Add TermInst::forwardedOperand.
Add SILArgument::forwardedTerminatorResultOperand. This API will be
moved into a proper TerminatorResult abstraction.
Remove getSingleTerminatorOperand, which could be misused because it's
not necessarilly forwarding ownership.
Remove the isTransformationTerminator API, which is not useful or well
defined.
Rewrite several instances of complex logic to handle block arguments
with the simple terminator result API. This defines away potential
bugs where we don't detect casts that perform implicit conversion.
Replace uses of the SILPhiArgument type and code that explicitly
handle block arguments. Control flow is irrelevant in these
situations. SILPhiArgument needs to be deleted ASAP. Instead, use
simple APIs like SILArgument::isTerminatorResult(). Eventually this
will be replaced by a TerminatorResult type.
For yielded, nontrivial addresses, verify based on convention:
- guaranteed -> must be initialized at end_apply/abort_apply
- owned -> must be deinitialized at end_apply/abort_apply
- inout -> must be initialized at end_apply/abort_apply
`getValue` -> `value`
`getValueOr` -> `value_or`
`hasValue` -> `has_value`
`map` -> `transform`
The old API will be deprecated in the rebranch.
To avoid merge conflicts, use the new API already in the main branch.
rdar://102362022
Previously, logging of the actually problematic instruction was guarded
by LLVM_DEBUG. Meanwhile the verifier's require method prints an
instruction (usually one different from that at which the non-contiguous
scope was encountered).
Here, instead, the problematic instruction and the instruction which
defined the previous scope are printed to llvm::errs always (i.e.
whenever verification is actually run).
Additionally, debug-info logging is forcibly set on upon failure so that
the logs clearly show both what the previous scope was, what the current
scope is, and what instructions defined them.
We can't verify that store borrows aren't nested until we can reliably
compute liveness.
This can be fixed in two ways, both of which we plan to do ASAP:
(1) With complete lifetimes, this no longer needs to perform transitive
liveness at all.
(2) findInnerTransitiveGuaranteedUses, which ends up being called on the
load_borrow to compute liveness, can be taught to transitively process
InteriorPointer uses instead of returning PointerEscape. We need to make
sure all uses of the utility need to handle this first.
Return the AddressUseKind.
Fixes a bug in extendStoreBorrow where it was looking at an
uninitialized liveness result whenever a pointer escape was present.
First restore the basic PrunedLiveness abstraction to its original
intention. Move code outside of the basic abstraction that polutes the
abstraction and is fundamentally wrong from the perspective of the
liveness abstraction.
Most clients need to reason about live ranges, including the def
points, not just liveness based on use points. Add a PrunedLiveRange
layer of types that understand where the live range is
defined. Knowing where the live range is defined (the kill set) helps
reliably check that arbitrary points are within the boundary. This
way, the client doesn't need to be manage this on its own. We can also
support holes in the live range for non-SSA liveness. This makes it
safe and correct for the way liveness is now being used. This layer
safety handles:
- multiple defs
- instructions that are both uses and defs
- dead values
- unreachable code
- self-loops
So it's no longer the client's responsibility to check these things!
Add SSAPrunedLiveness and MultiDefPrunedLiveness to safely handle each
situation.
Split code that I can't figure out into
DiagnosticPrunedLiveness. Hopefully it will be deleted soon.
By using the keyword instead of the function, we actually get a much simpler
implementation since we avoid all of the machinery of SILGenApply. Given that we
are going down that path, I am removing the old builtin implementation since it
is dead code.
The reason why I am removing this now is that in a subsequent commit, I want to
move all of the ownership checking passes to run /before/ mandatory inlining. I
originally placed the passes after mandatory inlining since the function version
of the move keyword was transparent and needing to be inlined before we could
process it. Since we use the keyword now, that is no longer an issue.
Add ScopedAddressOperand and ScopedAddressValue abstraction utilities
Introduce verification for store_borrow to validate its uses are correctly enclosed in their scope.
Include end_borrow/end_access as implicit uses while validating a borrow introducer
Add flow sensitive verifier rule for store_borrow/end_borrow pair
Make sure store_borrow is always to an alloc_stack
Make sure uses to store borrow location are via its return address only
Require that lexical borrows of values which are instances of some
SILBoxType guard the lifetime of vars or closure captures; that's to
say, of AllocBoxInsts and SILFunctionArguments.
Look through a few instructions types to find those:
- copy_value - inserted by SILGen
- begin_borrow - inserted during inlining
- mark_uninitialized - inserted by SILGen
This is already an invariant for copy_value and now that I am implementing move
semantics for addresses, it makes sense to ban those in a similar
way. Specifically, we are enforcing the invariant that move only types are
allowed to be copied in Raw SIL, but not in later parts of SIL. For those who
are unaware, we then run checkers later to validate that we preserve ownership
semantics.
We had two notions of canonical types, one is the structural property
where it doesn't contain sugared types, the other one where it does
not contain reducible type parameters with respect to a generic
signature.
Rename the second one to a 'reduced type'.
