Skip to content

Merge release/6.2 into main #684

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 30, 2025
Merged

Merge release/6.2 into main #684

merged 4 commits into from
Jul 30, 2025

Conversation

github-actions[bot]
Copy link

This PR was automatically opened by a GitHub action. Review the changes included in this PR and determine if they should be included in the release branch. If yes, merge the PR. Otherwise revert changes that should not be included on this branch.

jakepetroules and others added 4 commits July 28, 2025 14:17
@jakepetroules
Fix hang in ServiceConsoleTests.serviceShutdown
9b8690f 
This hang occurred only in CI environments and only on Linux. Here's the sequence of events:

- Test terminates swbuild using SIGKILL
- OS reparents SWBBuildService (a subprocess of swbuild) to launchd (Darwin) / init (others)
- OS closes the file descriptors for the I/O pipes swbuild has connected to SWBBuildService
- SWBBuildService's read() loop indicates EOF due to the broken pipe
- SWBBuildService causes itself to exit

At this point, the getpgid loop should return ERSCH and terminate the test. However, SWBBuildService is sticking around as a zombie for an extended period of time without init reaping the pid, causing getpgid to never hit the termination state. This causes the test to hang indefinitely.

To fix this, there are two aspects:

- A timeout is added around the termination monitoring loop that forces the exit promise to be fulfilled with an error if a 30-second interval elapses without the process exiting
- We switch from using a getpgid loop to using a waitid loop, where the terminal state is that the process has _exited_... we don't care if the zombie hasn't been collected by init, only that it's not in a running state

This fixes the hang for both the Jenkins based CI as well as GitHub actions, and also insulates us against future hangs by ensuring the test will terminate with a timeout error instead of hanging indefinitely, so that we at least know _which_ test is the problem.
@jakepetroules
Drop support for Focal in GitHub Actions CI
3a6915e 
Per https://forums.swift.org/t/dropping-support-for-ubuntu-20-04/81109, the Swift project is dropping support for Ubuntu 20.04 (Focal) beginning in Swift 6.2 and later, so remove it from our testing matrix (it's failing now anyways).
@jakepetroules
Fix incorrect error code propagation in CodeSignatureInfo.load
c6273fa 
In the CodeSignatureInfo.load method, when SecCodeCopySigningInformation fails,
the code was incorrectly throwing MacError(result) instead of MacError(result2).
This caused misleading error messages since it propagated the error code from
the previous SecStaticCodeCreateWithPath call rather than the actual failing
SecCodeCopySigningInformation call.

The fix ensures accurate error reporting for code signing verification failures.
@devincoughlin @jakepetroules
Add compiler build settings for Enhanced Security
b233171 
Add a new "Security" build settings group and an
"Enhanced Security" build setting that enables a number of security
settings at once, including:
    * Enabling pointer authentication
    * Enabling the typed allocator
    * Enabling hardened libc++
    * Enabling stack zero initialization
    * Enabling security relevant compiler warnings

The goal is that enabling the Enhanced Security build setting
should enable all of these other settings by default and that
projects will be able to explicitly disable individual settings if needed.

rdar://151195113
@jakepetroules
Copy link
Collaborator

@swift-ci test

@jakepetroules jakepetroules marked this pull request as ready for review July 29, 2025 21:49
@jakepetroules jakepetroules enabled auto-merge (rebase) July 29, 2025 21:49
@jakepetroules jakepetroules disabled auto-merge July 29, 2025 21:50
@jakepetroules jakepetroules enabled auto-merge July 29, 2025 21:50
@jakepetroules jakepetroules merged commit ff9c29c into main Jul 30, 2025
3 checks passed
@jakepetroules jakepetroules deleted the automerge/merge-main-2025-07-29_21-41 branch July 30, 2025 03:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakepetroules jakepetroules jakepetroules approved these changes

@mhrawdon mhrawdon mhrawdon approved these changes

@aciidgh aciidgh Awaiting requested review from aciidgh aciidgh is a code owner

@mirza-garibovic mirza-garibovic Awaiting requested review from mirza-garibovic mirza-garibovic is a code owner

@neonichu neonichu Awaiting requested review from neonichu neonichu is a code owner

@owenv owenv Awaiting requested review from owenv owenv is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jakepetroules @mhrawdon @devincoughlin