@@ -436,7 +440,9 @@ class AccessedStorage {
     return global;
   }
 
-  bool isReference() const { return getKind() == Class || getKind() == Tail; }
+  bool isReference() const {
+    return getKind() == Box || getKind() == Class || getKind() == Tail;
+  }
 
   SILValue getObject() const {
     assert(isReference());
@@ -447,6 +453,15 @@ class AccessedStorage {
     return getElementIndex();
   }
 
+  /// Return a new AccessedStorage for Class/Tail/Box access based on
+  /// existing storage and a new object.
+  AccessedStorage transformReference(SILValue object) const {
+    AccessedStorage storage;
+    storage.initKind(getKind(), getElementIndex());
+    storage.value = findReferenceRoot(object);
+    return storage;
+  }
+
   /// Return the address or reference root that the storage was based
   /// on. Returns an invalid SILValue for globals or invalid storage.
   SILValue getRoot() const {
@@ -457,7 +472,7 @@ class AccessedStorage {
     case AccessedStorage::Argument:
     case AccessedStorage::Yield:
     case AccessedStorage::Unidentified:
-      return getValue(); // Can be invalid for Unidentified storage.
+      return getValue();
     case AccessedStorage::Global:
       return SILValue();
     case AccessedStorage::Class:
@@ -511,6 +526,7 @@ class AccessedStorage {
   bool isLocal() const {
     switch (getKind()) {
     case Box:
+      return isa<AllocBoxInst>(value);
     case Stack:
       return true;
     case Global:
@@ -538,6 +554,7 @@ class AccessedStorage {
   bool isUniquelyIdentified() const {
     switch (getKind()) {
     case Box:
+      return isa<AllocBoxInst>(value);
     case Stack:
     case Global:
       return true;
@@ -686,11 +703,14 @@ template <> struct DenseMapInfo<swift::AccessedStorage> {
 
   static unsigned getHashValue(swift::AccessedStorage storage) {
     switch (storage.getKind()) {
+    case swift::AccessedStorage::Unidentified:
+      if (!storage)
+        return DenseMapInfo<swift::SILValue>::getHashValue(swift::SILValue());
+      LLVM_FALLTHROUGH;
     case swift::AccessedStorage::Box:
     case swift::AccessedStorage::Stack:
     case swift::AccessedStorage::Nested:
     case swift::AccessedStorage::Yield:
-    case swift::AccessedStorage::Unidentified:
       return DenseMapInfo<swift::SILValue>::getHashValue(storage.getValue());
     case swift::AccessedStorage::Argument:
       return storage.getParamIndex();
@@ -1008,15 +1028,19 @@ class AccessPath {
 // recover the def-use chain for a specific global_addr or ref_element_addr.
 struct AccessPathWithBase {
   AccessPath accessPath;
-  // The address-type value that is the base of the formal access. For
-  // class storage, it is the ref_element_addr. For global storage it is the
-  // global_addr or initializer apply. For other storage, it is the same as
-  // accessPath.getRoot().
+  // The address-type value that is the base of the formal access. For class
+  // storage, it is the ref_element_addr; for box storage, the project_box; for
+  // global storage the global_addr or initializer apply. For other
+  // storage, it is the same as accessPath.getRoot().
   //
-  // Note: base may be invalid for global_addr -> address_to_pointer -> phi
-  // patterns, while the accessPath is still valid.
+  // Note: base may be invalid for phi patterns, even though the accessPath is
+  // valid because we don't currently keep track of multiple bases. Multiple
+  // bases for the same storage can happen with global_addr, ref_element_addr,
+  // ref_tail_addr, and project_box.
   //
-  // FIXME: add a structural requirement to SIL so base is always valid in OSSA.
+  // FIXME: add a structural requirement to SIL/OSSA so valid storage has
+  // a single base. For most cases, it is as simple by sinking the
+  // projection. For index_addr, it may require hoisting ref_tail_addr.
   SILValue base;
 
   /// Compute the access path at \p address, and record the access base. This
@@ -1309,14 +1333,7 @@ inline bool isAccessedStorageCast(SingleValueInstruction *svi) {
   case SILInstructionKind::MarkUninitializedInst:
   case SILInstructionKind::UncheckedAddrCastInst:
   case SILInstructionKind::MarkDependenceInst:
-  // Look through a project_box to identify the underlying alloc_box as the
-  // accesed object. It must be possible to reach either the alloc_box or the
-  // containing enum in this loop, only looking through simple value
-  // propagation such as copy_value and begin_borrow.
-  case SILInstructionKind::ProjectBoxInst:
-  case SILInstructionKind::ProjectBlockStorageInst:
   case SILInstructionKind::CopyValueInst:
-  case SILInstructionKind::BeginBorrowInst:
   // Casting to RawPointer does not affect the AccessPath. When converting
   // between address types, they must be layout compatible (with truncation).
   case SILInstructionKind::AddressToPointerInst:
@@ -1366,7 +1383,7 @@ class AccessUseDefChainVisitor {
   Result visitArgumentAccess(SILFunctionArgument *arg) {
     return asImpl().visitBase(arg, AccessedStorage::Argument);
   }
-  Result visitBoxAccess(AllocBoxInst *box) {
+  Result visitBoxAccess(ProjectBoxInst *box) {
     return asImpl().visitBase(box, AccessedStorage::Box);
   }
   /// \p global may be either a GlobalAddrInst or the ApplyInst for a global
@@ -1414,9 +1431,8 @@ Result AccessUseDefChainVisitor<Impl, Result>::visit(SILValue sourceAddr) {
 
   // MARK: Handle immediately-identifiable instructions.
 
-  // An AllocBox is a fully identified memory location.
-  case ValueKind::AllocBoxInst:
-    return asImpl().visitBoxAccess(cast<AllocBoxInst>(sourceAddr));
+  case ValueKind::ProjectBoxInst:
+    return asImpl().visitBoxAccess(cast<ProjectBoxInst>(sourceAddr));
 
   // An AllocStack is a fully identified memory location, which may occur
   // after inlining code already subjected to stack promotion.