[cxx-interop] Factor API classification and verification into requests.

Author: zoecarver

include/swift/Basic/LangOptions.h

@@ -268,6 +268,8 @@ namespace swift {
     /// Imports getters and setters as computed properties.
     bool CxxInteropGettersSettersAsProperties = false;
 
+    bool EnableUnsafeEagerCxxImporting = false;
+
     /// On Darwin platforms, use the pre-stable ABI's mark bit for Swift
     /// classes instead of the stable ABI's bit. This is needed when
     /// targeting OSes prior to macOS 10.14.4 and iOS 12.2, where

include/swift/ClangImporter/ClangImporterRequests.h

@@ -178,6 +178,126 @@ class ClangRecordMemberLookup
   evaluate(Evaluator &evaluator, ClangRecordMemberLookupDescriptor desc) const;
 };
 
+enum class CxxRecordSemanticsKind {
+  Trivial,
+  Owned,
+  Reference,
+  // An API that has be annotated as explicitly unsafe, but still importable.
+  // TODO: we should rename these APIs.
+  ExplicitlyUnsafe,
+  // A record that has custom lifetime operations which we cannot prove are safe.
+  UnsafeLifetimeOperation,
+  // A record that contains a pointer (aka non-trivial type).
+  UnsafePointerMember
+};
+
+struct CxxRecordSemanticsDescriptor final {
+  const clang::CXXRecordDecl *decl;
+
+  CxxRecordSemanticsDescriptor(const clang::CXXRecordDecl *decl)
+      : decl(decl) {}
+
+  friend llvm::hash_code
+  hash_value(const CxxRecordSemanticsDescriptor &desc) {
+    return llvm::hash_combine(desc.decl);
+  }
+
+  friend bool operator==(const CxxRecordSemanticsDescriptor &lhs,
+                         const CxxRecordSemanticsDescriptor &rhs) {
+    return lhs.decl == rhs.decl;
+  }
+
+  friend bool operator!=(const CxxRecordSemanticsDescriptor &lhs,
+                         const CxxRecordSemanticsDescriptor &rhs) {
+    return !(lhs == rhs);
+  }
+};
+
+void simple_display(llvm::raw_ostream &out,
+                    CxxRecordSemanticsDescriptor desc);
+SourceLoc
+extractNearestSourceLoc(CxxRecordSemanticsDescriptor desc);
+
+/// What pattern does this C++ API fit? Uses attributes such as
+/// import_owned_value and import_as_reference to determine the pattern.
+class CxxRecordSemantics
+    : public SimpleRequest<CxxRecordSemantics,
+                           CxxRecordSemanticsKind(CxxRecordSemanticsDescriptor),
+                           RequestFlags::Cached> {
+public:
+  using SimpleRequest::SimpleRequest;
+
+  // Caching
+  bool isCached() const { return true; }
+
+  // Source location
+  SourceLoc getNearestLoc() const { return SourceLoc(); };
+
+private:
+  friend SimpleRequest;
+
+  // Evaluation.
+  CxxRecordSemanticsKind
+  evaluate(Evaluator &evaluator, CxxRecordSemanticsDescriptor) const;
+};
+
+enum class CxxRecordUseKind {
+  Global,
+  CReturnType,
+  CxxReturnType
+};
+
+struct SafeUseOfCxxRecordDescriptor final {
+  const clang::CXXRecordDecl *recordDecl;
+  CxxRecordUseKind kind;
+
+  SafeUseOfCxxRecordDescriptor(const clang::CXXRecordDecl *recordDecl,
+                               CxxRecordUseKind kind)
+      : recordDecl(recordDecl), kind(kind) {}
+
+  friend llvm::hash_code
+  hash_value(const SafeUseOfCxxRecordDescriptor &desc) {
+    return llvm::hash_combine(desc.kind, desc.recordDecl);
+  }
+
+  friend bool operator==(const SafeUseOfCxxRecordDescriptor &lhs,
+                         const SafeUseOfCxxRecordDescriptor &rhs) {
+    return lhs.kind == rhs.kind && lhs.recordDecl == rhs.recordDecl;
+  }
+
+  friend bool operator!=(const SafeUseOfCxxRecordDescriptor &lhs,
+                         const SafeUseOfCxxRecordDescriptor &rhs) {
+    return !(lhs == rhs);
+  }
+};
+
+void simple_display(llvm::raw_ostream &out,
+                    SafeUseOfCxxRecordDescriptor desc);
+SourceLoc
+extractNearestSourceLoc(SafeUseOfCxxRecordDescriptor desc);
+
+class IsSafeUseOfCxxRecord
+    : public SimpleRequest<IsSafeUseOfCxxRecord,
+                           bool(SafeUseOfCxxRecordDescriptor),
+                           RequestFlags::Cached> {
+public:
+  using SimpleRequest::SimpleRequest;
+
+  // Caching
+  bool isCached() const { return true; }
+
+  // Source location
+  SourceLoc getNearestLoc() const { return SourceLoc(); };
+
+private:
+  friend SimpleRequest;
+
+  // Evaluation.
+  bool
+  evaluate(Evaluator &evaluator, SafeUseOfCxxRecordDescriptor desc) const;
+};
+
+
 #define SWIFT_TYPEID_ZONE ClangImporter
 #define SWIFT_TYPEID_HEADER "swift/ClangImporter/ClangImporterTypeIDZone.def"
 #include "swift/Basic/DefineTypeIDZone.h"

include/swift/ClangImporter/ClangImporterTypeIDZone.def

@@ -24,3 +24,9 @@ SWIFT_REQUEST(ClangImporter, CXXNamespaceMemberLookup,
 SWIFT_REQUEST(ClangImporter, ClangRecordMemberLookup,
               Decl *(ClangRecordMemberLookupDescriptor), Uncached,
               NoLocationInfo)
+SWIFT_REQUEST(ClangImporter, CxxRecordSemantics,
+              CxxRecordSemanticsKind(const clang::CXXRecordDecl *), Cached,
+              NoLocationInfo)
+SWIFT_REQUEST(ClangImporter, IsSafeUseOfCxxRecord,
+              bool(SafeUseOfCxxRecordDescriptor), Cached,
+              NoLocationInfo)

lib/ClangImporter/ClangImporter.cpp

@@ -5828,3 +5828,210 @@ void ClangImporter::diagnoseMemberValue(const DeclName &name,
     }
   }
 }
+
+static bool hasImportAsRefAttr(const clang::RecordDecl *decl) {
+  return decl->hasAttrs() && llvm::any_of(decl->getAttrs(), [](auto *attr) {
+           if (auto swiftAttr = dyn_cast<clang::SwiftAttrAttr>(attr))
+             return swiftAttr->getAttribute() == "import_foreign_reference";
+           return false;
+         });
+}
+
+static bool hasOwnedValueAttr(const clang::RecordDecl *decl) {
+  if (decl->getNameAsString() == "basic_string" ||
+      decl->getNameAsString() == "vector")
+    return true;
+
+  return decl->hasAttrs() && llvm::any_of(decl->getAttrs(), [](auto *attr) {
+           if (auto swiftAttr = dyn_cast<clang::SwiftAttrAttr>(attr))
+             return swiftAttr->getAttribute() == "import_owned_value";
+           return false;
+         });
+}
+
+static bool hasUnsafeAPIAttr(const clang::Decl *decl) {
+  return decl->hasAttrs() && llvm::any_of(decl->getAttrs(), [](auto *attr) {
+           if (auto swiftAttr = dyn_cast<clang::SwiftAttrAttr>(attr))
+             return swiftAttr->getAttribute() == "import_unsafe_api";
+           return false;
+         });
+}
+
+/// Recursively checks that there are no pointers in any fields or base classes.
+/// Does not check C++ records with specific API annotations.
+static bool hasPointerInSubobjects(const clang::CXXRecordDecl *decl) {
+  auto checkType = [](clang::QualType t) {
+    if (t->isPointerType())
+      return false;
+
+    if (auto recordType = dyn_cast<clang::RecordType>(t)) {
+      if (auto cxxRecord =
+              dyn_cast<clang::CXXRecordDecl>(recordType->getDecl())) {
+        if (hasImportAsRefAttr(cxxRecord) || hasOwnedValueAttr(cxxRecord) ||
+            hasUnsafeAPIAttr(cxxRecord))
+          return true;
+
+        if (!hasPointerInSubobjects(cxxRecord))
+          return false;
+      }
+    }
+
+    return true;
+  };
+
+  for (auto field : decl->fields()) {
+    if (!checkType(field->getType()))
+      return false;
+  }
+
+  for (auto base : decl->bases()) {
+    if (!checkType(base.getType()))
+      return false;
+  }
+
+  return true;
+}
+
+/// Recursively checks that there are no user-provided copy constructors or
+/// destructors in any fields or base classes.
+/// Does not check C++ records with specific API annotations.
+static bool isSufficientlyTrivial(const clang::CXXRecordDecl *decl) {
+  if (decl->hasUserDeclaredCopyConstructor() ||
+      decl->hasUserDeclaredCopyAssignment() ||
+      decl->hasUserDeclaredDestructor())
+    return false;
+
+  auto checkType = [](clang::QualType t) {
+    if (auto recordType = dyn_cast<clang::RecordType>(t)) {
+      if (auto cxxRecord =
+              dyn_cast<clang::CXXRecordDecl>(recordType->getDecl())) {
+        if (hasImportAsRefAttr(cxxRecord) || hasOwnedValueAttr(cxxRecord) ||
+            hasUnsafeAPIAttr(cxxRecord))
+          return true;
+
+        if (!isSufficientlyTrivial(cxxRecord))
+          return false;
+      }
+    }
+
+    return true;
+  };
+
+  for (auto field : decl->fields()) {
+    if (!checkType(field->getType()))
+      return false;
+  }
+
+  for (auto base : decl->bases()) {
+    if (!checkType(base.getType()))
+      return false;
+  }
+
+  return true;
+}
+
+/// Checks if a record provides the required value type lifetime operations
+/// (copy and destroy).
+static bool hasRequiredValueTypeOperations(const clang::CXXRecordDecl *decl) {
+  if (auto dtor = decl->getDestructor()) {
+    if (dtor->isDeleted() || dtor->getAccess() != clang::AS_public) {
+      return false;
+    }
+  }
+
+  // If we have no way of copying the type we can't import the class
+  // at all because we cannot express the correct semantics as a swift
+  // struct.
+  if (llvm::any_of(decl->ctors(), [](clang::CXXConstructorDecl *ctor) {
+        return ctor->isCopyConstructor() &&
+               (ctor->isDeleted() || ctor->getAccess() != clang::AS_public);
+      }))
+    return false;
+
+  return true;
+}
+
+CxxRecordSemanticsKind
+CxxRecordSemantics::evaluate(Evaluator &evaluator,
+                             CxxRecordSemanticsDescriptor desc) const {
+  const auto *decl = desc.decl;
+
+  // Hard-coded special cases from the standard library (this will go away once
+  // API notes support namespaces).
+  if (decl->getNameAsString() == "basic_string" ||
+      decl->getNameAsString() == "vector")
+    return CxxRecordSemanticsKind::Owned;
+
+  if (hasImportAsRefAttr(decl))
+    return CxxRecordSemanticsKind::Reference;
+
+  // TODO: diagnose if the decl also has any attrs.
+  if (hasRequiredValueTypeOperations(decl))
+    return CxxRecordSemanticsKind::UnsafeLifetimeOperation;
+
+  if (hasUnsafeAPIAttr(decl))
+    return CxxRecordSemanticsKind::ExplicitlyUnsafe;
+
+  if (hasOwnedValueAttr(decl))
+    return CxxRecordSemanticsKind::Owned;
+
+  if (!isSufficientlyTrivial(decl))
+    return CxxRecordSemanticsKind::UnsafeLifetimeOperation;
+
+  if (hasPointerInSubobjects(decl))
+    return CxxRecordSemanticsKind::UnsafePointerMember;
+
+  return CxxRecordSemanticsKind::Trivial;
+}
+
+// TODO: rename to "is acceptable use of cxx record" (as some unsafe uses are OK).
+bool
+IsSafeUseOfCxxRecord::evaluate(Evaluator &evaluator,
+                               SafeUseOfCxxRecordDescriptor desc) const {
+  const clang::CXXRecordDecl *decl = desc.recordDecl;
+
+  auto semanticsKind = evaluateOrDefault(evaluator,
+                                         CxxRecordSemantics({decl}), {});
+
+  // Always unsafe.
+  if (semanticsKind == CxxRecordSemanticsKind::UnsafeLifetimeOperation)
+    return false;
+
+  // Always OK.
+  if (semanticsKind == CxxRecordSemanticsKind::Trivial ||
+      semanticsKind == CxxRecordSemanticsKind::Reference ||
+      semanticsKind == CxxRecordSemanticsKind::Owned ||
+      // Maybe in the future this should warn.
+      semanticsKind == CxxRecordSemanticsKind::ExplicitlyUnsafe)
+    return true;
+
+  assert(semanticsKind == CxxRecordSemanticsKind::UnsafePointerMember);
+  // We can't dis-allow *all* APIs that potentially return unsafe projections
+  // because this would break ObjC interop. So only do this when it's a known
+  // C++ API (maybe this could warn in a specific compiler mode, though).
+  return desc.kind != CxxRecordUseKind::CxxReturnType;
+}
+
+void swift::simple_display(llvm::raw_ostream &out,
+                           CxxRecordSemanticsDescriptor desc)  {
+  out << "Matching API semantics of C++ record '"
+      << desc.decl->getNameAsString()
+      << "'.\n";
+}
+
+SourceLoc
+swift::extractNearestSourceLoc(CxxRecordSemanticsDescriptor desc) {
+  return SourceLoc();
+}
+
+void swift::simple_display(llvm::raw_ostream &out,
+                           SafeUseOfCxxRecordDescriptor desc)  {
+  out << "Checking if '"
+      << desc.recordDecl->getNameAsString()
+      << "' is safe to use in context.\n";
+}
+
+SourceLoc
+swift::extractNearestSourceLoc(SafeUseOfCxxRecordDescriptor desc) {
+  return SourceLoc();
+}