The `-Winvalid-offsetof` warning is valid in this case. `offsetof` is
being applied to types with a non-standard layout. The layout of this
type is undefined by the specification. There is no guarantee that the
type layout is uniform across all ABIs. It is not possible to portably
compute the offset statically, especially efficiently.
Sink this check into a unit test to avoid performing this test at
runtime. In order to do this in the standard library, we would need to
do this check through a global constructor.
When fixing the previous problem, I should have realised that this
would cascade; the `@_specialize` annotations refer to the cached
versions of the types, and those are now turned off except on macOS
and Linux because they rely on the uncached versions, which are only
available on macOS and Linux.
rdar://144023438
To do this we also need to fix AddSwiftStdlib because if you set the
`INSTALL_WITH_SHARED` flag, the CMake scripts don't make a target
with the `-static` suffix, but AddSwiftStdlib also assumes that it
should dad `-static` to any module dependencies when building a
static library.
We should harden the output path setting so that it can't be used
as part of an exploit to get a crashing process to overwrite a
file at an attacker-controller path, or to divert the crash report
to `/dev/null` to hide their tracks or other such undesirable
activity.
Take a copy of the setting at start-up and write-protect it to
prevent attackers overwriting it.
Note that we already protect against attempts to trigger the
backtracer from privileged programs (both on Darwin and Linux);
this is really a belt and braces measure to make life harder for
attackers.
rdar://136977833
If this function is inlined, the optimizer can shrink the lifetime of the `args` parameter. This would deallocate the passed arguments (e.g. `NSString`s) before the are used in the closure.
This silences some of the newer warnings about the casting of function
pointers which is technically not permitted by the standard (function
and data pointers are not guaranteed to be the same).
Add the ability to specify a filename or directory name as the output-to
setting in `SWIFT_BACKTRACE`. If the option is set to a directory name,
generate a unique filename in that directory using the process name,
process ID and timestamp.
rdar://136977833
Remove the multiple definitions of `std::bit_cast` into a header. While
this is still not great, it does reduce the duplication. This also
silently works towards reducing a bit of the UB introduced here by
adding an inline namespace for `std` which you are not technically
allowed to use. However, by doing this, we have a clear migration path
away from this once we adopt C++20.
Support adding safe wrappers for APIs returning std::span depending on
the this object. This also fixes an issue for APIs with 0 parameters.
rdar://139074571
Added some explanatory text to the Compact Backtrace Format
documentation, and also to the `CMakeLists.txt` for the runtime.
Tweaked the conversions for `Backtrace.Address` to truncate, which
should result in reasonable behaviour for negative fixed-width
integers.
Use a constant for the ASCII values for `/` and `\` in the Compact
Image Format encoder/decoder.
Make the TSD key for `ElfImageCache` non-optional, and call
`fatalError()` if we don't get one.
rdar://124913332
It's useful to capture the platform and platform version with the image map.
Also, display both the platform and architecture information when generating
a crash log.
rdar://124913332
The C++ standard does not guarantee that the code and data pointers are
interchangeable. Recent enhancements to clang now properly identify the
improper `reinterpret_cast` between function types. Silence the warning
by switching to `std::bit_cast`. Unfortunately, this is a C++20 feature
and we are still on C++17. In the case that the compiler doesn't have a
`bit_cast` implementation, fallback with some UB to a local definition.
