To do this we also need to fix AddSwiftStdlib because if you set the
`INSTALL_WITH_SHARED` flag, the CMake scripts don't make a target
with the `-static` suffix, but AddSwiftStdlib also assumes that it
should dad `-static` to any module dependencies when building a
static library.
We should harden the output path setting so that it can't be used
as part of an exploit to get a crashing process to overwrite a
file at an attacker-controller path, or to divert the crash report
to `/dev/null` to hide their tracks or other such undesirable
activity.
Take a copy of the setting at start-up and write-protect it to
prevent attackers overwriting it.
Note that we already protect against attempts to trigger the
backtracer from privileged programs (both on Darwin and Linux);
this is really a belt and braces measure to make life harder for
attackers.
rdar://136977833
If this function is inlined, the optimizer can shrink the lifetime of the `args` parameter. This would deallocate the passed arguments (e.g. `NSString`s) before the are used in the closure.
This silences some of the newer warnings about the casting of function
pointers which is technically not permitted by the standard (function
and data pointers are not guaranteed to be the same).
Add the ability to specify a filename or directory name as the output-to
setting in `SWIFT_BACKTRACE`. If the option is set to a directory name,
generate a unique filename in that directory using the process name,
process ID and timestamp.
rdar://136977833
Remove the multiple definitions of `std::bit_cast` into a header. While
this is still not great, it does reduce the duplication. This also
silently works towards reducing a bit of the UB introduced here by
adding an inline namespace for `std` which you are not technically
allowed to use. However, by doing this, we have a clear migration path
away from this once we adopt C++20.
Support adding safe wrappers for APIs returning std::span depending on
the this object. This also fixes an issue for APIs with 0 parameters.
rdar://139074571
Added some explanatory text to the Compact Backtrace Format
documentation, and also to the `CMakeLists.txt` for the runtime.
Tweaked the conversions for `Backtrace.Address` to truncate, which
should result in reasonable behaviour for negative fixed-width
integers.
Use a constant for the ASCII values for `/` and `\` in the Compact
Image Format encoder/decoder.
Make the TSD key for `ElfImageCache` non-optional, and call
`fatalError()` if we don't get one.
rdar://124913332
It's useful to capture the platform and platform version with the image map.
Also, display both the platform and architecture information when generating
a crash log.
rdar://124913332
The C++ standard does not guarantee that the code and data pointers are
interchangeable. Recent enhancements to clang now properly identify the
improper `reinterpret_cast` between function types. Silence the warning
by switching to `std::bit_cast`. Unfortunately, this is a C++20 feature
and we are still on C++17. In the case that the compiler doesn't have a
`bit_cast` implementation, fallback with some UB to a local definition.
rdar://143401725
Replacing the (non-inlined) call to `swift_once` with a relaxed atomic significantly improves the generated code and reduces the memory footprint. The mechanism itself now does not cause a stack frame to be generated and the expected case (no override) should be perfectly predicted and executed in straight line code. The override case should also be well predicted, with only two branches on the same value.
In the Dispatch implementation, clamp the delay to INT64_MAX. Swift's nanoseconds value is unsigned, but we ultimately use it with dispatch_time, which takes a signed int64_t. Extremely large values get interpreted as negative, which results in not sleeping.
INT64_MAX nanoseconds is about 292 years, so it should be difficult to notice a practical effect from sleeping for less time than requested due to the clamping.
rdar://143278824
If we ended up with a `/` at the beginning of a string segment, we
were erroneously not adding to the expansion dictionary when we
should have been.
rdar://124913332
Our Bazel builds have become more strict about libc++
dependencies recently, so these are required to pick up
declarations of `malloc` and `uint32_t`, respectively.
Also removed a spurious `print()` that got left in by accident,
and disabled the `CodableBacktrace.swift` test on Linux since we
need Foundation and we don't have it there.
rdar://124913332
