├── .gitignore
├── Makefile
├── README.md
├── README_current.json
├── book.json
├── book_current.json
├── node_modules
└── src
├── README.md
├── SUMMARY.md
├── appendix
├── README.md
└── reference.md
├── assets
├── favicon.ico
└── img
│ ├── string_discriminator.png
│ ├── struct_ida_car_init_func.png
│ ├── struct_ida_car_init_token.png
│ ├── swift_array_memory_layout.jpg
│ ├── swift_array_memory_layout_core.jpg
│ ├── swift_classmetadata_memory_layout.jpg
│ ├── swift_classmetadata_memory_layout_core.jpg
│ ├── swift_data_memory_layout.jpg
│ ├── swift_data_memory_layout_core.jpg
│ ├── swift_memory_layout_dict_core.jpg
│ ├── swift_memory_layout_dict_full.jpg
│ ├── swift_metadatakind_table.jpg
│ ├── swift_set_ida_definition.png
│ ├── swift_set_memory_layout.jpg
│ ├── swift_set_memory_layout_core.jpg
│ ├── swift_string_memory_layout.jpg
│ ├── swift_string_memory_layout_core.jpg
│ ├── swift_structmetadata_memory_layout.jpg
│ ├── swift_structmetadata_memory_layout_core.jpg
│ ├── swift_structure_memory_layout.jpg
│ ├── swift_structure_memory_layout_core.jpg
│ ├── swift_valuemetadata_and_vwt_memory_layout.jpg
│ ├── swift_valuemetadata_and_vwt_memory_layout_core.jpg
│ ├── swift_vwt.jpg
│ └── xcode_struct_protocol_car.png
├── common_type
├── README.md
├── array
│ ├── README.md
│ └── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ ├── src.md
│ │ └── text.md
├── bool
│ └── README.md
├── data
│ └── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ ├── src.md
│ │ └── text.md
├── dict
│ ├── README.md
│ └── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ ├── src.md
│ │ └── text.md
├── enum
│ └── README.md
├── int
│ └── README.md
├── set
│ ├── README.md
│ └── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ ├── src.md
│ │ └── text.md
├── string
│ ├── README.md
│ └── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ ├── src.md
│ │ └── text.md
├── struct
│ ├── README.md
│ └── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ ├── src.md
│ │ └── text.md
└── tuple
│ └── README.md
├── swift_basic
└── README.md
├── swift_common
├── README.md
├── metadatakind.md
├── typemetadata
│ ├── README.md
│ ├── classmetadata
│ │ ├── README.md
│ │ └── memory_layout
│ │ │ ├── README.md
│ │ │ ├── example.md
│ │ │ ├── figure.md
│ │ │ ├── ida_def.md
│ │ │ ├── src.md
│ │ │ └── text.md
│ └── valuemetadata
│ │ ├── README.md
│ │ ├── enummetadata.md
│ │ ├── structmetadata
│ │ ├── README.md
│ │ └── memory_layout
│ │ │ ├── README.md
│ │ │ ├── example.md
│ │ │ ├── figure.md
│ │ │ └── text.md
│ │ └── vwt
│ │ ├── README.md
│ │ ├── memory_layout
│ │ ├── README.md
│ │ ├── example.md
│ │ ├── figure.md
│ │ ├── ida_def.md
│ │ └── text.md
│ │ ├── src.md
│ │ └── vs_cpp.md
└── valuebuffer.md
├── swift_function
├── README.md
├── SwiftObject
│ ├── README.md
│ └── swift_getinitializedobjcclass.md
├── array
│ ├── README.md
│ └── formindex_after.md
├── set
│ ├── README.md
│ └── nativeset_unsafeinsertnew.md
└── unsafemutablebufferpointer
│ ├── README.md
│ └── init_start_count.md
├── swift_re_overview
├── README.md
└── mindmap.md
└── swift_re_related
├── README.md
├── dynamic_debug
└── README.md
└── static_analysis
├── README.md
├── export_header.md
└── ida
├── README.md
├── add_swift_definitions.md
└── swift_definitions
├── REDME.md
├── crifan_added.md
└── ida_builtin.md
/.gitignore:
--------------------------------------------------------------------------------
1 | node_modules/
2 | output/
3 | debug/
4 |
5 | *.zip
6 |
7 | .DS_Store
8 |
9 | !src/**/output
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | include ../../common/honkit_makefile.mk
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # iOS逆向:Swift逆向
2 |
3 | * 最新版本:`v1.9.0`
4 | * 更新时间:`20241226`
5 |
6 | ## 简介
7 |
8 | 整理iOS逆向期间,关于Swift逆向相关的各种知识。最开始是Swift逆向概览;其中包括脑图;然后是Swift基础知识;接着是逆向常会涉及到的Swift常用函数;然后是Swift逆向常涉及的方面,包括静态分析和动态调试,静态分析包括导出头文件和IDA分析;然后是最终要的,通用逻辑,包括TypeMetadata、VWT、StructMetadata以及ClassMetadata,和通用的MetadataKind等;然后是常用的类型,包括Array数组和内存布局详情、Bool变量、Data数据和内存布局详情、Dictionary字典和内存布局详情、Enum枚举、Set集合和内存布局详情、String字符串和内存布局详情、Struct结构体和内存布局详情、Tuple元祖。
9 |
10 | ## 源码+浏览+下载
11 |
12 | 本书的各种源码、在线浏览地址、多种格式文件下载如下:
13 |
14 | ### HonKit源码
15 |
16 | * [crifan/ios_re_swift_reverse: iOS逆向:Swift逆向](https://github.com/crifan/ios_re_swift_reverse)
17 |
18 | #### 如何使用此HonKit源码去生成发布为电子书
19 |
20 | 详见:[crifan/honkit_template: demo how to use crifan honkit template and demo](https://github.com/crifan/honkit_template)
21 |
22 | ### 在线浏览
23 |
24 | * [iOS逆向:Swift逆向 book.crifan.org](https://book.crifan.org/books/ios_re_swift_reverse/website/)
25 | * [iOS逆向:Swift逆向 crifan.github.io](https://crifan.github.io/ios_re_swift_reverse/website/)
26 |
27 | ### 离线下载阅读
28 |
29 | * [iOS逆向:Swift逆向 PDF](https://book.crifan.org/books/ios_re_swift_reverse/pdf/ios_re_swift_reverse.pdf)
30 | * [iOS逆向:Swift逆向 ePub](https://book.crifan.org/books/ios_re_swift_reverse/epub/ios_re_swift_reverse.epub)
31 | * [iOS逆向:Swift逆向 Mobi](https://book.crifan.org/books/ios_re_swift_reverse/mobi/ios_re_swift_reverse.mobi)
32 |
33 | ## 版权和用途说明
34 |
35 | 此电子书教程的全部内容,如无特别说明,均为本人原创。其中部分内容参考自网络,均已备注了出处。如发现有侵权,请通过邮箱联系我 `admin 艾特 crifan.com`,我会尽快删除。谢谢合作。
36 |
37 | 各种技术类教程,仅作为学习和研究使用。请勿用于任何非法用途。如有非法用途,均与本人无关。
38 |
39 | ## 鸣谢
40 |
41 | 感谢我的老婆**陈雪**的包容理解和悉心照料,才使得我`crifan`有更多精力去专注技术专研和整理归纳出这些电子书和技术教程,特此鸣谢。
42 |
43 | ## 其他
44 |
45 | ### 作者的其他电子书
46 |
47 | 本人`crifan`还写了其他`150+`本电子书教程,感兴趣可移步至:
48 |
49 | [crifan/crifan_ebook_readme: Crifan的电子书的使用说明](https://github.com/crifan/crifan_ebook_readme)
50 |
51 | ### 关于作者
52 |
53 | 关于作者更多介绍,详见:
54 |
55 | [关于CrifanLi李茂 – 在路上](https://www.crifan.org/about/)
56 |
--------------------------------------------------------------------------------
/README_current.json:
--------------------------------------------------------------------------------
1 | {
2 | "latestVersion": "v1.9.0",
3 | "lastUpdate": "20241226",
4 | "gitRepoName": "ios_re_swift_reverse",
5 | "bookName": "iOS逆向:Swift逆向",
6 | "bookDescription": "整理iOS逆向期间,关于Swift逆向相关的各种知识。最开始是Swift逆向概览;其中包括脑图;然后是Swift基础知识;接着是逆向常会涉及到的Swift常用函数;然后是Swift逆向常涉及的方面,包括静态分析和动态调试,静态分析包括导出头文件和IDA分析;然后是最终要的,通用逻辑,包括TypeMetadata、VWT、StructMetadata以及ClassMetadata,和通用的MetadataKind等;然后是常用的类型,包括Array数组和内存布局详情、Bool变量、Data数据和内存布局详情、Dictionary字典和内存布局详情、Enum枚举、Set集合和内存布局详情、String字符串和内存布局详情、Struct结构体和内存布局详情、Tuple元祖。"
7 | }
--------------------------------------------------------------------------------
/book.json:
--------------------------------------------------------------------------------
1 | {
2 | "title": "iOS逆向:Swift逆向",
3 | "description": "整理iOS逆向期间,关于Swift逆向相关的各种知识。最开始是Swift逆向概览;其中包括脑图;然后是Swift基础知识;接着是逆向常会涉及到的Swift常用函数;然后是Swift逆向常涉及的方面,包括静态分析和动态调试,静态分析包括导出头文件和IDA分析;然后是最终要的,通用逻辑,包括TypeMetadata、VWT、StructMetadata以及ClassMetadata,和通用的MetadataKind等;然后是常用的类型,包括Array数组和内存布局详情、Bool变量、Data数据和内存布局详情、Dictionary字典和内存布局详情、Enum枚举、Set集合和内存布局详情、String字符串和内存布局详情、Struct结构体和内存布局详情、Tuple元祖。",
4 | "pluginsConfig": {
5 | "github-buttons": {
6 | "buttons": [
7 | {
8 | "repo": "ios_re_swift_reverse",
9 | "user": "crifan",
10 | "type": "star",
11 | "count": true,
12 | "size": "small"
13 | },
14 | {
15 | "user": "crifan",
16 | "type": "follow",
17 | "width": "120",
18 | "count": false,
19 | "size": "small"
20 | }
21 | ]
22 | },
23 | "sitemap-general": {
24 | "prefix": "https://book.crifan.org/books/ios_re_swift_reverse/website/"
25 | },
26 | "toolbar-button": {
27 | "url": "https://book.crifan.org/books/ios_re_swift_reverse/pdf/ios_re_swift_reverse.pdf",
28 | "icon": "fa-file-pdf-o",
29 | "label": "下载PDF"
30 | },
31 | "theme-default": {
32 | "showLevel": true
33 | },
34 | "disqus": {
35 | "shortName": "crifan"
36 | },
37 | "prism": {
38 | "css": [
39 | "prism-themes/themes/prism-atom-dark.css"
40 | ]
41 | },
42 | "sharing": {
43 | "douban": false,
44 | "facebook": true,
45 | "google": false,
46 | "hatenaBookmark": false,
47 | "instapaper": false,
48 | "line": false,
49 | "linkedin": false,
50 | "messenger": false,
51 | "pocket": false,
52 | "qq": true,
53 | "qzone": false,
54 | "stumbleupon": false,
55 | "twitter": true,
56 | "viber": false,
57 | "vk": false,
58 | "weibo": true,
59 | "whatsapp": false,
60 | "all": [
61 | "douban",
62 | "facebook",
63 | "google",
64 | "instapaper",
65 | "line",
66 | "linkedin",
67 | "messenger",
68 | "pocket",
69 | "qq",
70 | "qzone",
71 | "stumbleupon",
72 | "twitter",
73 | "viber",
74 | "vk",
75 | "weibo",
76 | "whatsapp"
77 | ]
78 | },
79 | "tbfed-pagefooter": {
80 | "copyright": "crifan.org,使用署名4.0国际(CC BY 4.0)协议发布",
81 | "modify_label": "最后更新:",
82 | "modify_format": "YYYY-MM-DD HH:mm:ss"
83 | },
84 | "donate": {
85 | "wechat": "https://www.crifan.org/files/res/crifan_com/crifan_wechat_pay.jpg",
86 | "alipay": "https://www.crifan.org/files/res/crifan_com/crifan_alipay_pay.jpg",
87 | "title": "",
88 | "button": "打赏",
89 | "alipayText": "支付宝打赏给Crifan",
90 | "wechatText": "微信打赏给Crifan"
91 | }
92 | },
93 | "author": "Crifan Li ",
94 | "language": "zh-hans",
95 | "root": "./src",
96 | "links": {
97 | "sidebar": {
98 | "主页": "http://www.crifan.org"
99 | }
100 | },
101 | "plugins": [
102 | "theme-comscore",
103 | "anchors",
104 | "expandable-menu",
105 | "-lunr",
106 | "-search",
107 | "search-plus",
108 | "disqus",
109 | "-highlight",
110 | "prism",
111 | "prism-themes",
112 | "github-buttons",
113 | "-splitter",
114 | "splitter-nosessionbutcookie",
115 | "-sharing",
116 | "sharing-plus",
117 | "tbfed-pagefooter",
118 | "donate",
119 | "sitemap-general",
120 | "copy-code-button",
121 | "blockquote-callout",
122 | "toolbar-button"
123 | ]
124 | }
--------------------------------------------------------------------------------
/book_current.json:
--------------------------------------------------------------------------------
1 | {
2 | "title": "iOS逆向:Swift逆向",
3 | "description": "整理iOS逆向期间,关于Swift逆向相关的各种知识。最开始是Swift逆向概览;其中包括脑图;然后是Swift基础知识;接着是逆向常会涉及到的Swift常用函数;然后是Swift逆向常涉及的方面,包括静态分析和动态调试,静态分析包括导出头文件和IDA分析;然后是最终要的,通用逻辑,包括TypeMetadata、VWT、StructMetadata以及ClassMetadata,和通用的MetadataKind等;然后是常用的类型,包括Array数组和内存布局详情、Bool变量、Data数据和内存布局详情、Dictionary字典和内存布局详情、Enum枚举、Set集合和内存布局详情、String字符串和内存布局详情、Struct结构体和内存布局详情、Tuple元祖。",
4 | "pluginsConfig": {
5 | "github-buttons": {
6 | "buttons": [
7 | {
8 | "repo": "ios_re_swift_reverse"
9 | }
10 | ]
11 | },
12 | "sitemap-general": {
13 | "prefix": "https://book.crifan.org/books/ios_re_swift_reverse/website/"
14 | },
15 | "toolbar-button": {
16 | "url": "https://book.crifan.org/books/ios_re_swift_reverse/pdf/ios_re_swift_reverse.pdf"
17 | }
18 | }
19 | }
--------------------------------------------------------------------------------
/node_modules:
--------------------------------------------------------------------------------
1 | ../../generated/honkit/node_modules
--------------------------------------------------------------------------------
/src/README.md:
--------------------------------------------------------------------------------
1 | # iOS逆向:Swift逆向
2 |
3 | * 最新版本:`v1.9.0`
4 | * 更新时间:`20241226`
5 |
6 | ## 简介
7 |
8 | 整理iOS逆向期间,关于Swift逆向相关的各种知识。最开始是Swift逆向概览;其中包括脑图;然后是Swift基础知识;接着是逆向常会涉及到的Swift常用函数;然后是Swift逆向常涉及的方面,包括静态分析和动态调试,静态分析包括导出头文件和IDA分析;然后是最终要的,通用逻辑,包括TypeMetadata、VWT、StructMetadata以及ClassMetadata,和通用的MetadataKind等;然后是常用的类型,包括Array数组和内存布局详情、Bool变量、Data数据和内存布局详情、Dictionary字典和内存布局详情、Enum枚举、Set集合和内存布局详情、String字符串和内存布局详情、Struct结构体和内存布局详情、Tuple元祖。
9 |
10 | ## 源码+浏览+下载
11 |
12 | 本书的各种源码、在线浏览地址、多种格式文件下载如下:
13 |
14 | ### HonKit源码
15 |
16 | * [crifan/ios_re_swift_reverse: iOS逆向:Swift逆向](https://github.com/crifan/ios_re_swift_reverse)
17 |
18 | #### 如何使用此HonKit源码去生成发布为电子书
19 |
20 | 详见:[crifan/honkit_template: demo how to use crifan honkit template and demo](https://github.com/crifan/honkit_template)
21 |
22 | ### 在线浏览
23 |
24 | * [iOS逆向:Swift逆向 book.crifan.org](https://book.crifan.org/books/ios_re_swift_reverse/website/)
25 | * [iOS逆向:Swift逆向 crifan.github.io](https://crifan.github.io/ios_re_swift_reverse/website/)
26 |
27 | ### 离线下载阅读
28 |
29 | * [iOS逆向:Swift逆向 PDF](https://book.crifan.org/books/ios_re_swift_reverse/pdf/ios_re_swift_reverse.pdf)
30 | * [iOS逆向:Swift逆向 ePub](https://book.crifan.org/books/ios_re_swift_reverse/epub/ios_re_swift_reverse.epub)
31 | * [iOS逆向:Swift逆向 Mobi](https://book.crifan.org/books/ios_re_swift_reverse/mobi/ios_re_swift_reverse.mobi)
32 |
33 | ## 版权和用途说明
34 |
35 | 此电子书教程的全部内容,如无特别说明,均为本人原创。其中部分内容参考自网络,均已备注了出处。如发现有侵权,请通过邮箱联系我 `admin 艾特 crifan.com`,我会尽快删除。谢谢合作。
36 |
37 | 各种技术类教程,仅作为学习和研究使用。请勿用于任何非法用途。如有非法用途,均与本人无关。
38 |
39 | ## 鸣谢
40 |
41 | 感谢我的老婆**陈雪**的包容理解和悉心照料,才使得我`crifan`有更多精力去专注技术专研和整理归纳出这些电子书和技术教程,特此鸣谢。
42 |
43 | ## 其他
44 |
45 | ### 作者的其他电子书
46 |
47 | 本人`crifan`还写了其他`150+`本电子书教程,感兴趣可移步至:
48 |
49 | [crifan/crifan_ebook_readme: Crifan的电子书的使用说明](https://github.com/crifan/crifan_ebook_readme)
50 |
51 | ### 关于作者
52 |
53 | 关于作者更多介绍,详见:
54 |
55 | [关于CrifanLi李茂 – 在路上](https://www.crifan.org/about/)
56 |
--------------------------------------------------------------------------------
/src/SUMMARY.md:
--------------------------------------------------------------------------------
1 | # iOS逆向:Swift逆向
2 |
3 | * [前言](README.md)
4 | * [Swift逆向概览](swift_re_overview/README.md)
5 | * [Swift逆向脑图](swift_re_overview/mindmap.md)
6 | * [Swift基础知识](swift_basic/README.md)
7 | * [Swift函数](swift_function/README.md)
8 | * [SwiftObject](swift_function/SwiftObject/README.md)
9 | * [swift_getInitializedObjCClass](swift_function/SwiftObject/swift_getinitializedobjcclass.md)
10 | * [UnsafeMutableBufferPointer](swift_function/unsafemutablebufferpointer/README.md)
11 | * [init(start:count:)](swift_function/unsafemutablebufferpointer/init_start_count.md)
12 | * [Array](swift_function/array/README.md)
13 | * [formIndex(after:)](swift_function/array/formindex_after.md)
14 | * [Set](swift_function/set/README.md)
15 | * [_NativeSet._unsafeInsertNew](swift_function/set/nativeset_unsafeinsertnew.md)
16 | * [Swift逆向相关](swift_re_related/README.md)
17 | * [静态分析](swift_re_related/static_analysis/README.md)
18 | * [导出头文件](swift_re_related/static_analysis/export_header.md)
19 | * [IDA分析](swift_re_related/static_analysis/ida/README.md)
20 | * [IDA中Swift相关定义](swift_re_related/static_analysis/ida/swift_definitions/REDME.md)
21 | * [IDA自带Swift相关定义](swift_re_related/static_analysis/ida/swift_definitions/ida_builtin.md)
22 | * [Crifan新增Swift相关定义](swift_re_related/static_analysis/ida/swift_definitions/crifan_added.md)
23 | * [动态调试](swift_re_related/dynamic_debug/README.md)
24 | * [Swift通用逻辑](swift_common/README.md)
25 | * [TypeMetadata](swift_common/typemetadata/README.md)
26 | * [ValueMetadata](swift_common/typemetadata/valuemetadata/README.md)
27 | * [VWT](swift_common/typemetadata/valuemetadata/vwt/README.md)
28 | * [内存布局](swift_common/typemetadata/valuemetadata/vwt/memory_layout/README.md)
29 | * [图](swift_common/typemetadata/valuemetadata/vwt/memory_layout/figure.md)
30 | * [文字](swift_common/typemetadata/valuemetadata/vwt/memory_layout/text.md)
31 | * [IDA定义](swift_common/typemetadata/valuemetadata/vwt/memory_layout/ida_def.md)
32 | * [举例](swift_common/typemetadata/valuemetadata/vwt/memory_layout/example.md)
33 | * [Swift源码](swift_common/typemetadata/valuemetadata/vwt/src.md)
34 | * [和C++对应关系](swift_common/typemetadata/valuemetadata/vwt/vs_cpp.md)
35 | * [StructMetadata](swift_common/typemetadata/valuemetadata/structmetadata/README.md)
36 | * [内存布局](swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/README.md)
37 | * [图](swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/figure.md)
38 | * [文字](swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/text.md)
39 | * [举例](swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/example.md)
40 | * [EnumMetadata](swift_common/typemetadata/valuemetadata/enummetadata.md)
41 | * [ClassMetadata](swift_common/typemetadata/classmetadata/README.md)
42 | * [内存布局](swift_common/typemetadata/classmetadata/memory_layout/README.md)
43 | * [图](swift_common/typemetadata/classmetadata/memory_layout/figure.md)
44 | * [文字](swift_common/typemetadata/classmetadata/memory_layout/text.md)
45 | * [Swift源码](swift_common/typemetadata/classmetadata/memory_layout/src.md)
46 | * [IDA定义](swift_common/typemetadata/classmetadata/memory_layout/ida_def.md)
47 | * [举例](swift_common/typemetadata/classmetadata/memory_layout/example.md)
48 | * [MetadataKind](swift_common/metadatakind.md)
49 | * [常用类型](common_type/README.md)
50 | * [Array数组](common_type/array/README.md)
51 | * [内存布局](common_type/array/memory_layout/README.md)
52 | * [图](common_type/array/memory_layout/figure.md)
53 | * [文字](common_type/array/memory_layout/text.md)
54 | * [Swift源码](common_type/array/memory_layout/src.md)
55 | * [IDA定义](common_type/array/memory_layout/ida_def.md)
56 | * [举例](common_type/array/memory_layout/example.md)
57 | * [Bool布尔](common_type/bool/README.md)
58 | * [Data数据](common_type/struct/README.md)
59 | * [内存布局](common_type/data/memory_layout/README.md)
60 | * [图](common_type/data/memory_layout/figure.md)
61 | * [文字](common_type/data/memory_layout/text.md)
62 | * [Swift源码](common_type/data/memory_layout/src.md)
63 | * [IDA定义](common_type/data/memory_layout/ida_def.md)
64 | * [举例](common_type/data/memory_layout/example.md)
65 | * [Dictionary字典](common_type/dict/README.md)
66 | * [内存布局](common_type/dict/memory_layout/README.md)
67 | * [图](common_type/dict/memory_layout/figure.md)
68 | * [文字](common_type/dict/memory_layout/text.md)
69 | * [Swift源码](common_type/dict/memory_layout/src.md)
70 | * [IDA定义](common_type/dict/memory_layout/ida_def.md)
71 | * [举例](common_type/dict/memory_layout/example.md)
72 | * [Enum枚举](common_type/enum/README.md)
73 | * [Int整型](common_type/int/README.md)
74 | * [Set集合](common_type/set/README.md)
75 | * [内存布局](common_type/set/memory_layout/README.md)
76 | * [图](common_type/set/memory_layout/figure.md)
77 | * [文字](common_type/set/memory_layout/text.md)
78 | * [Swift源码](common_type/set/memory_layout/src.md)
79 | * [IDA定义](common_type/set/memory_layout/ida_def.md)
80 | * [举例](common_type/set/memory_layout/example.md)
81 | * [String字符串](common_type/string/README.md)
82 | * [内存布局](common_type/string/memory_layout/README.md)
83 | * [图](common_type/string/memory_layout/figure.md)
84 | * [文字](common_type/string/memory_layout/text.md)
85 | * [Swift源码](common_type/string/memory_layout/src.md)
86 | * [IDA定义](common_type/string/memory_layout/ida_def.md)
87 | * [举例](common_type/string/memory_layout/example.md)
88 | * [Struct结构体](common_type/struct/README.md)
89 | * [内存布局](common_type/struct/memory_layout/README.md)
90 | * [图](common_type/struct/memory_layout/figure.md)
91 | * [文字](common_type/struct/memory_layout/text.md)
92 | * [Swift源码](common_type/struct/memory_layout/src.md)
93 | * [IDA定义](common_type/struct/memory_layout/ida_def.md)
94 | * [举例](common_type/struct/memory_layout/example.md)
95 | * [Tuple元祖](common_type/tuple/README.md)
96 | * [附录](appendix/README.md)
97 | * [参考资料](appendix/reference.md)
98 |
--------------------------------------------------------------------------------
/src/appendix/README.md:
--------------------------------------------------------------------------------
1 | # 附录
2 |
3 | 下面列出相关参考资料。
4 |
--------------------------------------------------------------------------------
/src/appendix/reference.md:
--------------------------------------------------------------------------------
1 | # 参考资料
2 |
3 | * 【已解决】iOS逆向Swift:Dictionary字典的内存布局结构
4 | * 【已解决】iOS逆向Swift:找Swift的Dictionary字典的测试数据
5 | * 【整理】iOS逆向:去画Swift的Dictionary字典的内存布局结构图
6 | * 【未解决】iOS逆向WhatsApp:genWAABOfflineAssignSha256_10039E294
7 | * 【已解决】iOS逆向:Swift中String字符串的内部结构和逻辑
8 | * 【已解决】iOS逆向Swift:研究_unconditionallyBridgeFromObjectiveC后的SwiftString的值的逻辑和含义
9 | * 【未解决】iOS逆向Swift:String._unconditionallyBridgeFromObjectiveC
10 | * 【已解决】iOS逆向Swift:VWT=ValueWitnessTable=值见证表
11 | * 【已解决】iOS逆向Swift:IDA优化插入ValueWitnessTable结构体定义
12 | * 【已解决】iOS逆向Swift:IDA中自定义结构体中加上bit位的定义
13 | * 【已解决】iOS逆向Swift:Builtin.NativeObject的VWT
14 | * 【已解决】iOS逆向Swift:Data数据的内存布局结构
15 | * 【已解决】iOS逆向Swift:Data的InlineSlice内存布局举例
16 | * 【已解决】iOS逆向Swift:画Swift的Data数据的内存布局结构图
17 | * 【未解决】iOS逆向Swift:IDA中添加Swift的Data相关定义
18 | * 【已解决】iOS逆向Swift:画ClassMetadata的内存布局结构图
19 | * 【整理】iOS逆向:去画Swift的ValueMetadata和VWT的内存布局结构图
20 | * 【已解决】iOS逆向Swift:ClassMetadata的定义和内存布局
21 | * 【未解决】iOS逆向Swift:__DataStorage的ClassMetadata内存布局值举例
22 | * 【已解决】iOS逆向Swift:Metadata的type即元数据的类型定义
23 | * 【已解决】iOS逆向Swift:ValueMetadata的定义和内存布局结构
24 | * 【已解决】iOS逆向Swift:IDA中加上定义:ValueMetadata
25 | * 【已解决】iOS逆向Swift:StructMetadata的字段定义和内存布局结构
26 | * 【已解决】iOS逆向Swift:Swift中有几种Metadata
27 | * 【已解决】iOS逆向Swift:TypeMetadata=Type Metadata
28 | * 【已解决】iOS逆向Swift:IDA中添加ClassMetadata的定义
29 | * 【已解决】iOS逆向Swift:Array数组的内存布局
30 | * 【整理】iOS逆向:去画Swift的Array数组的内存布局结构图
31 | * 【已解决】iOS逆向Swift:StructMetadata的字段定义和内存布局结构
32 | * 【已解决】iOS逆向Swift:StructDescriptor
33 | * 【已解决】iOS逆向Swift:FieldDescriptor
34 | * 【已解决】iOS逆向Swift:画StructMetadata的内存布局图
35 | * 【整理】iOS逆向:去画Swift的String字符串的内存布局结构图
36 | * 【已解决】iOS逆向:Set集合的内存布局中如何判断哪组数据是有效的
37 | * 【已解决】iOS逆向Swift:Set集合的内存布局结构
38 | * 【已解决】iOS逆向Swift:Set集合的_rawElements之后的数据的存储逻辑
39 | * 【整理】iOS逆向:去画Swift的Set集合的内存布局结构图
40 | * 【未解决】iOS逆向Swift:__RawSetStorage
41 | * 【未解决】iOS逆向Swift:__SwiftNativeNSSet
42 | * 【已解决】iOS逆向Swift:给IDA中加上Set集合的结构体定义SwiftSet
43 | * 【已解决】iOS逆向Swift:Set中的偏移量0x38是什么值
44 | * 【已解决】iOS逆向Swift:Swift中有几种Metadata
45 | *
46 | * [初探Swift底层Metadata - 掘金](https://juejin.cn/post/6919034854159941645)
47 | * [swift-evolution/proposals/0247-contiguous-strings.md at main · apple/swift-evolution (github.com)](https://github.com/apple/swift-evolution/blob/main/proposals/0247-contiguous-strings.md)
48 | * [swift/docs/CppInteroperability/CppInteroperabilityManifesto.md at main · apple/swift](https://github.com/apple/swift/blob/main/docs/CppInteroperability/CppInteroperabilityManifesto.md)
49 | *
--------------------------------------------------------------------------------
/src/assets/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/favicon.ico
--------------------------------------------------------------------------------
/src/assets/img/string_discriminator.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/string_discriminator.png
--------------------------------------------------------------------------------
/src/assets/img/struct_ida_car_init_func.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/struct_ida_car_init_func.png
--------------------------------------------------------------------------------
/src/assets/img/struct_ida_car_init_token.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/struct_ida_car_init_token.png
--------------------------------------------------------------------------------
/src/assets/img/swift_array_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_array_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_array_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_array_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_classmetadata_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_classmetadata_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_classmetadata_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_classmetadata_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_data_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_data_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_data_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_data_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_memory_layout_dict_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_memory_layout_dict_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_memory_layout_dict_full.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_memory_layout_dict_full.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_metadatakind_table.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_metadatakind_table.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_set_ida_definition.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_set_ida_definition.png
--------------------------------------------------------------------------------
/src/assets/img/swift_set_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_set_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_set_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_set_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_string_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_string_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_string_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_string_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_structmetadata_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_structmetadata_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_structmetadata_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_structmetadata_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_structure_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_structure_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_structure_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_structure_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_valuemetadata_and_vwt_memory_layout.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_valuemetadata_and_vwt_memory_layout.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_valuemetadata_and_vwt_memory_layout_core.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_valuemetadata_and_vwt_memory_layout_core.jpg
--------------------------------------------------------------------------------
/src/assets/img/swift_vwt.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/swift_vwt.jpg
--------------------------------------------------------------------------------
/src/assets/img/xcode_struct_protocol_car.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/assets/img/xcode_struct_protocol_car.png
--------------------------------------------------------------------------------
/src/common_type/README.md:
--------------------------------------------------------------------------------
1 | # 常用类型
2 |
--------------------------------------------------------------------------------
/src/common_type/array/README.md:
--------------------------------------------------------------------------------
1 | # Array数组
2 |
--------------------------------------------------------------------------------
/src/common_type/array/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # 内存布局
2 |
--------------------------------------------------------------------------------
/src/common_type/array/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
3 | ## String的Array
4 |
5 | ```c
6 | (lldb) x/10gx 0x0000000280c2e2c0
7 | 0x280c2e2c0: 0x00000001efe3c008 0x0000000000000003
8 | 0x280c2e2d0: 0x0000000000000002 0x0000000000000004
9 | 0x280c2e2e0: 0x0000656e6f687069 0xe600000000000000
10 | 0x280c2e2f0: 0x0000000069626d73 0xe400000000000000
11 | 0x280c2e300: 0x00000001efdf52d0 0x7fffffff7fffffff
12 | (lldb) po 0x00000001efe3c008
13 | _TtGCs23_ContiguousArrayStorageSS_$
14 | (lldb) p/c 0x0000656e6f687069
15 | (long) iphone\0\0
16 | (lldb) p/c 0x0000000069626d73
17 | (int) smbi
18 | ```
19 |
20 | ->
21 |
22 | * Array的内存布局=字段
23 | * HeapMetadata* metadata
24 | * 0x00000001efe3c008
25 | * `_TtGCs23_ContiguousArrayStorageSS_$`
26 | * String的Array
27 | * int64 refCount
28 | * 0x0000000000000003
29 | * int64 count
30 | * 0x0000000000000002
31 | * int64 _capacityAndFlags
32 | * 0x0000000000000004
33 | * 第一个 = [0x280c2e2e0]
34 | * 0x0000656e6f687069 0xe600000000000000
35 | * "iphone"
36 | * 第二个 = [0x280c2e2f0]
37 | * 0x0000000069626d73 0xe400000000000000
38 | * "smbi"
39 |
--------------------------------------------------------------------------------
/src/common_type/array/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # Swift的Array的内存布局图
2 |
3 | * Swift的Array的内存布局图 = Swift Array Memory Layout
4 | * 在线预览
5 | * [Swift的Array内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65bfab18f5eb44119a7f62bb)
6 | * 离线查看
7 | * 
8 | * 核心内容
9 | * 
10 |
--------------------------------------------------------------------------------
/src/common_type/array/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
3 | ```c
4 | struct SwiftArray
5 | {
6 | void *heapMetadata;
7 | __int64 refCount;
8 | __int64 count;
9 | __int64 _capacityAndFlags;
10 | void* firstElement;
11 | };
12 | ```
13 |
--------------------------------------------------------------------------------
/src/common_type/array/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
--------------------------------------------------------------------------------
/src/common_type/array/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # 文字
2 |
3 | * Array的内存布局=字段=属性
4 | * [+0x00] = HeapMetadata* metadata
5 | * [+0x08] = int64 refCount
6 | * [+0x10] = int64 count
7 | * [+0x08] = int64 _capacityAndFlags
8 | * [+0x20] = AnyObject* firstElementAddress
9 |
--------------------------------------------------------------------------------
/src/common_type/bool/README.md:
--------------------------------------------------------------------------------
1 | # Bool布尔
2 |
--------------------------------------------------------------------------------
/src/common_type/data/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # Data数据的内存布局
2 |
--------------------------------------------------------------------------------
/src/common_type/data/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
3 | ## __DataStorage
4 |
5 | 详见:
6 |
7 | [Data数据 内存布局 图](../../../common_type/data/memory_layout/figure.md)
8 |
--------------------------------------------------------------------------------
/src/common_type/data/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # Swift的Data数据的内存布局结构图
2 |
3 | * Swift的Data数据的内存布局结构图 = Swift Data Memory Layout
4 | * 在线预览
5 | * [Swift的Data内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65d0cd7c28bf1d00d08a3cbc)
6 | * 离线查看
7 | * 
8 | * 核心内容
9 | * 
10 |
--------------------------------------------------------------------------------
/src/common_type/data/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
3 | * struct `Swift_DataStorage`
4 |
5 | ```c
6 | struct Swift_DataStorage
7 | {
8 | void *isa;
9 | __int64 refCount;
10 | void *_bytes;
11 | __int64 _length;
12 | __int64 _capacity;
13 | __int64 _offset;
14 | void *_deallocator;
15 | bool _needToZero;
16 | };
17 | ```
18 |
19 | * struct `SwiftData_InlineSlice`
20 |
21 | ```c
22 | struct SwiftData_InlineSlice
23 | {
24 | __int32 slice;
25 | Swift_DataStorage *storage;
26 | };
27 | ```
28 |
--------------------------------------------------------------------------------
/src/common_type/data/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
--------------------------------------------------------------------------------
/src/common_type/data/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # 文字
2 |
3 | ## 概述
4 |
5 | * Swift的Data(对于64位,暂忽略32位) 的内存布局
6 | * 根据数据字节个数多少分类
7 | * `count=0`
8 | * empty = 空数据
9 | * `0 < count < 15` == `0 < count <= 14`
10 | * `inline` == `struct InlineData`
11 | * `var bytes: Buffer`
12 | * `@usableFromInline typealias Buffer = (UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8) //len //enum`
13 | * `var length: UInt8`
14 | * `14 < count < 2^32`
15 | * `slice` == `struct InlineSlice`
16 | * `var slice: Range`
17 | * `var storage: __DataStorage`
18 | * `2^32 <= count < 2^64`
19 | * `large` == `struct LargeSlice`
20 | * `var slice: RangeReference`
21 | * `var range: Range`
22 | * `var storage: __DataStorage`
23 |
24 | ### `__DataStorage`
25 |
26 | ```c
27 | class __DataStorage {
28 | var isa: objc_class* // NULL for pure Swift class
29 | var refCount: UInt64
30 | var _bytes: UnsafeMutableRawPointer?
31 | var _length: UInt64
32 | var _capacity: UInt64
33 | var _offset: UInt64
34 | var _deallocator: ((UnsafeMutableRawPointer, Int64) -> Void)?
35 | var _needToZero: Bool
36 | }
37 | ```
38 |
39 | ==
40 |
41 | * `class __DataStorage`
42 | * [+0x00] = objc_class* isa
43 | * [+0x08] = int64 refCount
44 | * [+0x10] = void* _bytes
45 | * [+0x18] = int64 _length
46 | * [+0x20] = int64 _capacity
47 | * [+0x28] = int64 _offset
48 | * [+0x30] = function_pointer* _deallocator
49 | * 函数定义:`((UnsafeMutableRawPointer, Int64) -> Void)?`
50 | * [+0x38] = Bool _needToZero
51 |
52 | ## 详解
53 |
54 | * Swift的Data
55 | * 分4类
56 | * 空数据:empty
57 | * inline == struct InlineData
58 | * 字段
59 | * var bytes: Buffer
60 | * var length: UInt8
61 | * 说明
62 | * bytes的Buffer的字节=个数
63 | * 64位架构:不超过14,即 <=14个字节
64 | * @usableFromInline typealias Buffer = (UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8) //len //enum
65 | * 32位架构:不超过6,即 <=6个字节
66 | * @usableFromInline typealias Buffer = (UInt8, UInt8, UInt8, UInt8, UInt8, UInt8) //len //enum
67 | * slice == struct InlineSlice
68 | * 字段
69 | * var slice: Range
70 | * var storage: __DataStorage
71 | * 说明
72 | * InlineData的(64bit的)14个 < InlineSlice的字节个数 < 2^64的最大值?(storage pointer + range == a signle word)
73 | * large == struct LargeSlice
74 | * 字段
75 | * var slice: RangeReference
76 | * var range: Range
77 | * var storage: __DataStorage
78 | * 说明
79 | * a single word个数=2^64? < LargeSlice的字节个数 < 双字节大小(two-word size)=2^128?
80 |
--------------------------------------------------------------------------------
/src/common_type/dict/README.md:
--------------------------------------------------------------------------------
1 | # Dictionary字典
2 |
--------------------------------------------------------------------------------
/src/common_type/dict/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # Swift的Dictionary内存布局
2 |
--------------------------------------------------------------------------------
/src/common_type/dict/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
3 | ## 举例1:简单dict
4 |
5 | Swift的Dict值:
6 |
7 | ```c
8 | {
9 | 2282 = 0;
10 | 4902 = 1;
11 | 5074 = 1;
12 | }
13 | ```
14 |
15 | 对应的例子,已经放到了内存布局图中了,详见:
16 |
17 | [Dictionary字典的内存布局图](../../../common_type/dict/memory_layout/figure.md)
18 |
19 | 此处只额外贴出:
20 |
21 | ### 相关调试内容
22 |
23 | ```c
24 | (lldb) po 0x000000028173c680
25 | {
26 | 2282 = 0;
27 | 4902 = 1;
28 | 5074 = 1;
29 | }
30 | ```
31 |
32 | ->
33 |
34 | ```c
35 | (lldb) x/8xg 0x000000028173c680
36 | 0x28173c680: 0x0000000121881e78 0x0000000000000003
37 | 0x28173c690: 0x0000000000000003 0x0000000000000003
38 | 0x28173c6a0: 0x1fd62ad000000002 0x000000028173c680
39 | 0x28173c6b0: 0x000000028173c6c8 0x000000028173c708
40 | (lldb) x/20xg 0x000000028173c680
41 | 0x28173c680: 0x0000000121881e78 0x0000000000000003
42 | 0x28173c690: 0x0000000000000003 0x0000000000000003
43 | 0x28173c6a0: 0x1fd62ad000000002 0x000000028173c680
44 | 0x28173c6b0: 0x000000028173c6c8 0x000000028173c708
45 | 0x28173c6c0: 0xfffffffffffffffd 0x0000000032303934
46 | 0x28173c6d0: 0xe400000000000000 0x00000002006b11e0
47 | 0x28173c6e0: 0x00000002006c4de0 0x0000000032383232
48 | 0x28173c6f0: 0xe400000000000000 0x0000000034373035
49 | 0x28173c700: 0xe400000000000000 0x0000000000000031
50 | 0x28173c710: 0xe100000000000000 0x000000010b615b20
51 | ```
52 |
53 | 可以继续了:
54 |
55 | * 0xd = 0b 1101
56 | * 有效index
57 | * 0
58 | * 2
59 | * 3
60 |
61 | ->
62 |
63 | ```c
64 | (lldb) x/40xg 0x000000028173c680
65 | 0x28173c680: 0x0000000121881e78 0x0000000000000003
66 | 0x28173c690: 0x0000000000000003 0x0000000000000003
67 | 0x28173c6a0: 0x1fd62ad000000002 0x000000028173c680
68 | 0x28173c6b0: 0x000000028173c6c8 0x000000028173c708
69 | 0x28173c6c0: 0xfffffffffffffffd 0x0000000032303934
70 | 0x28173c6d0: 0xe400000000000000 0x00000002006b11e0
71 | 0x28173c6e0: 0x00000002006c4de0 0x0000000032383232
72 | 0x28173c6f0: 0xe400000000000000 0x0000000034373035
73 | 0x28173c700: 0xe400000000000000 0x0000000000000031
74 | 0x28173c710: 0xe100000000000000 0x000000010b615b20
75 | 0x28173c720: 0x000000028220fae0 0x0000000000000030
76 | 0x28173c730: 0xe100000000000000 0x0000000000000031
77 | 0x28173c740: 0xe100000000000000 0x0000000280231180
78 | 0x28173c750: 0x0000000000000000 0x0000000000000000
79 | 0x28173c760: 0x0000000000000000 0x0000000000000000
80 | 0x28173c770: 0x0000000000000000 0x0000000000000000
81 | 0x28173c780: 0x0000000000000000 0x0000000000000000
82 | 0x28173c790: 0x0000000000000000 0x0000000000000000
83 | 0x28173c7a0: 0x0000000000000000 0x0000000000000000
84 | 0x28173c7b0: 0x0000000000000000 0x0000000000000000
85 | (lldb)
86 |
87 | (lldb) x/30xg 0x000000028173c680
88 | 0x28173c680: 0x0000000121881e78 0x0000000000000003
89 | 0x28173c690: 0x0000000000000003 0x0000000000000003
90 | 0x28173c6a0: 0x1fd62ad000000002 0x000000028173c680
91 | 0x28173c6b0: 0x000000028173c6c8 0x000000028173c708
92 | 0x28173c6c0: 0xfffffffffffffffd 0x0000000032303934
93 | 0x28173c6d0: 0xe400000000000000 0x00000002006b11e0
94 | 0x28173c6e0: 0x00000002006c4de0 0x0000000032383232
95 | 0x28173c6f0: 0xe400000000000000 0x0000000034373035
96 | 0x28173c700: 0xe400000000000000 0x0000000000000031
97 | 0x28173c710: 0xe100000000000000 0x000000010b615b20
98 | 0x28173c720: 0x000000028220fae0 0x0000000000000030
99 | 0x28173c730: 0xe100000000000000 0x0000000000000031
100 | 0x28173c740: 0xe100000000000000 0x0000000280231180
101 | 0x28173c750: 0x0000000000000000 0x0000000000000000
102 | 0x28173c760: 0x0000000000000000 0x0000000000000000
103 | ```
104 |
105 | ->
106 |
107 | ```c
108 | (lldb) po 0x0000000121881e78
109 | _TtGCs18_DictionaryStorageSSSS_$
110 |
111 | (lldb) p/c 0x0000000032303934
112 | (int) 4902
113 | (lldb) p/c 0x0000000032383232
114 | (int) 2282
115 | (lldb) p/c 0x0000000034373035
116 | (int) 5074
117 | (lldb) p/c 0x0000000000000031
118 | (int) 1\0\0\0
119 | (lldb) p/c 0x0000000000000030
120 | (int) 0\0\0\0
121 | (lldb) x/2xw 0x28173c6a0
122 | 0x28173c6a0: 0x00000002 0x1fd62ad0
123 | (lldb) x/4xh 0x28173c6a0
124 | 0x28173c6a0: 0x0002 0x0000 0x2ad0 0x1fd6
125 | (lldb) x/8xb 0x28173c6a0
126 | 0x28173c6a0: 0x02 0x00 0x00 0x00 0xd0 0x2a 0xd6 0x1f
127 | (lldb) p/d 0x1fd62ad0
128 | (int) 534129360
129 | ```
130 |
131 | ## 举例2:复杂dict - key是String,value是AnyPrimitive
132 |
133 | 调试到复杂dict:
134 |
135 | ```c
136 | (lldb) reg r x0 x1 x2 x8
137 | x0 = 0x000000011100b200
138 | x1 = 0x00000001031145b0 WhatsApp`$s10LeafFilterVN
139 | x2 = 0x0000000103114658 WhatsApp`LeafFilter_related_1030B4658
140 | x8 = 0x00000001006409a8 WhatsApp`sub_1005E09A8
141 | (lldb) po 0x000000011100b200
142 | 4580225536
143 | (lldb) x/6xg 0x000000011100b200
144 | 0x11100b200: 0x000000010fe175c8 0x0000000000000003
145 | 0x11100b210: 0x0000000000000007 0x000000000000000c
146 | 0x11100b220: 0xf3473a6200000004 0x000000011100b200
147 | (lldb) po 0x000000010fe175c8
148 | _TtGCs18_DictionaryStorageSSOVO14MainAppLibrary9OfflineAB8UserInfoP10$102e672c012AnyPrimitive_$
149 | ```
150 |
151 | ->
152 |
153 | 此处是个Dictionary,value元素是
154 |
155 | * AnyPrimitive
156 | * MainAppLibrary.OfflineAB.UserInfo 的 AnyPrimitive
157 |
158 | 查看内存值:
159 |
160 | ```c
161 | (lldb) x/80xg 0x000000011100b200
162 | 0x11100b200: 0x000000010fe175c8 0x0000000000000003
163 | 0x11100b210: 0x0000000000000007 0x000000000000000c
164 | 0x11100b220: 0xf3473a6200000004 0x000000011100b200
165 | 0x11100b230: 0x000000011100b248 0x000000011100b348
166 | 0x11100b240: 0xffffffffffff9299 0x6d726f6674616c70
167 | 0x11100b250: 0xe800000000000000 0x00000001e84fab78
168 | 0x11100b260: 0x00000001e84fab78 0x00000001e84fab78
169 | 0x11100b270: 0x00000001e84fab78 0x695f656369766564
170 | 0x11100b280: 0xe900000000000064 0x69737265765f736f
171 | 0x11100b290: 0xea00000000006e6f 0x00000001e84fab78
172 | 0x11100b2a0: 0x00000001e84fab78 0x00000001e84fab78
173 | 0x11100b2b0: 0x00000001e84fab78 0x6c6975625f707061
174 | 0x11100b2c0: 0xe900000000000064 0x00000001e84fab78
175 | 0x11100b2d0: 0x00000001e84fab78 0x6e5f656369766564
176 | 0x11100b2e0: 0xeb00000000656d61 0x00000001e84fab78
177 | 0x11100b2f0: 0x00000001e84fab78 0x00000001e84fab78
178 | 0x11100b300: 0x00000001e84fab78 0x5f657361656c6572
179 | 0x11100b310: 0xef6c656e6e616863 0x00000001e84fab78
180 | 0x11100b320: 0x00000001e84fab78 0x00000001e84fab78
181 | 0x11100b330: 0x00000001e84fab78 0x737265765f707061
182 | 0x11100b340: 0xeb000000006e6f69 0x0000656e6f687069
183 | 0x11100b350: 0xe600000000000000 0x000000010fe17468
184 | 0x11100b360: 0x000000010fe16950 0x000000010fe169f8
185 | 0x11100b370: 0x00000001e84fab01 0x00000001e84fab78
186 | 0x11100b380: 0x00000001e84fab78 0x00000001e84fab78
187 | 0x11100b390: 0x00000001e84fab78 0x00000001e84fab78
188 | 0x11100b3a0: 0x00000001e84fab78 0x00000001e84fab78
189 | 0x11100b3b0: 0x00000001e84fab78 0x00000001e84fab78
190 | 0x11100b3c0: 0x00000001e84fab78 0x00000001e84fab78
191 | 0x11100b3d0: 0x00000001e84fab78 0xc000000000000024
192 | 0x11100b3e0: 0x40000002820700c0 0x00000002820700c0
193 | 0x11100b3f0: 0x000000010fe16950 0x000000010fe169f8
194 | 0x11100b400: 0x00000001e84fab01 0x000000014164cccd
195 | 0x11100b410: 0xc00000000000000a 0x40000002835413a0
196 | 0x11100b420: 0x000000010fe17798 0x000000010fe17840
197 | 0x11100b430: 0x00000001e84fab00 0x00000001e84fab78
198 | 0x11100b440: 0x00000001e84fab78 0x00000001e84fab78
199 | 0x11100b450: 0x00000001e84fab78 0x00000001e84fab78
200 | 0x11100b460: 0x00000001e84fab78 0x00000001e84fab78
201 | 0x11100b470: 0x00000001e84fab78 0x00000001e84fab78
202 | ```
203 |
204 | ->
205 |
206 | ```c
207 | (lldb) p/c 0x6d726f6674616c70
208 | (long) platform
209 |
210 | (lldb) p/c 0x695f656369766564
211 | (long) device_i
212 | (lldb) p/c 0xe900000000000064
213 | (unsigned long) d\0\0\0\0\0\0\xe9
214 |
215 | (lldb) p/c 0x69737265765f736f
216 | (long) os_versi
217 | (lldb) p/c 0xea00000000006e6f
218 | (unsigned long) on\0\0\0\0\0\xea
219 |
220 | (lldb) p/c 0x6c6975625f707061
221 | (long) app_buil
222 | (lldb) p/c 0x64
223 | (int) d\0\0\0
224 |
225 | (lldb) p/c 0x6e5f656369766564
226 | (long) device_n
227 | (lldb) p/c 0x00000000656d61
228 | (int) ame\0
229 |
230 | (lldb) p/c 0x5f657361656c6572
231 | (long) release_
232 | (lldb) p/c 0xef6c656e6e616863
233 | (unsigned long) channel\xef
234 |
235 | (lldb) p/c 0x737265765f707061
236 | (long) app_vers
237 | (lldb) p/c 0xeb000000006e6f69
238 | (unsigned long) ion\0\0\0\0\xeb
239 | ```
240 |
241 | keys:
242 |
243 | * platform
244 | * device_id
245 | * os_version
246 | * app_build
247 | * device_name
248 | * release_channel
249 | * app_version
250 | * iphone
251 |
252 | 和:
253 |
254 | ```c
255 | (lldb) p/c 0x0000656e6f687069
256 | (long) iphone\0\0
257 |
258 | (lldb) x/s "0x40000002820700c0 + 0x20"
259 | 0x2820700e0: "5E8-8164-1AEA05E45CD9"
260 | (lldb) po 0x00000002820700c0
261 | 2DE85147-8D62-45E8-8164-1AEA05E45CD9
262 | ...
263 |
264 | ```
265 |
266 | values:
267 |
268 | * iphone
269 | * 2DE85147-8D62-45E8-8164-1AEA05E45CD9
270 | * 注:Swift的Shared=Bridged的String
271 | * ...
272 |
--------------------------------------------------------------------------------
/src/common_type/dict/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # Swift的Dictionary内存布局结构图
2 |
3 | * Swift的Dictionary内存布局结构图
4 | * 在线浏览
5 | * [Swift的Dictionary内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65c5cbb80f4b513151047d3e)
6 | * 本地查看
7 | * 完整图
8 | * 
9 | * 核心内容
10 | * 
11 |
--------------------------------------------------------------------------------
/src/common_type/dict/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
--------------------------------------------------------------------------------
/src/common_type/dict/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
--------------------------------------------------------------------------------
/src/common_type/dict/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # Swift的Dictionary内存布局 文字
2 |
3 | * Swift的Dictionary内存布局 = 字段 = 属性
4 | * `[+0x00]` = `Metadata* type`
5 | * `[+0x08]` = `Int refCount`
6 | * `__RawDictionaryStorage`
7 | * `[+0x10]` = `var _count: Int`
8 | * `[+0x18]` = `var _capacity: Int`
9 | * `[+0x20]` = `Int`
10 | * `[+0x20~0x20]` = `var _scale: Int8`
11 | * `[+0x21~0x21]` = `var _reservedScale: Int8`
12 | * `[+0x22~0x23]` = `var _extra: Int16`
13 | * `[+0x24~0x27]` = `var _age: Int32`
14 | * `[+0x28]` = `var _seed: Int`
15 | * `[+0x30]` = `var _rawKeys: UnsafeMutableRawPointer`
16 | * 指向`Key`=`键`的数组列表
17 | * `[+0x38]` = `var _rawValues: UnsafeMutableRawPointer`
18 | * 指向`Value`=`值`的数组列表
19 | * `[+0x38]` = `int _metadata`
20 | * 指定了**哪几个**index元素是**有效数据**
21 |
--------------------------------------------------------------------------------
/src/common_type/enum/README.md:
--------------------------------------------------------------------------------
1 | # Enum枚举
2 |
--------------------------------------------------------------------------------
/src/common_type/int/README.md:
--------------------------------------------------------------------------------
1 | # Int整型
2 |
--------------------------------------------------------------------------------
/src/common_type/set/README.md:
--------------------------------------------------------------------------------
1 | # Set集合
2 |
--------------------------------------------------------------------------------
/src/common_type/set/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # 内存布局
2 |
--------------------------------------------------------------------------------
/src/common_type/set/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
--------------------------------------------------------------------------------
/src/common_type/set/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # Swift的Set的内存布局图
2 |
3 | * Swift的Set的内存布局图 = Swift Set Memory Layout
4 | * 在线预览
5 | * [Swift的Set的内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65bc8fc94cd3524d829e522a)
6 | * 离线查看
7 | * 
8 | * 核心内容
9 | * 
10 |
--------------------------------------------------------------------------------
/src/common_type/set/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
3 | ```c
4 | struct SwiftSet
5 | {
6 | void *type;
7 | __int64 refCount;
8 | __int64 _count;
9 | __int64 _capacity;
10 | __int8 _scale;
11 | __int8 _reservedScale;
12 | __int16 _extra;
13 | __int32 _age;
14 | __int64 _seed;
15 | __int64 _rawElements;
16 | __int64 _metadata;
17 | __int64 _firstElement;
18 | };
19 | ```
20 |
21 | 
22 |
--------------------------------------------------------------------------------
/src/common_type/set/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
3 | ## Set.swift
4 |
5 | `swift/stdlib/public/core/Set.swift`
6 |
7 | ```c
8 | @frozen
9 | @_eagerMove
10 | public struct Set {
11 | @usableFromInline
12 | internal var _variant: _Variant
13 |
14 |
15 | /// Creates an empty set with preallocated space for at least the specified
16 | /// number of elements.
17 | ///
18 | /// Use this initializer to avoid intermediate reallocations of a set's
19 | /// storage buffer when you know how many elements you'll insert into the set
20 | /// after creation.
21 | ///
22 | /// - Parameter minimumCapacity: The minimum number of elements that the
23 | /// newly created set should be able to store without reallocating its
24 | /// storage buffer.
25 | public // FIXME(reserveCapacity): Should be inlinable
26 | init(minimumCapacity: Int) {
27 | _variant = _Variant(native: _NativeSet(capacity: minimumCapacity))
28 | }
29 |
30 | /// Private initializer.
31 | @inlinable
32 | internal init(_native: __owned _NativeSet) {
33 | _variant = _Variant(native: _native)
34 | }
35 |
36 | #if _runtime(_ObjC)
37 | @inlinable
38 | internal init(_cocoa: __owned __CocoaSet) {
39 | _variant = _Variant(cocoa: _cocoa)
40 | }
41 |
42 | /// Private initializer used for bridging.
43 | ///
44 | /// Only use this initializer when both conditions are true:
45 | ///
46 | /// * it is statically known that the given `NSSet` is immutable;
47 | /// * `Element` is bridged verbatim to Objective-C (i.e.,
48 | /// is a reference type).
49 | @inlinable
50 | public // SPI(Foundation)
51 | init(_immutableCocoaSet: __owned AnyObject) {
52 | _internalInvariant(_isBridgedVerbatimToObjectiveC(Element.self),
53 | "Set can be backed by NSSet _variant only when the member type can be bridged verbatim to Objective-C")
54 | self.init(_cocoa: __CocoaSet(_immutableCocoaSet))
55 | }
56 | #endif
57 | }
58 | ```
59 |
60 | 核心定义是:
61 |
62 | ```c
63 | public struct Set {
64 | var _variant: _Variant
65 | ```
66 |
67 |
68 | ## BridgeStorage.swift
69 |
70 | `swift/stdlib/public/core/BridgeStorage.swift`
71 |
72 | ```c
73 | import SwiftShims
74 |
75 | #if !$Embedded
76 |
77 | @frozen
78 | @usableFromInline
79 | internal struct _BridgeStorage {
80 | @usableFromInline
81 | internal typealias Native = NativeClass
82 |
83 | @usableFromInline
84 | internal typealias ObjC = AnyObject
85 |
86 | // rawValue is passed inout to _isUnique. Although its value
87 | // is unchanged, it must appear mutable to the optimizer.
88 | @usableFromInline
89 | internal var rawValue: Builtin.BridgeObject
90 |
91 | @inlinable
92 | @inline(__always)
93 | internal init(native: Native, isFlagged flag: Bool) {
94 | // Note: Some platforms provide more than one spare bit, but the minimum is
95 | // a single bit.
96 |
97 | _internalInvariant(_usesNativeSwiftReferenceCounting(NativeClass.self))
98 |
99 | rawValue = _makeNativeBridgeObject(
100 | native,
101 | flag ? (1 as UInt) << _objectPointerLowSpareBitShift : 0)
102 | }
103 |
104 | ...
105 | ```
106 |
107 | 核心定义:
108 |
109 | ```c
110 | struct _BridgeStorage {
111 | var rawValue: Builtin.BridgeObject
112 | ```
113 |
114 | ```c
115 | protocol BridgeStorage {
116 | associatedtype Native : AnyObject
117 | associatedtype ObjC : AnyObject
118 |
119 |
120 | init(native: Native, isFlagged: Bool)
121 | init(native: Native)
122 | init(objC: ObjC)
123 |
124 |
125 | mutating func isUniquelyReferencedNative() -> Bool
126 | mutating func isUniquelyReferencedUnflaggedNative() -> Bool
127 | var isNative: Bool {get}
128 | var isObjC: Bool {get}
129 | var nativeInstance: Native {get}
130 | var unflaggedNativeInstance: Native {get}
131 | var objCInstance: ObjC {get}
132 | }
133 |
134 | extension _BridgeStorage : BridgeStorage {}
135 | ```
136 |
137 | ## SetStorage.swift
138 |
139 | `swift/stdlib/public/core/SetStorage.swift`
140 |
141 | ```c
142 | /// An instance of this class has all `Set` data tail-allocated.
143 | /// Enough bytes are allocated to hold the bitmap for marking valid entries,
144 | /// keys, and values. The data layout starts with the bitmap, followed by the
145 | /// keys, followed by the values.
146 | // NOTE: older runtimes called this class _RawSetStorage. The two
147 | // must coexist without a conflicting ObjC class name, so it was
148 | // renamed. The old name must not be used in the new runtime.
149 | @_fixed_layout
150 | @usableFromInline
151 | @_objc_non_lazy_realization
152 | internal class __RawSetStorage: __SwiftNativeNSSet {
153 | // NOTE: The precise layout of this type is relied on in the runtime to
154 | // provide a statically allocated empty singleton. See
155 | // stdlib/public/stubs/GlobalObjects.cpp for details.
156 |
157 | /// The current number of occupied entries in this set.
158 | @usableFromInline
159 | @nonobjc
160 | internal final var _count: Int
161 |
162 | /// The maximum number of elements that can be inserted into this set without
163 | /// exceeding the hash table's maximum load factor.
164 | @usableFromInline
165 | @nonobjc
166 | internal final var _capacity: Int
167 |
168 | /// The scale of this set. The number of buckets is 2 raised to the
169 | /// power of `scale`.
170 | @usableFromInline
171 | @nonobjc
172 | internal final var _scale: Int8
173 |
174 | /// The scale corresponding to the highest `reserveCapacity(_:)` call so far,
175 | /// or 0 if there were none. This may be used later to allow removals to
176 | /// resize storage.
177 | ///
178 | /// FIXME: Shrink storage on deletion
179 | @usableFromInline
180 | @nonobjc
181 | internal final var _reservedScale: Int8
182 |
183 | // Currently unused, set to zero.
184 | @nonobjc
185 | internal final var _extra: Int16
186 |
187 | /// A mutation count, enabling stricter index validation.
188 | @usableFromInline
189 | @nonobjc
190 | internal final var _age: Int32
191 |
192 | /// The hash seed used to hash elements in this set instance.
193 | @usableFromInline
194 | internal final var _seed: Int
195 |
196 | /// A raw pointer to the start of the tail-allocated hash buffer holding set
197 | /// members.
198 | @usableFromInline
199 | @nonobjc
200 | internal final var _rawElements: UnsafeMutableRawPointer
201 |
202 | // This type is made with allocWithTailElems, so no init is ever called.
203 | // But we still need to have an init to satisfy the compiler.
204 | @nonobjc
205 | internal init(_doNotCallMe: ()) {
206 | _internalInvariantFailure("This class cannot be directly initialized")
207 | }
208 |
209 | @inlinable
210 | @nonobjc
211 | internal final var _bucketCount: Int {
212 | @inline(__always) get { return 1 &<< _scale }
213 | }
214 |
215 | @inlinable
216 | @nonobjc
217 | internal final var _metadata: UnsafeMutablePointer<_HashTable.Word> {
218 | @inline(__always) get {
219 | let address = Builtin.projectTailElems(self, _HashTable.Word.self)
220 | return UnsafeMutablePointer(address)
221 | }
222 | }
223 |
224 | // The _HashTable struct contains pointers into tail-allocated storage, so
225 | // this is unsafe and needs `_fixLifetime` calls in the caller.
226 | @inlinable
227 | @nonobjc
228 | internal final var _hashTable: _HashTable {
229 | @inline(__always) get {
230 | return _HashTable(words: _metadata, bucketCount: _bucketCount)
231 | }
232 | }
233 | }
234 | ```
235 |
236 | 和
237 |
238 | ```c
239 | extension __RawSetStorage {
240 | /// The empty singleton that is used for every single Set that is created
241 | /// without any elements. The contents of the storage must never be mutated.
242 | @inlinable
243 | @nonobjc
244 | internal static var empty: __EmptySetSingleton {
245 | return Builtin.bridgeFromRawPointer(
246 | Builtin.addressof(&_swiftEmptySetSingleton))
247 | }
248 | }
249 | ```
250 |
251 | ## Runtime.swift
252 |
253 | ```c
254 | @_fixed_layout
255 | @usableFromInline
256 | @objc @_swift_native_objc_runtime_base(__SwiftNativeNSSetBase)
257 | internal class __SwiftNativeNSSet {
258 | @nonobjc
259 | internal init() {}
260 | @objc public init(coder: AnyObject) {}
261 | deinit {}
262 | }
263 | ```
264 |
--------------------------------------------------------------------------------
/src/common_type/set/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # 文字
2 |
3 | ## 概述
4 |
5 | * Swift的Set集合的内存布局=字段=属性
6 | * [+0x00] = Metadata* type
7 | * [+0x08] = int64 refCount
8 | * [+0x10] = int64 _count
9 | * [+0x18] = int64 _capacity
10 | * [+0x20] = Int64
11 | * [+0x20~0x20] = int8 _scale
12 | * [+0x21~0x21] = int8 _reservedScale
13 | * [+0x22~0x23] = int16 _extra
14 | * [+0x24~0x27] = int32 _age
15 | * [+0x28] = int64 _seed
16 | * [+0x30] = void* _rawElements
17 | * [+0x38] = int64 _metadata
18 |
19 | ## 详解
20 |
21 | * Swift的Set集合的内存布局=字段=属性
22 | * [+0x00] = Metadata* type
23 | * [+0x08] = Int refCount
24 | * __RawSetStorage类型
25 | * [+0x10] = var _count: Int
26 | * [+0x18] = var _capacity: Int
27 | * [+0x20] = Int
28 | * [+0x20~0x20] = var _scale: Int8
29 | * [+0x21~0x21] = var _reservedScale: Int8
30 | * [+0x22~0x23] = var _extra: Int16
31 | * [+0x24~0x27] = var _age: Int32
32 | * [+0x28] = var _seed: Int
33 | * 往往是 == 当前Set指针
34 | * [+0x30] = var _rawElements: UnsafeMutableRawPointer
35 | * 指向真正数据的开始的地址 == realDataAddress
36 | * [+0x38] = var _metadata: UnsafeMutableRawPointer
37 | * == flag:哪些组数据是有效数据
38 | * (根据count去mask后的)最后一些bit位中的1,决定了对应位置(对应组)数据是有效数据
39 | * 可以写成
40 | * validElementIndexMask
41 | * count < 2:0b 11 = 0x3
42 | * 2<= count <= 8:0b 1111 1111 = 0xFF
43 | * ...
44 | * 举例
45 | * 0xfffffffffffffff9
46 | * 注:此处count=2
47 | * mask后的值:只需要最后1个byte=8个bit的值
48 | * 0xfffffffffffffffe & 0xFF = 0x09 = 0b 0000 1001
49 | * = bit0、bit3(的位置是1)
50 | * = index0、index3是有效数据
51 | * 0xfffffffffffffffe
52 | * 注:此处count=1
53 | * (此时count<2)mask后,只需要:2个bit位
54 | * 对应如果有mask的话,可以理解为:
55 | * validBitMask = 0x3 = 0b 11
56 | * mask后的值:只需要最后2位=2个bit
57 | * 0xfffffffffffffffe & 0x3 = 0x2 = 0b 10
58 | * = bit1(的位置是1)
59 | * = index1 是有效数据
60 | * 说明:
61 | * 此处Int是64bit==int64
62 | * Int8=8bit
63 | * Int32=32bit
64 |
--------------------------------------------------------------------------------
/src/common_type/string/README.md:
--------------------------------------------------------------------------------
1 | # String字符串
2 |
3 | ## 空间占用=大小
4 |
5 | * 空间占用:`0x10`字节 = `16`字节 = **2**个`int64`
6 |
7 | ## 分类=类型
8 |
9 | ### 概述
10 |
11 | * Swift中String
12 | * `Small String`
13 | * `Large String`
14 | * 三类
15 | * `Native`
16 | * 查看字符串
17 | ```bash
18 | x/s "objectAddr + 0x20"
19 | ```
20 | * 真正地址
21 | * `realStrAddr`
22 | * = `objectAddr` + `0x20`
23 | * = `objectAddr` + `32`
24 | * = `objectAddr` + `nativeBias`
25 | * `Shared`
26 | * 查看字符串
27 | ```bash
28 | x/s "objectAddr + 0x11"
29 |
30 | po (NSString*)objectAddr
31 | ```
32 | * 真正地址
33 | * `realStrAddr` = `objectAddr` + `0x11`
34 | * 说明
35 | * 对于Bridge的字符串:objectAddr == NSString的地址
36 | * 内存布局保存的数据,是NSString中的数据
37 | * `Foreign`
38 | * 真正地址
39 | * `realStrAddr` = `objectAddr`
40 |
41 | ### 详解
42 |
43 | * Swift中String
44 | * `Small String`
45 | * `Large String`
46 | * 分3类
47 | * native
48 | * Native strings have tail-allocated storage, which begins at an offset of `nativeBias` from the storage object's address. String literals, which reside in the constant section, are encoded as their start address minus `nativeBias`, unifying code paths for both literals ("immortal native") and native strings. Native Strings are always managed by the Swift runtime.
49 | * shared
50 | * Shared strings do not have tail-allocated storage, but can provide access upon query to contiguous UTF-8 code units. Lazily-bridged NSStrings capable of providing access to contiguous ASCII/UTF-8 set the ObjC bit. Accessing shared string's pointer should always be behind a resilience barrier, permitting future evolution.
51 | * foreign
52 | * Foreign strings cannot provide access to contiguous UTF-8. Currently, this only encompasses lazily-bridged NSStrings that cannot be treated as "shared". Such strings may provide access to contiguous UTF-16, or may be discontiguous in storage. Accessing foreign strings should remain behind a resilience barrier for future evolution. Other foreign forms are reserved for the future.
53 | * 其他说明
54 | * 对于Shared和foreign
55 | * always created and accessed behind a resilience barrier, providing flexibility for the future.
56 |
--------------------------------------------------------------------------------
/src/common_type/string/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # 内存布局
2 |
--------------------------------------------------------------------------------
/src/common_type/string/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
3 | ## Small String
4 |
5 | ### "control"
6 |
7 | 寄存器中:
8 |
9 | ```c
10 | (lldb) reg r x0 x1 sp
11 | x0 = 0x006c6f72746e6f63
12 | x1 = 0xe700000000000000
13 | ```
14 |
15 | 内存中:
16 |
17 | ```c
18 | (lldb) po 0x0000000281a4cea0
19 | MainAppLibrary.OfflineAB.BucketInfo
20 | (lldb) x/6xg 0x0000000281a4cea0
21 | 0x281a4cea0: 0x000000010415b460 0x0000000000000003
22 | 0x281a4ceb0: 0x006c6f72746e6f63 0xe700000000000000
23 | 0x281a4cec0: 0x0000000000002710 0x0000000281a4c930
24 | (lldb) p/c 0x006c6f72746e6f63
25 | (long) control\0
26 | ```
27 |
28 | ->字符串本身 = realString :
29 |
30 | `0xe700000000000000 0x006c6f72746e6f63`
31 |
32 | ->
33 |
34 | ```c
35 | (lldb) p/c 0x006c6f72746e6f63
36 | (unsigned long) control\0
37 | ```
38 |
39 | ->字符串是:"control"
40 |
41 | 第15个字节=8位,分2部分:
42 |
43 | * 最高4位=discriminator
44 | * 0xe
45 | * = 0b 1110
46 | * b63 = isImmortal -> 1
47 | * isImmortal=True
48 | * b62 = (large) isBridged / (small) isASCII -> 1
49 | * Small String:ASCII=True
50 | * b61 = isSmall -> 1
51 | * 是Small string
52 | * b60 = isForeign = isSlow -> 0
53 | * isForeign=False
54 | * 最低4位=count
55 | * 0x7
56 | * 字符串长度是:7
57 | * = 7个字符
58 | * 对应着:control字符串的长度=7
59 |
60 | ## Large String
61 |
62 | ### Large String - Native
63 |
64 | #### "ios_prod_latam_tos_reg_universe"
65 |
66 | ```c
67 | (lldb) po 0x00000002800f5e00
68 | MainAppLibrary.OfflineAB.UniverseInfo
69 |
70 | (lldb) x/6gx 0x00000002800f5e00
71 | 0x2800f5e00: 0x0000000105d3c398 0x0000000200000003
72 | 0x2800f5e10: 0xd00000000000001f 0x8000000105110930
73 | 0x2800f5e20: 0x6469725f72657375 0xe800000000000000
74 | ```
75 |
76 | 根据定义:
77 |
78 | * MainAppLibrary.OfflineAB.UniverseInfo
79 | * [+0x10~0x18] = name
80 | * 类型:Swift的Large String(真正字符串地址是:name值+0x20)
81 |
82 | 此处值:
83 |
84 | * [+0x10~0x18] = name
85 | * 0x2800f5e10: 0xd00000000000001f 0x8000000105110930
86 |
87 | -》真正字符串地址是:
88 |
89 | * 0x8000000105110930 + 0x20 = 0x8000000105110950
90 |
91 | ```c
92 | (lldb) x/s 0x8000000105110950
93 | 0x105110950: "ios_prod_latam_tos_reg_universe"
94 | ```
95 |
96 | ##### 额外说明
97 |
98 | (1)如果不加0x20,则看到的字符串是别的(错位后的)值:
99 |
100 | ```c
101 | (lldb) x/s 0x8000000105110930
102 | 0x105110930: "os_reg_experiment"
103 | ```
104 |
105 | (2)去掉最开始的0x8,也是可以用x/s看到字符串的:
106 |
107 | ```c
108 | (lldb) x/s 0x0000000105110930
109 | 0x105110930: "os_reg_experiment"
110 | (lldb) x/s 0x0000000105110950
111 | 0x105110950: "ios_prod_latam_tos_reg_universe"
112 | ```
113 |
114 | 类似的:去掉0x8前缀,可以用po查看出字符串的值:
115 |
116 | ```c
117 | (lldb) po (char*)0x0000000105110950
118 | "ios_prod_latam_tos_reg_universe"
119 | ```
120 |
121 | (3)不论是否加0x20,直接po查看,则都是(异常的,不是我们要的)时间类型的值:
122 |
123 | ```c
124 | (lldb) po 0x8000000105110930
125 | 2001-01-01 00:00:00 +0000
126 | (lldb) po 0x8000000105110950
127 | 2001-01-01 00:00:00 +0000
128 |
129 | (lldb) po (char*)0x8000000105110950
130 | 2001-01-01 00:00:00 +0000
131 | ```
132 |
133 | 后记:
134 |
135 | 另外某次去po,却连异常的时间类型的值都看不到,而是:就是数字:
136 |
137 | ```c
138 | (lldb) reg r x0 x1
139 | x0 = 0x000000000000007c
140 | x1 = 0xe100000000000000
141 | (lldb) reg r x20 sp
142 | x20 = 0x000000016d658c20
143 | sp = 0x000000016d658c20
144 | (lldb) x/8gx 0x000000016d658c20
145 | 0x16d658c20: 0xd000000000000021 0x80000001051946f0
146 | 0x16d658c30: 0x0000000000000002 0x00000002833c1140
147 | 0x16d658c40: 0x0000000105da1628 0x0000000105dbbcd0
148 | 0x16d658c50: 0x00000002833c1140 0x00000002828d0780
149 | (lldb) po 0x80000001051946f0
150 | 9223372041235285744
151 | ```
152 |
153 | 而换x/s字符串查看,是可以看出:
154 |
155 | (虽然是错误的,但是是)字符串的值的
156 |
157 | ```c
158 | (lldb) x/s 0x80000001051946f0
159 | 0x1051946f0: "dummy_aa_offline_user_rid_ios"
160 | ```
161 |
162 | 当然,真正地址+0x20的字符串:
163 |
164 | ```c
165 | (lldb) p/x 0x80000001051946f0 + 0x20
166 | (unsigned long) 0x8000000105194710
167 | ```
168 |
169 | ->但是po也还是看不出:
170 |
171 | ```c
172 | (lldb) po 0x8000000105194710
173 | 9223372041235285776
174 | ```
175 |
176 | 只能用字符串查看:
177 |
178 | ```c
179 | (lldb) x/s 0x8000000105194710
180 | 0x105194710: "dummy_aa_offline_rid_universe_ios"
181 | ```
182 |
183 | ### Large String - Shared
184 |
185 | #### "2.23.25.85"
186 |
187 | 此处:
188 |
189 | ```c
190 | 0xc00000000000000a 0x400000028143c6c0
191 | ```
192 |
193 | 其中:
194 |
195 | * Large String
196 | * 0xc00000000000000a
197 | * 0xC = 12 = 0b 1100
198 | * b63 = ASCII = isASCII
199 | * True
200 | * b62 = NFC = isNFC
201 | * True
202 | * b61 = native = isNativelyStored
203 | * False
204 | * b60 = tail = isTailAllocated
205 | * False
206 | * b59 = UTF8 = isForeignUTF8
207 | * False
208 | * 0xa = 10 :字符串长度是10
209 | * 0x400000028143c6c0
210 | * discriminator = 0x4 = 0b 0100
211 | * b63 = isImmortal
212 | * False
213 | * b62 = (large) isBridged / (small) isASCII
214 | * True
215 | * b61 = isSmall
216 | * False
217 | * b60 = isForeign = isSlow
218 | * False
219 | * objectAddr = 0x28143c6c0
220 |
221 | ->
222 |
223 | * Large String
224 | * length = 10
225 | * flag
226 | * isASCII = True
227 | * isNFC = True
228 | * isNativelyStored = False
229 | * isTailAllocated = False
230 | * isForeignUTF8 = False
231 | * discriminator
232 | * isImmortal = False
233 | * isBridged = True
234 | * isSmall = False
235 | * isForeign == isSlow = False
236 | * objectAddr = 0x28143c6c0
237 |
238 | ->
239 |
240 | * Swift中的字符串
241 | * 是bridged桥接的
242 | * 字符串地址是:0x28143c6c0
243 | * 其他细节
244 | * 是ASCII的
245 | * 是NFC(Normal Form C)的
246 | * 不是尾部分配的TailAllocated
247 |
248 | -> 此处对应着:从`ObjC`的`NSString`:`"2.23.25.85"`
249 |
250 | ```c
251 | (lldb) reg r x0
252 | x0 = 0x000000028143c6c0
253 | (lldb) po $x0
254 | 2.23.25.85
255 | (lldb) po [$x0 class]
256 | __NSCFString
257 | ```
258 |
259 | 调用
260 |
261 | * `libswiftFoundation.dylib`
262 | * `static Swift.String._unconditionallyBridgeFromObjectiveC(Swift.Optional<__C.NSString>) -> Swift.String`
263 |
264 | 而Bridge桥接过来的
265 |
266 | ->
267 |
268 | 此处:想要查看出字符串的值:
269 |
270 | * (方式1)加上NSString强制类型转换去打印字符串
271 |
272 | ```c
273 | (lldb) po (NSString*)0x000000028143c6c0
274 | 2.23.25.85
275 | ```
276 |
277 | * (方式2)自己查看ObjC的NSString的内存值,手动打印出字符串
278 |
279 | 此处(NSString类型的字符串的)内存值是:
280 |
281 | ```c
282 | (lldb) x/8xg 0x00000028143c6c0
283 | 0x28143c6c0: 0x000021a1efdfa941 0x000000030000078c
284 | 0x28143c6d0: 0x35322e33322e320a 0x000000000035382e
285 | 0x28143c6e0: 0x00004fcde1ddc6e0 0x0000000000000041
286 | 0x28143c6f0: 0x0000000000000000 0x0000000000000000
287 | ```
288 |
289 | 其中核心数据是:
290 |
291 | * `0x28143c6d0: 0x35322e33322e320a 0x000000000035382e`
292 |
293 | ->可以调试查看到具体字符串的值和长度:
294 |
295 | ```c
296 | (lldb) p/c 0x35322e33322e320a
297 | (long) \n2.23.25
298 | (lldb) p/c 0x000000000035382e
299 | (int) .85\0
300 |
301 | (lldb) x/8xb 0x28143c6d0
302 | 0x28143c6d0: 0x0a 0x32 0x2e 0x32 0x33 0x2e 0x32 0x35
303 | (lldb) x/8xb 0x28143c6d8
304 | 0x28143c6d8: 0x2e 0x38 0x35 0x00 0x00 0x00 0x00 0x00
305 | (lldb) x/s 0x28143c6d0
306 | 0x28143c6d0: "\n2.23.25.85"
307 | (lldb) x/s 0x28143c6d8
308 | 0x28143c6d8: ".85"
309 |
310 | (lldb) p/d 0xa
311 | (int) 10
312 | (lldb) x/s 0x28143c6d1
313 | 0x28143c6d1: "2.23.25.85"
314 | ```
315 |
316 | 即:
317 |
318 | * 字符串:
319 | * 长度:`10`
320 | * 值:`2.23.25.85`
321 |
--------------------------------------------------------------------------------
/src/common_type/string/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # Swift的String字符串的内存布局图
2 |
3 | * Swift的String字符串的内存布局图 = Swift String Memory Layout
4 | * 在线预览
5 | * [Swift的String内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65c0875ee412437f7c818e17)
6 | * 离线查看
7 | * 
8 | * 核心内容
9 | * 
10 |
--------------------------------------------------------------------------------
/src/common_type/string/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
3 | 加到IDA中的定义:
4 |
5 | * 说明
6 | * IDA已自带:`Swift::String`,其实和此处定义一样,但是自己的类名`SwiftString`,更加简洁好用
7 | * 且后续已优化为,`SwiftString`是`SwiftLargeString`和`SwiftSmallString`的union联合体结构,更加准确
8 |
9 | ## SwiftLargeString
10 |
11 | ```c
12 | struct SwiftLargeString
13 | {
14 | // 1st int64: b0-b63
15 | // __int64 flagsAndCount;
16 | __int64 count: 48; // b0-b47
17 |
18 | __int64 reserved: 11; // b48-b58
19 |
20 | __int64 isForeignUTF8 : 1; // b59
21 | __int64 isTailAllocated : 1; // b60
22 | __int64 isNativeStored : 1; // b61
23 | __int64 isNFC : 1; // b62
24 | __int64 isASCII : 1; // b63
25 |
26 | // 2nd int64: b0-b63
27 |
28 | // 2nd int64: b0-b59
29 | __int64 objectAddr : 60;
30 |
31 | // 2nd int64: b60-b63
32 | __int64 isForeign: 1;
33 | __int64 isSmall: 1;
34 | __int64 isBridged: 1;
35 | __int64 isImmortal: 1;
36 | };
37 | ```
38 |
39 | 注:
40 |
41 | * 对比,旧的定义是
42 | ```c
43 | struct SwiftLargeString
44 | {
45 | __int64 flagsAndCount;
46 | void *objAddr;
47 | }
48 | ```
49 |
50 | ## SwiftSmallString
51 |
52 | ```c
53 | struct SwiftSmallString
54 | {
55 | char smallStr[15];
56 |
57 | // 2nd int64: b56-b59
58 | __int8 count: 4;
59 | // 2nd int64: b60-b63
60 | __int8 isForeign: 1;
61 | __int8 isSmall: 1;
62 | __int8 isASCII: 1;
63 | __int8 isImmortal: 1;
64 | }
65 | ```
66 |
67 | ## SwiftString
68 |
69 | ```c
70 | union SwiftString
71 | {
72 | SwiftLargeString largeStr;
73 | SwiftSmallString smallStr;
74 | }
75 | ```
76 |
--------------------------------------------------------------------------------
/src/common_type/string/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
3 | ## StringObject.swift
4 |
5 | * StringObject.swift
6 | * [swift/stdlib/public/core/StringObject.swift at main · apple/swift (github.com)](https://github.com/apple/swift/blob/main/stdlib/public/core/StringObject.swift)
7 |
8 | ```c
9 | extension _StringObject {
10 | @inlinable @inline(__always)
11 | internal init(_ small: _SmallString) {
12 | // Small strings are encoded as _StringObjects in reverse byte order
13 | // on big-endian platforms. This is to match the discriminator to the
14 | // spare bits (the most significant nibble) in a pointer.
15 | let word1 = small.rawBits.0.littleEndian
16 | let word2 = small.rawBits.1.littleEndian
17 | #if _pointerBitWidth(_64)
18 | // On 64-bit, we copy the raw bits (to host byte order).
19 | self.init(rawValue: (word1, word2))
20 | #elseif _pointerBitWidth(_32)
21 | // On 32-bit, we need to unpack the small string.
22 | let smallStringDiscriminatorAndCount: UInt64 = 0xFF00_0000_0000_0000
23 |
24 |
25 | let leadingFour = Int(truncatingIfNeeded: word1)
26 | let nextFour = UInt(truncatingIfNeeded: word1 &>> 32)
27 | let smallDiscriminatorAndCount = word2 & smallStringDiscriminatorAndCount
28 | let trailingTwo = UInt16(truncatingIfNeeded: word2)
29 | self.init(
30 | count: leadingFour,
31 | variant: .immortal(nextFour),
32 | discriminator: smallDiscriminatorAndCount,
33 | flags: trailingTwo)
34 | #else
35 | #error("Unknown platform")
36 | #endif
37 | _internalInvariant(isSmall)
38 | }
39 |
40 |
41 | @inlinable
42 | internal static func getSmallCount(fromRaw x: UInt64) -> Int {
43 | #if os(Android) && arch(arm64)
44 | return Int(truncatingIfNeeded: (x & 0x000F_0000_0000_0000) &>> 48)
45 | #else
46 | return Int(truncatingIfNeeded: (x & 0x0F00_0000_0000_0000) &>> 56)
47 | #endif
48 | }
49 |
50 |
51 | @inlinable @inline(__always)
52 | internal var smallCount: Int {
53 | _internalInvariant(isSmall)
54 | return _StringObject.getSmallCount(fromRaw: discriminatedObjectRawBits)
55 | }
56 |
57 |
58 | @inlinable
59 | internal static func getSmallIsASCII(fromRaw x: UInt64) -> Bool {
60 | #if os(Android) && arch(arm64)
61 | return x & 0x0040_0000_0000_0000 != 0
62 | #else
63 | return x & 0x4000_0000_0000_0000 != 0
64 | #endif
65 | }
66 | @inlinable @inline(__always)
67 | internal var smallIsASCII: Bool {
68 | _internalInvariant(isSmall)
69 | return _StringObject.getSmallIsASCII(fromRaw: discriminatedObjectRawBits)
70 | }
71 |
72 |
73 | @inlinable @inline(__always)
74 | internal init(empty:()) {
75 | // Canonical empty pattern: small zero-length string
76 | #if _pointerBitWidth(_64)
77 | self._countAndFlagsBits = 0
78 | self._object = Builtin.valueToBridgeObject(Nibbles.emptyString._value)
79 | #elseif _pointerBitWidth(_32)
80 | self.init(
81 | count: 0,
82 | variant: .immortal(0),
83 | discriminator: Nibbles.emptyString,
84 | flags: 0)
85 | #else
86 | #error("Unknown platform")
87 | #endif
88 | _internalInvariant(self.smallCount == 0)
89 | _invariantCheck()
90 | }
91 | }
92 | ```
93 |
94 | ## StringBridge.swift
95 |
96 | `swift/stdlib/public/core/StringBridge.swift`
97 |
98 | ```c
99 | extension String {
100 | @_spi(Foundation)
101 | public init(_cocoaString: AnyObject) {
102 | self._guts = _bridgeCocoaString(_cocoaString)
103 | }
104 | }
105 | ```
106 |
107 | ->
108 |
109 | ```c
110 | @usableFromInline
111 | @_effects(releasenone) // @opaque
112 | internal func _bridgeCocoaString(_ cocoaString: _CocoaString) -> _StringGuts {
113 | switch _KnownCocoaString(cocoaString) {
114 | case .storage:
115 | return _unsafeUncheckedDowncast(
116 | cocoaString, to: __StringStorage.self).asString._guts
117 | case .shared:
118 | return _unsafeUncheckedDowncast(
119 | cocoaString, to: __SharedStringStorage.self).asString._guts
120 | #if _pointerBitWidth(_64)
121 | case .tagged:
122 | // Foundation should be taking care of tagged pointer strings before they
123 | // reach here, so the only ones reaching this point should be back deployed,
124 | // which will never have tagged pointer strings that aren't small, hence
125 | // the force unwrap here.
126 | return _StringGuts(_SmallString(taggedCocoa: cocoaString)!)
127 | #if arch(arm64)
128 | case .constantTagged:
129 | let taggedContents = getConstantTaggedCocoaContents(cocoaString)!
130 | return _StringGuts(
131 | cocoa: taggedContents.untaggedCocoa,
132 | providesFastUTF8: false, //TODO: if contentsPtr is UTF8 compatible, use it
133 | isASCII: true,
134 | length: taggedContents.utf16Length
135 | )
136 | #endif
137 | #endif
138 | case .cocoa:
139 | // "Copy" it into a value to be sure nobody will modify behind
140 | // our backs. In practice, when value is already immutable, this
141 | // just does a retain.
142 | //
143 | // TODO: Only in certain circumstances should we emit this call:
144 | // 1) If it's immutable, just retain it.
145 | // 2) If it's mutable with no associated information, then a copy must
146 | // happen; might as well eagerly bridge it in.
147 | // 3) If it's mutable with associated information, must make the call
148 | let immutableCopy
149 | = _stdlib_binary_CFStringCreateCopy(cocoaString)
150 |
151 |
152 | #if _pointerBitWidth(_64)
153 | if _isObjCTaggedPointer(immutableCopy) {
154 | // Copying a tagged pointer can produce a tagged pointer, but only if it's
155 | // small enough to definitely fit in a _SmallString
156 | return _StringGuts(
157 | _SmallString(taggedCocoa: immutableCopy).unsafelyUnwrapped
158 | )
159 | }
160 | #endif
161 |
162 |
163 | let (fastUTF8, isASCII): (Bool, Bool)
164 | switch _getCocoaStringPointer(immutableCopy) {
165 | case .ascii(_): (fastUTF8, isASCII) = (true, true)
166 | case .utf8(_): (fastUTF8, isASCII) = (true, false)
167 | default: (fastUTF8, isASCII) = (false, false)
168 | }
169 | let length = _stdlib_binary_CFStringGetLength(immutableCopy)
170 |
171 |
172 | return _StringGuts(
173 | cocoa: immutableCopy,
174 | providesFastUTF8: fastUTF8,
175 | isASCII: isASCII,
176 | length: length)
177 | }
178 | }
179 | ```
180 |
--------------------------------------------------------------------------------
/src/common_type/string/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # 文字
2 |
3 | ## 概述
4 |
5 | * Swift中Large String
6 | * Native
7 | * 真正字符串的地址=objectAddr+0x20
8 | * Shared/Foreign
9 | * 真正字符串的地址=objectAddr
10 |
11 | ## 详解
12 |
13 | * Swift的String(64位)
14 | * 通用(Small String和Large String都有)
15 | * discriminator
16 | * 关于名称和
17 | * 位置
18 | * == leading nibble == top nibble = 64bit的最顶部的4个bit:b63:b60 == [bit63 ~ bit60]
19 | * 注:nibble=半个字节 = 4bit
20 | * 名称
21 | * (此处有个专门的名字)discriminator = 辨别器:用于区分字符串的具体类型
22 | * 其实叫做:String type 更加容易理解
23 | * 所以代码和注释中下面的名称是一个意思:
24 | * b63:b60 = discriminator = leading nibble == top nibble
25 | * 具体字段和含义
26 | * b63 = isImmortal
27 | * Should the Swift runtime skip ARC
28 | * Small strings are just values, always immortal
29 | * Large strings can sometimes be immortal, e.g. literals
30 | * b62 = (large) isBridged / (small) isASCII
31 | * For large strings, this means lazily-bridged NSString: perform ObjC ARC
32 | * Small strings repurpose this as a dedicated bit to remember ASCII-ness
33 | * b61 = isSmall
34 | * Dedicated bit to denote small strings
35 | * b60 = isForeign = isSlow
36 | * cannot provide access to contiguous UTF-8
37 | * 完整的映射表 = 不同字段的组合,表示不同类型字符串
38 | * 
39 | * Small String
40 | * [+0x00-0x0E] = 8+7个字节 =15个字节 = 64+56位 = 120位 : realString
41 | * [+0xF] = 第16个字节=共8位: discriminator + count
42 | * byte15的[b4:b7] = discriminator
43 | * byte15的[b0:b3] = count
44 | * Large String
45 | * [+0x00-0x07 ] = 8个字节 = 64位 : flag
46 | * b63 = ASCII = isASCII
47 | * b62 = NFC = isNFC
48 | * b61 = native = isNativelyStored
49 | * b60 = tail = isTailAllocated
50 | * b59 = UTF8 = isForeignUTF8
51 | * b58:48 = reserved
52 | * b47:0 = count
53 | * [+0x08-0x0F] = 8个字节 = 64位 : discriminator + objectAddr
54 | * b63:b60 = discriminator
55 | * 详见上述解释:b63 = isImmortal、b62 = (large) isBridged / (small) isASCII、b61 = isSmall、b60 = isForeign = isSlow
56 | * b60:b0 = objectAddr
57 | * realStrAddr = objectAddr + nativeBias = objectAddr + 32 = objectAddr + 0x20
58 |
--------------------------------------------------------------------------------
/src/common_type/struct/README.md:
--------------------------------------------------------------------------------
1 | # Struct结构体
2 |
--------------------------------------------------------------------------------
/src/common_type/struct/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # 内存布局
2 |
--------------------------------------------------------------------------------
/src/common_type/struct/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
3 | ## 纯Structure=不带Protocol的Structure
4 |
5 | ```swift
6 | struct Person {
7 | let name = "Crifan Li"
8 | let height = 1.83
9 | let isMale = true
10 | let age = 20
11 | }
12 | var person = Person()
13 | ```
14 |
15 | 对应内存数据:
16 |
17 | ```bash
18 | (lldb) x/8xg 0x0000000102f82bf0
19 | 0x102f82bf0: 0x4c206e6166697243 0xe900000000000069
20 | 0x102f82c00: 0x3ffd47ae147ae148 0x0000000000000001
21 | 0x102f82c10: 0x0000000000000014 0x0000000000000000
22 | 0x102f82c20: 0x0000000000000000 0x0000000000000000
23 | (lldb) p/c 0x4c206e6166697243
24 | (Int) Crifan L
25 | (lldb) p/c 0x00000000000069
26 | (Int) i\0\0\0\0\0\0\0
27 | (lldb) p/f 0x3ffd47ae147ae148
28 | (Int) 1.8300000000000001
29 | (lldb) x/8xb 0x102f82c08
30 | 0x102f82c08: 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00
31 | (lldb) p/d 0x0000000000000014
32 | (Int) 20
33 | ```
34 |
35 | ->
36 |
37 | * Person结构体
38 | * 大小=40=0x28
39 | * 内存布局
40 | * Person实例= person = 0x0000000102f82bf0
41 | * [+0x00~0x08] = String name
42 | * 0x4c206e6166697243 0xe900000000000069
43 | * "Crifan Li"
44 | * [+0x10] = Float height
45 | * 0x3ffd47ae147ae148
46 | * Float值:1.83
47 | * [+0x18] = bool isMale
48 | * 0x01 = true
49 | * [+0x20] = Int age
50 | * 0x0000000000000014 = 20
51 |
52 | ## 带Protocol的Structure
53 |
54 | ### Struct结构体字段可以放得下`ValueBuffer[3]`的内存布局
55 |
56 | 代码:
57 |
58 | ```swift
59 | protocol Drivable {
60 | func drive()
61 | var numberOfWheels: Int { get }
62 | }
63 |
64 | struct Car: Drivable {
65 | let numberOfWheels = 4
66 | let brand = "Tank300-Hi4T"
67 |
68 | func drive() { }
69 | }
70 |
71 | var curCar:Drivable = Car()
72 | ```
73 |
74 | ->
75 |
76 | ```bash
77 | (lldb) x/8xg 0x000000010227aba0
78 | 0x10227aba0: 0x0000000000000004 0x2d3030336b6e6154
79 | 0x10227abb0: 0xec00000054346948 0x0000000102274450
80 | 0x10227abc0: 0x0000000102274188 0x0000000000000000
81 | 0x10227abd0: 0x0000000000000000 0x0000000000000000
82 |
83 | (lldb) p/c 0x2d3030336b6e6154
84 | (Int) Tank300-
85 | (lldb) p/c 0x00000054346948
86 | (Int) Hi4T\0\0\0\0
87 | ```
88 |
89 | ->
90 |
91 | * Protocol的Structure,字段没超过ValueBuffer[3] = ValueBuffer[3]可以放得下Structure的字段 的内存布局:Car = 0x000000010227aba0
92 | * [+0x00] = ValueBuffer[0] = int64 numberOfWheels
93 | * 0x0000000000000004
94 | * [+0x08~0x10] = ValueBuffer[1:2] = String brand
95 | * 0x2d3030336b6e6154 0xec00000054346948
96 | * "Tank300-Hi4T"
97 | * [+0x18] = TypeMetadata * typeMetadata
98 | * 0x0000000102274450 = typeMetadata_struct_Car
99 | * type metadata for SwiftBasic.Car
100 | * [+0x20] = PWT * pwt
101 | * 0x0000000102274188 = PWT_Car
102 | * protocol witness table for SwiftBasic.Car : SwiftBasic.Drivable in SwiftBasic
103 |
104 | 其中:
105 |
106 | * 0x0000000102274450 = typeMetadata_struct_Car
107 |
108 | ```bash
109 | (lldb) im loo -va 0x0000000102274450
110 | Address: SwiftBasic[0x0000000100018450] (SwiftBasic.__DATA_CONST.__const + 808)
111 | Summary: SwiftBasic`type metadata for SwiftBasic.Car
112 | Module: file = "/Users/crifan/Library/Developer/Xcode/DerivedData/SwiftBasic-gbbekuhnjvcbzueioosvbqhdnlyq/Build/Products/Debug-iphoneos/SwiftBasic.app/SwiftBasic", arch = "arm64"
113 | Symbol: id = {0x000004be}, range = [0x0000000102274450-0x0000000102274468), name="type metadata for SwiftBasic.Car", mangled="$s10SwiftBasic3CarVN"
114 | ```
115 |
116 | * 0x0000000102274188 = PWT_Car
117 |
118 | ```bash
119 | (lldb) im loo -va 0x0000000102274188
120 | Address: SwiftBasic[0x0000000100018188] (SwiftBasic.__DATA_CONST.__const + 96)
121 | Summary: SwiftBasic`protocol witness table for SwiftBasic.Car : SwiftBasic.Drivable in SwiftBasic
122 | Module: file = "/Users/crifan/Library/Developer/Xcode/DerivedData/SwiftBasic-gbbekuhnjvcbzueioosvbqhdnlyq/Build/Products/Debug-iphoneos/SwiftBasic.app/SwiftBasic", arch = "arm64"
123 | Symbol: id = {0x000004ac}, range = [0x0000000102274188-0x00000001022741a0), name="protocol witness table for SwiftBasic.Car : SwiftBasic.Drivable in SwiftBasic", mangled="$s10SwiftBasic3CarVAA8DrivableAAWP"
124 | ```
125 |
126 | ### Structue字段超过`ValueBuffer[3]`的Struct结构体的内存布局
127 |
128 | 代码:
129 |
130 | ```swift
131 | protocol Drivable {
132 | func drive()
133 | var numberOfWheels: Int { get }
134 | }
135 |
136 | struct Bus: Drivable {
137 | let numberOfWheels = 8
138 | let fare = 2.25
139 | let seats = 28
140 | let totalOccupancy = 38
141 |
142 | let isElectric = true
143 |
144 | func drive() { }
145 | }
146 |
147 | var curBus:Drivable = Bus()
148 | ```
149 |
150 | 
151 |
152 | 对应的生成的相关初始化代码是:
153 |
154 | ```c
155 | void *_s6Empty221PersistenceControllerV6sharedACvau_5()
156 | {
157 | if ( one-time initialization token for curBus != -1 )
158 | swift_once(&one-time initialization token for curBus, one-time initialization function for curBus);
159 | return &curBus;
160 | }
161 | ```
162 |
163 | 
164 |
165 | 和:
166 |
167 | ```c
168 | void *one-time initialization function for curBus()
169 | {
170 | char copySrc[33]; // [xsp+28h] [xbp-28h] BYREF
171 |
172 | Bus.init()();
173 | TypeMetadata_Bus_10001EBE0 = &type metadata for Bus;
174 | PWT_Bus_10001EBE8 = &protocol witness table for Bus;
175 | curBus = swift_allocObject(&MetadataKind_HeapLocalVariable_Bus_100018598, 0x38LL, 7LL);
176 | return memcpy((void *)(curBus + 0x10LL), copySrc, 0x21uLL);
177 | }
178 | ```
179 |
180 | 
181 |
182 | -》相关调试数据:
183 |
184 | ```bash
185 | -------------- Drivable --------------
186 | 变量的地址: 0x0000000104bdebc8
187 | 变量的内存: 0x0000000283354140 0x0000000000000000 0x0000000000000000 0x0000000104bd84d0 0x0000000104bd81a0
188 | 变量的大小: 40=0x28
189 |
190 | (lldb) x/6xg 0x0000000104bdebc8
191 | 0x104bdebc8: 0x0000000283354140 0x0000000000000000
192 | 0x104bdebd8: 0x0000000000000000 0x0000000104bd84d0
193 | 0x104bdebe8: 0x0000000104bd81a0 0x0000000000000000
194 | (lldb) x/8xg 0x0000000283354140
195 | 0x283354140: 0x0000000104bd8598 0x0000000000000003
196 | 0x283354150: 0x0000000000000008 0x4002000000000000
197 | 0x283354160: 0x000000000000001c 0x0000000000000026
198 | 0x283354170: 0x00000003f11bc601 0x00000001f9b262ce
199 | (lldb) im loo -va 0x0000000104bd84d0
200 | Address: SwiftBasic[0x00000001000184d0] (SwiftBasic.__DATA_CONST.__const + 936)
201 | Summary: SwiftBasic`type metadata for SwiftBasic.Bus
202 | Module: file = "/Users/crifan/Library/Developer/Xcode/DerivedData/SwiftBasic-gbbekuhnjvcbzueioosvbqhdnlyq/Build/Products/Debug-iphoneos/SwiftBasic.app/SwiftBasic", arch = "arm64"
203 | Symbol: id = {0x000004c1}, range = [0x0000000104bd84d0-0x0000000104bd84f8), name="type metadata for SwiftBasic.Bus", mangled="$s10SwiftBasic3BusVN"
204 | (lldb) im loo -va 0x0000000104bd81a0
205 | Address: SwiftBasic[0x00000001000181a0] (SwiftBasic.__DATA_CONST.__const + 120)
206 | Summary: SwiftBasic`protocol witness table for SwiftBasic.Bus : SwiftBasic.Drivable in SwiftBasic
207 | Module: file = "/Users/crifan/Library/Developer/Xcode/DerivedData/SwiftBasic-gbbekuhnjvcbzueioosvbqhdnlyq/Build/Products/Debug-iphoneos/SwiftBasic.app/SwiftBasic", arch = "arm64"
208 | Symbol: id = {0x000004ad}, range = [0x0000000104bd81a0-0x0000000104bd81b8), name="protocol witness table for SwiftBasic.Bus : SwiftBasic.Drivable in SwiftBasic", mangled="$s10SwiftBasic3BusVAA8DrivableAAWP"
209 | (lldb) p/f 0x4002000000000000
210 | (Int) 2.25
211 | (lldb) p/d 0x000000000000001c
212 | (Int) 28
213 | (lldb) p/d 0x0000000000000026
214 | (Int) 38
215 | (lldb) x/8xb 0x283354170
216 | 0x283354170: 0x01 0xc6 0x1b 0xf1 0x03 0x00 0x00 0x00
217 | (lldb) x/2xg 0x0000000104bd8598
218 | 0x104bd8598: 0x0000000000000400 0x0000000000000010
219 | ```
220 |
221 | ->含义:
222 |
223 | * Protocol的Structure的,且Structure字段超过ValueBuffer[3]的(Bus的)内存布局 =
224 | * [+0x00] = ValueBuffer[0] = Structure的指针
225 | * 0x0000000283354140 = curBus的ptr
226 | * [+0x00] = MetadataKind kind
227 | * = 0x0000000000000400 == HeapLocalVariable
228 | * Bus是HeapLocalVariable类型变量
229 | * 内存是在堆中分配的
230 | * 且是个本地临时变量
231 | * [+0x08] = int64 refCount
232 | * 0x0000000000000003
233 | * Structure自己的属性值
234 | * [+0x10] = int64 numberOfWheels
235 | * 0x0000000000000008
236 | * [+0x18] = float fare
237 | * 0x4002000000000000 == 2.25
238 | * [+0x20] = int64 seats
239 | * 0x000000000000001c == 28
240 | * [+0x28] = int64 totalOccupancy
241 | * 0x0000000000000026 == 38
242 | * [+0x30] = bool(int8) isElectric
243 | * 0x01
244 | * [+0x08] = ValueBuffer[1] = 空 = 没用
245 | * [+0x10] = ValueBuffer[2] = 空 = 没用
246 | * [+0x18] = TypeMetadata * typeMetadata
247 | * 0x0000000104bd84d0 = typeMetadata_struct_Bus
248 | * type metadata for SwiftBasic.Bus
249 | * [+0x20] = PWT * pwt
250 | * 0x0000000104bd81a0 = PWT_Bus
251 | * protocol witness table for SwiftBasic.Bus : SwiftBasic.Drivable in SwiftBasic
252 |
253 | 其中:
254 |
255 | * 0x0000000104bd84d0 = typeMetadata_struct_Bus
256 |
257 | ```bash
258 | (lldb) im loo -va 0x0000000104bd84d0
259 | Address: SwiftBasic[0x00000001000184d0] (SwiftBasic.__DATA_CONST.__const + 936)
260 | Summary: SwiftBasic`type metadata for SwiftBasic.Bus
261 | Module: file = "/Users/crifan/Library/Developer/Xcode/DerivedData/SwiftBasic-gbbekuhnjvcbzueioosvbqhdnlyq/Build/Products/Debug-iphoneos/SwiftBasic.app/SwiftBasic", arch = "arm64"
262 | Symbol: id = {0x000004c1}, range = [0x0000000104bd84d0-0x0000000104bd84f8), name="type metadata for SwiftBasic.Bus", mangled="$s10SwiftBasic3BusVN"
263 | ```
264 |
265 | * 0x0000000104bd81a0 = PWT_Bus
266 |
267 | ```bash
268 | (lldb) im loo -va 0x0000000104bd81a0
269 | Address: SwiftBasic[0x00000001000181a0] (SwiftBasic.__DATA_CONST.__const + 120)
270 | Summary: SwiftBasic`protocol witness table for SwiftBasic.Bus : SwiftBasic.Drivable in SwiftBasic
271 | Module: file = "/Users/crifan/Library/Developer/Xcode/DerivedData/SwiftBasic-gbbekuhnjvcbzueioosvbqhdnlyq/Build/Products/Debug-iphoneos/SwiftBasic.app/SwiftBasic", arch = "arm64"
272 | Symbol: id = {0x000004ad}, range = [0x0000000104bd81a0-0x0000000104bd81b8), name="protocol witness table for SwiftBasic.Bus : SwiftBasic.Drivable in SwiftBasic", mangled="$s10SwiftBasic3BusVAA8DrivableAAWP"
273 | ```
274 |
--------------------------------------------------------------------------------
/src/common_type/struct/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # 图
2 |
3 | * Swift的Structure内存布局图 = Swift Structure Memory Layout
4 | * 在线预览
5 | * [Swift的Structure内存布局图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65e2e4ad5a48bc0276931c1c)
6 | * 离线查看
7 | * 
8 | * 核心内容
9 | * 
10 |
--------------------------------------------------------------------------------
/src/common_type/struct/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
3 | ```c
4 | struct SwiftProtocolStructure
5 | {
6 | __int64 valueBuffer0; // case1: field1, case2: void* realStruct
7 | __int64 valueBuffer1; // case1: field2, case2: int64 unused1
8 | __int64 valueBuffer2; // case1: field3, case2: int64 unused2
9 | void* typeMetadata;
10 | void* pwt;
11 | };
12 | ```
13 |
--------------------------------------------------------------------------------
/src/common_type/struct/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
--------------------------------------------------------------------------------
/src/common_type/struct/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # 文字
2 |
3 | * Swift的Structure内存布局 概述
4 | * `Pure Structure`
5 | * 符合对齐标准,挨个字段存放
6 | * `Protocol Structure`
7 | * 字段**没超过**`ValueBuffer[3]` == `ValueBuffer[3]`能放得下Structure的所有字段值
8 | * `ValueBuffer[0~3]`:符合对齐标准,挨个字段存放
9 | * `[+0x18] = TypeMetadata* metadata`
10 | * `[+0x20] = ProtocolWitnessTable* pwt`
11 | * 字段**超过**`ValueBuffer[3]` == `ValueBuffer[3]`放不下Structure的所有字段值
12 | * `ValueBuffer[0] = void* realStruct` = 真正结构体Structure字段
13 | * `ValueBuffer[1]` = 没用 = 无效数据
14 | * `ValueBuffer[2]` = 没用 = 无效数据
15 | * `[+0x18] = TypeMetadata* metadata`
16 | * `[+0x20] = ProtocolWitnessTable* pwt`
17 |
--------------------------------------------------------------------------------
/src/common_type/tuple/README.md:
--------------------------------------------------------------------------------
1 | # Tuple元祖
2 |
--------------------------------------------------------------------------------
/src/swift_basic/README.md:
--------------------------------------------------------------------------------
1 | # Swift基础知识
2 |
--------------------------------------------------------------------------------
/src/swift_common/README.md:
--------------------------------------------------------------------------------
1 | # Swift通用逻辑
2 |
3 | * `Metadata`
4 | * `TargetMetadata`
5 | * `TargetValueMetadata` = `ValueMetadata`
6 | * `[-0x8]` => `VWT`=`ValueWitnessTable`
7 | * `TargetClassMetadata` = `ClassMetadata`
8 | * `HeapMetadata`
9 | * 其他相关
10 | * Protocol
11 | * `PWT`=`Protocol Witness Table` = `ProtocolWitnessTable`
12 | * `ValueBuffer`
13 | * Exitential Container?
14 | * Box?
15 | * Opaque ?
16 |
--------------------------------------------------------------------------------
/src/swift_common/metadatakind.md:
--------------------------------------------------------------------------------
1 | # MetadataKind = Metadata的type
2 |
3 | Swift中Metadata的Type == MetadataKind 的定义
4 |
5 | ## 图
6 |
7 | * MetadataKind的定义 表格
8 | * 
9 | * == [Swift的ValueMetadata和VWT的内存布局图](../swift_common/typemetadata/valuemetadata/README.md)中的`MetadataKind`的表格
10 |
11 | ## 核心代码
12 |
13 | ```c
14 | const unsigned MetadataKindIsNonType = 0x400;
15 | const unsigned MetadataKindIsNonHeap = 0x200;
16 | const unsigned MetadataKindIsRuntimePrivate = 0x100;
17 |
18 | LastEnumerated = 0x7FF,
19 |
20 | NOMINALTYPEMETADATAKIND(Class, 0)
21 | NOMINALTYPEMETADATAKIND(Struct, 0 | MetadataKindIsNonHeap)
22 | NOMINALTYPEMETADATAKIND(Enum, 1 | MetadataKindIsNonHeap)
23 | NOMINALTYPEMETADATAKIND(Optional, 2 | MetadataKindIsNonHeap)
24 | METADATAKIND(ForeignClass, 3 | MetadataKindIsNonHeap)
25 | METADATAKIND(Opaque, 0 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
26 | METADATAKIND(Tuple, 1 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
27 | METADATAKIND(Function, 2 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
28 | METADATAKIND(Existential, 3 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
29 | METADATAKIND(Metatype, 4 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
30 | METADATAKIND(ObjCClassWrapper, 5 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
31 | METADATAKIND(ExistentialMetatype, 6 | MetadataKindIsRuntimePrivate | MetadataKindIsNonHeap)
32 | METADATAKIND(HeapLocalVariable, 0 | MetadataKindIsNonType)
33 | METADATAKIND(HeapGenericLocalVariable, 0 | MetadataKindIsNonType | MetadataKindIsRuntimePrivate)
34 | METADATAKIND(ErrorObject, 1 | MetadataKindIsNonType | MetadataKindIsRuntimePrivate)
35 | ```
36 |
37 | ## 表格
38 |
39 | | 名称 | 枚举值 | 说明 |
40 | | ---- | ----- | --- |
41 | | Class | 0x0 | 类 |
42 | | Struct | 0x200 | 结构体 |
43 | | Enum | 0x201 | 枚举 |
44 | | Optional | 0x202 | 可选类型 |
45 | | ForeignClass | 0x203 | 外部类,比如CoreFoundation中的类 |
46 | | Opaque | 0x300 | 在元数据系统中不公开其值的类型 |
47 | | Tuple | 0x301 | 元祖类型 |
48 | | Function | 0x302 | A monomorphic function |
49 | | Existential | 0x303 | An existential type |
50 | | Metatype | 0x304 | A metatype |
51 | | ObjCClassWrapper | 0x305 | An ObjC class wrapper |
52 | | ExistentialMetatype | 0x306 | An existential metatype |
53 | | HeapLocalVariable | 0x400 | 使用静态生成的元数据的堆分配的局部变量 |
54 | | HeapGenericLocalVariable | 0x500 | 使用运行时实例化的元数据的堆分配的局部变量 |
55 | | ErrorObject | 0x501 | swift原生的错误类型 |
56 | | LastEnumerated | 0x7FF | 最大的非isa指针元数据类型值 |
57 | | | | |
58 | | 🔽 下面是通用全局定义 | | |
59 | | MetadataKindIsNonType | 0x400 | |
60 | | MetadataKindIsNonHeap | 0x200 | |
61 | | MetadataKindIsNonHeap | 0x200 | |
62 | | LastEnumerated | 0x7FF | |
63 | | | |
64 |
65 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/README.md:
--------------------------------------------------------------------------------
1 | # TypeMetadata
2 |
3 | * Swift中的`Metadata`
4 | * **TargetMetadata**
5 | * **ValueMetadata** ==`TargetValueMetadata`
6 | * 特点
7 | * **有VWT**
8 | * `[-0x8]`是`VWT`=`ValueWitnessTable`
9 | * 适用于:**Value值** == **非Class** == `Struct`、`Enum`、`Optional`等类型
10 | * `kind`值的范围:`0 < kind < 0x7FF`
11 | * `kind == 0x200` 是 `Struct`
12 | * `kind == 0x201` 是 `Enum`
13 | * `kind == 0x202` 是 `Optional`
14 | * `kind == 0x301` 是 `Tuple`
15 | * **ClassMetadata** ==`TargetClassMetadata`
16 | * 特点
17 | * **没有VWT**
18 | * 适用于:**Class类**
19 | * `kind`值的范围:
20 | * `kind == 0` => (没有继承自`ObjC`的)**纯Swift类**
21 | * `kind > 0x7FF` => 继承自`ObjC`的`Swift`类 == 此时的值就是`ObjC`中的**isa**
22 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/README.md:
--------------------------------------------------------------------------------
1 | # ClassMetadata
2 |
3 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # 内存布局
2 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # 举例
2 |
3 | ## __DataStorage
4 |
5 | 具体详见:
6 |
7 | [ClassMetadata 内存布局 图](../../../../swift_common/typemetadata/classmetadata/memory_layout/figure.md)
8 |
9 | 对应调试细节:
10 |
11 | ### ClassMetadata
12 |
13 | ```c
14 | (lldb) x/10xg 0x0000000207cb7d90
15 | 0x207cb7d90: 0x0000000207cb7d58 0x0000000207c47ed8
16 | 0x207cb7da0: 0x00000001c29c8490 0x0000805000000000
17 | 0x207cb7db0: 0x0000000281e95702 0x0000000000000002
18 | 0x207cb7dc0: 0x0000000700000041 0x00000010000000d0
19 | 0x207cb7dd0: 0x00000001b2009838 0x0000000000000000
20 |
21 | (lldb) po 0x0000000207cb7d58
22 | Foundation.__DataStorage
23 | (lldb) po 0x0000000207c47ed8
24 | _TtCs12_SwiftObject
25 |
26 | (lldb) x/2xh 0x207cb7db8
27 | 0x207cb7db8: 0x0002 0x0000
28 |
29 | (lldb) x/2xh 0x207cb7dc0
30 | 0x207cb7dc0: 0x0041 0x0000
31 |
32 | (lldb) x/2xw 0x207cb7db8
33 | 0x207cb7db8: 0x00000002 0x00000000
34 |
35 | (lldb) x/2xw 0x207cb7dc0
36 | 0x207cb7dc0: 0x00000041 0x00000007
37 |
38 | (lldb) x/2xh 0x207cb7dc4
39 | 0x207cb7dc4: 0x0007 0x0000
40 |
41 | (lldb) x/2xw 0x207cb7dc8
42 | 0x207cb7dc8: 0x000000d0 0x00000010
43 | ```
44 |
45 | ->
46 |
47 | * __DataStorage的Class的TypeMetadata
48 | * [+0x00] = var kind: Int
49 | * 0x0000000207cb7d58
50 | * Foundation.__DataStorage
51 | * [+0x08] = var superClass: UnsafeMutablePointer
52 | * 0x0000000207c47ed8
53 | * _TtCs12_SwiftObject
54 | * [+0x10] = Int cacheData[2]
55 | * 0x00000001c29c8490
56 | * 0x0000805000000000
57 | * [+0x20] = var data: Int
58 | * 0x0000000281e95702
59 | * [+0x28] = var classFlags: Int32
60 | * 0x00000002
61 | * [+0x2C] = var instanceAddressPoint: UInt32
62 | * 0x00000000
63 | * [+0x30] = var instanceSize: UInt32
64 | * 0x00000041
65 | * [+0x34] = var instanceAlignmentMask: UInt16
66 | * 0x0007
67 | * [+0x36] = var reserved: UInt16
68 | * 0x0000
69 | * [+0x38] = var classSize: UInt32
70 | * 0x000000d0
71 | * [+0x3C] = var classAddressPoint: UInt32
72 | * 0x00000010
73 | * [+0x40] = var typeDescriptor: UnsafeMutablePointer
74 | * 0x00000001b2009838
75 | * [+0x48] = var iVarDestroyer: UnsafeMutablePointer
76 | * 0x0000000000000000
77 |
78 | 以及:
79 |
80 | ### struct TargetClassDescriptor
81 |
82 | ```c
83 | (lldb) x/8xg 0x00000001b2009838
84 | 0x1b2009838: 0xffffbc3480000050 0xfff49e10ffffffe8
85 | 0x1b2009848: 0x0000000000010464 0x0000001800000002
86 | 0x1b2009858: 0x000000060000000e 0x000000100000000a
87 | 0x1b2009868: 0x0000000100000008 0x00000001fff33690
88 | (lldb) x/16xw 0x00000001b2009838
89 | 0x1b2009838: 0x80000050 0xffffbc34 0xffffffe8 0xfff49e10
90 | 0x1b2009848: 0x00010464 0x00000000 0x00000002 0x00000018
91 | 0x1b2009858: 0x0000000e 0x00000006 0x0000000a 0x00000010
92 | 0x1b2009868: 0x00000008 0x00000001 0xfff33690 0x00000001
93 | ```
94 |
95 | ->
96 | * Foundation.__DataStorage TypeDescriptor == struct TargetClassDescriptor
97 | * [+0x00] = var flags: UInt32
98 | * 0x80000050
99 | * [+0x04] = var parent: TargetRelativeDirectPointer
100 | * 0xffffbc34
101 | * [+0x08] = var name: TargetRelativeDirectPointer
102 | * 0xffffffe8
103 | * [+0x0C] = var accessFunctionPointer: TargetRelativeDirectPointer
104 | * 0xfff49e10
105 | * [+0x10] = var fieldDescriptor: TargetRelativeDirectPointer
106 | * 0x00010464
107 | * [+0x14] = var superClassType: TargetRelativeDirectPointer
108 | * 0x00000000
109 | * [+0x18] = Int32 Union
110 | * var ResilientMetadataBounds: RelativeDirectPointer
111 | * var metadataNegativeSizeInWords: UInt32
112 | * 估计是:0x00000002
113 | * [+0x1C] = Int32 Union
114 | * var extraClassFlags: ExtraClassDescriptorFlags
115 | * var metadataPositiveSizeInWords: UInt32
116 | * 暂不确定是哪个
117 | * 此处值:0x00000018
118 | * [+0x20] = var numImmediateMembers: UInt32
119 | * 0x0000000e
120 | * [+0x24] = var numFields: UInt32
121 | * 0x00000006
122 | * [+0x28] = var fieldOffsetVectorOffset: UInt32
123 | * 0x0000000a
124 | * [+0x2C] = var Offset: UInt32
125 | * 0x00000010
126 | * [+0x30] = var size: UInt32
127 | * 0x00000008
128 | * [+0x34] = var firstVtableData: VTableBuffer
129 | * 0x00000001
130 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # Swift的ClassMetadata的内存布局结构图
2 |
3 | * Swift的ClassMetadata的内存布局结构图 = Swift ClassMetadata Memory Layout
4 | * 在线预览
5 | * [Swift的ClassMetadata内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65d362557a29576026eb6a64)
6 | * 离线查看
7 | * 
8 | * 核心定义
9 | * 
10 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # IDA定义
2 |
3 | ```c
4 | struct ClassMetadata
5 | {
6 | __int64 kind;
7 | void *superClass;
8 | __int64 cacheData[2];
9 | void *data;
10 | __int32 classFlags;
11 | __int32 instanceAddressPoint;
12 | __int32 instanceSize;
13 | __int16 instanceAlignmentMask;
14 | __int16 reserved;
15 | __int32 classSize;
16 | __int32 classAddressPoint;
17 | void *typeDescriptor;
18 | void *iVarDestroyer;
19 | };
20 | ```
21 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/memory_layout/src.md:
--------------------------------------------------------------------------------
1 | # Swift源码
2 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/classmetadata/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # ClassMetadata的内存布局
2 |
3 | ## 概述
4 |
5 | ### ClassMetadata = Class的TypeMetadata
6 |
7 | * Class的TypeMetadata
8 | * [+0x00] = var kind: Int
9 | * [+0x08] = var superClass: UnsafeMutablePointer
10 | * [+0x10] = Int cacheData[2]
11 | * [+0x20] = var data: Int
12 | * [+0x28] = var classFlags: Int32
13 | * [+0x2C] = var instanceAddressPoint: UInt32
14 | * [+0x30] = var instanceSize: UInt32
15 | * [+0x34] = var instanceAlignmentMask: UInt16
16 | * [+0x36] = var reserved: UInt16
17 | * [+0x38] = var classSize: UInt32
18 | * [+0x3C] = var classAddressPoint: UInt32
19 | * [+0x40] = var typeDescriptor: UnsafeMutablePointer
20 | * [+0x48] = var iVarDestroyer: UnsafeMutablePointer
21 |
22 | ### struct TargetClassDescriptor
23 |
24 | * struct TargetClassDescriptor
25 | * [+0x00] = var flags: UInt32
26 | * [+0x04] = var parent: TargetRelativeDirectPointer
27 | * [+0x08] = var name: TargetRelativeDirectPointer
28 | * [+0x0C] = var accessFunctionPointer: TargetRelativeDirectPointer
29 | * [+0x10] = var fieldDescriptor: TargetRelativeDirectPointer
30 | * [+0x14] = var superClassType: TargetRelativeDirectPointer
31 | * [+0x18] = Int32 Union
32 | * var ResilientMetadataBounds: RelativeDirectPointer
33 | * var metadataNegativeSizeInWords: UInt32
34 | * [+0x1C] = Int32 Union
35 | * var extraClassFlags: ExtraClassDescriptorFlags
36 | * var metadataPositiveSizeInWords: UInt32
37 | * [+0x20] = var numImmediateMembers: UInt32
38 | * [+0x24] = var numFields: UInt32
39 | * [+0x28] = var fieldOffsetVectorOffset: UInt32
40 | * [+0x2C] = var Offset: UInt32
41 | * [+0x30] = var size: UInt32
42 | * [+0x34] = var firstVtableData: VTableBuffer
43 |
44 | ## 详解
45 |
46 | ### Swift中类的继承关系
47 |
48 | * Swift中类的继承关系
49 | * 详解
50 | * TargetClassMetadataType == ClassMetadata
51 | * = TargetClassMetadata>
52 | * TargetClassMetadataObjCInterop
53 | * = TargetClassMetadata>
54 | * ->
55 | * TargetAnyClassMetadataType
56 | * ObjCInterop=true == 兼容ObjC类 == 支持Objective-C类互操作
57 | * TargetAnyClassMetadataObjCInterop
58 | * ObjCInterop=false == 不兼容ObjC类
59 | * TargetAnyClassMetadata
60 | * TargetAnyClassMetadataObjCInterop
61 | * TargetAnyClassMetadata
62 | * TargetClassMetadata
63 | * TargetAnyClassMetadataVariant
64 | * ->
65 | * TargetAnyClassMetadata
66 | * TargetHeapMetadata == HeapMetadata
67 | * TargetMetadata
68 | * 概述
69 | * ClassMetadata
70 | * TargetClassMetadata
71 | * TargetAnyClassMetadataObjCInterop
72 | * TargetAnyClassMetadata
73 | * TargetHeapMetadata
74 | * TargetMetadata
75 |
76 | ### Swift中的:ClassMetadata 字段定义
77 |
78 | * Swift中的:ClassMetadata 字段定义
79 | * TargetMetadata
80 | * var kind: Int
81 | * 在oc中放的就是isa,在swift中kind大于0x7FF表示的就是类
82 | * TargetHeapMetadata
83 | * 没属性=字段
84 | * TargetAnyClassMetadata
85 | * var superClass: UnsafeMutablePointer
86 | * 父类的Metadata,如果是null说明是最顶级的root类了
87 | * TargetAnyClassMetadataObjCInterop
88 | * Int cacheData[2]
89 | * 缓存数据用于某些动态查找,它由运行时拥有,通常需要与Objective-C的使用进行互操作。(说到底就是OC的东西)
90 | * var data: Int
91 | * 除了编译器设置低位以表明这是Swift元类型(因此存在对应的类型元数据的头信息)外,这个data里存的指针,用于行外元数据,通常是不透明的(应该也是OC的)
92 | * TargetClassMetadata
93 | * var classFlags: Int32
94 | * Swift-specific class flags
95 | * var instanceAddressPoint: UInt32
96 | * The address point of instances of this type
97 | * var instanceSize: UInt32
98 | * The required size of instances of this type.(实例对象在堆内存的大小)
99 | * var instanceAlignmentMask: UInt16
100 | * The alignment mask of the address point of instances of this type. (根据这个mask来获取内存中的对齐大小)
101 | * var reserved: UInt16
102 | * Reserved for runtime use.(预留给运行时使用)
103 | * var classSize: UInt32
104 | * The total size of the class object, including prefix and suffix extents.
105 | * var classAddressPoint: UInt32
106 | * The offset of the address point within the class object.
107 | * var typeDescriptor: UnsafeMutablePointer
108 | * 一个对类型的超行的swift特定描述,如果这是一个人工子类,则为null。目前不提供动态创建非人工子类的机制。
109 | * var iVarDestroyer: UnsafeMutablePointer
110 | * 销毁实例变量的函数,用于在构造函数早期返回后进行清理。如果为null,则不会执行清理操作,并且所有的ivars都必须是简单的。
111 |
112 | ### struct TargetClassDescriptor
113 |
114 | * struct TargetClassDescriptor
115 | * var flags: UInt32
116 | * 存储在任何上下文描述符的第一个公共标记
117 | * var parent: TargetRelativeDirectPointer
118 | * 复用的RelativeDirectPointer这个类型,其实并不是,但看下来原理一样;
119 | * 父级上下文,如果是顶级上下文则为null
120 | * var name: TargetRelativeDirectPointer
121 | * 获取类的名称
122 | * var accessFunctionPointer: TargetRelativeDirectPointer
123 | * 这里的函数类型是一个替身,需要调用getAccessFunction()拿到真正的函数指针(这里没有封装),会得到一个MetadataAccessFunction元数据访问函数的指针的包装器类,该函数提供operator()重载以使用正确的调用约定来调用它(可变长参数),意外发现命名重整会调用这边的方法(目前不太了解这块内容)。
124 | * var fieldDescriptor: TargetRelativeDirectPointer
125 | * 一个指向类型的字段描述符的指针(如果有的话)。类型字段的描述,可以从里面获取结构体的属性。
126 | * var superClassType: TargetRelativeDirectPointer
127 | * The type of the superclass, expressed as a mangled type name that can refer to the generic arguments of the subclass type.
128 | * Int32 Union (下面两个属性在源码中是union类型,所以取size大的类型作为属性(这里貌似一样),具体还得判断是否have a resilient superclass)
129 | * var ResilientMetadataBounds: RelativeDirectPointer
130 | * 有resilient superclass,用ResilientMetadataBounds,表示对保存元数据扩展的缓存的引用
131 | * var metadataNegativeSizeInWords: UInt32
132 | * 没有resilient superclass使用MetadataNegativeSizeInWords,表示该类元数据对象的负大小(用字节表示)
133 | * Int32 Union
134 | * var extraClassFlags: ExtraClassDescriptorFlags
135 | * 有resilient superclass,用ExtraClassFlags,表示一个Objective-C弹性类存根的存在
136 | * var metadataPositiveSizeInWords: UInt32
137 | * 没有resilient superclass使用MetadataPositiveSizeInWords,表示该类元数据对象的正大小(用字节表示)
138 | * var numImmediateMembers: UInt32
139 | * 此类添加到类元数据的其他成员的数目。默认情况下,这些数据对运行时是不透明的,而不是在其他成员中公开;它实际上只是NumImmediateMembers * sizeof(void*)字节的数据。
140 | * 这些字节是添加在地址点之前还是之后,取决于areImmediateMembersNegative()方法。
141 | * var numFields: UInt32
142 | * 属性个数,不包含父类的
143 | * var fieldOffsetVectorOffset: UInt32
144 | * 存储这个结构的字段偏移向量的偏移量(记录你属性起始位置的开始的一个相对于metadata的偏移量,具体看metadata的getFieldOffsets方法),如果为0,说明你没有属性
145 | * 如果这个类含有一个弹性的父类,那么从他的弹性父类的metaData开始偏移
146 | * var Offset: UInt32
147 | * var size: UInt32 //VTable数量
148 | * var firstVtableData: VTableBuffer //VTable
149 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/README.md:
--------------------------------------------------------------------------------
1 | # ValueMetadata
2 |
3 | ## 内存布局
4 |
5 | ### 图
6 |
7 | * Swift的ValueMetadata和VWT的内存布局结构图 = Swift ValueMetadata and VWT Memory Layout
8 | * 在线预览
9 | * [Swift的ValueMetadata和VWT的内存布局结构图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65c2f8363c64b133055f83d4)
10 | * 离线查看
11 | * 
12 | * 核心定义
13 | * 
14 |
15 | ### 文字
16 |
17 | * Swift中的:TargetValueMetadata
18 | * 继承关系
19 | * TargetValueMetadata = ValueMetadata
20 | * TargetMetadata
21 | * 字段=属性=内存布局
22 | * TargetMetadata
23 | * StoredPointer Kind
24 | * the kind. Only valid for non-class metadata; getKind() must be used to get the kind value
25 | * 详见
26 | * [MetadataKind](../../../swift_common/metadatakind.md)
27 | * TargetValueMetadata
28 | * TargetSignedPointer* Description
29 | * An out-of-line description of the type
30 | * 说明
31 | * 此处的Description根据具体类型不同,则是不同的内容
32 | * 举例
33 | * Struct
34 | * TargetStructDescriptor=StructDescriptor
35 |
36 | ### 加到IDA中的定义
37 |
38 | ```c
39 | struct ValueMetadata
40 | {
41 | __int64 kind;
42 | void *description;
43 | };
44 | ```
45 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/enummetadata.md:
--------------------------------------------------------------------------------
1 | # EnumMetadata
2 |
3 | * Swift的EnumMetadata的内存布局
4 | * [-0x08] = ValueWitnessTable* vwt;
5 | * [+0x00] = int64 kind
6 | * 是**固定的**:`0x201`
7 | * [+0x08] = EnumDescriptor* description
8 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/structmetadata/README.md:
--------------------------------------------------------------------------------
1 | # StructMetadata
2 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # StructMetadata的内存布局
2 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # StructMetadata的内存布局举例
2 |
3 | ## `ConcreteConfigPrimitiveBox`的`StructDescriptor`
4 |
5 | 内存值:
6 |
7 | ```bash
8 | (lldb) x/16gw 0x000000010771431c
9 | 0x10771431c: 0x000000d1 0xffffffdc 0xffe75bcc 0xfd6669b4
10 | 0x10771432c: 0x00000000 0x00000001 0x00000004 0x00a2c760
11 | 0x10771433c: 0xffe75bd4 0x00010001 0x00000002 0x00000080
12 | 0x10771434c: 0x00000080 0x000a5870 0xfffffe78 0x000000c2
13 | ```
14 |
15 | 对应着IDA中的汇编:
16 |
17 | ```asm
18 | __constg_swiftt:0000000102DF831C ; nominal type descriptor for MainAppLibrary.ConcreteConfigPrimitiveBox
19 | __constg_swiftt:0000000102DF831C $s14MainAppLibrary26ConcreteConfigPrimitiveBoxVMn StructDescriptor <0xD1, stru_102DF82FC - ., aConcreteconfig - ., \
20 | __constg_swiftt:0000000102DF831C ; DATA XREF: type metadata accessor for ConcreteConfigPrimitiveBox↑o
21 | __constg_swiftt:0000000102DF831C ; __swift5_types:0000000102EA5EAC↓o ...
22 | __constg_swiftt:0000000102DF831C $s14MainAppLibrary26ConcreteConfigPrimitiveBoxVMa - .,\ ; type metadata accessor for ConcreteConfigPrimitiveBox ...
23 | __constg_swiftt:0000000102DF831C $s14MainAppLibrary26ConcreteConfigPrimitiveBoxVMn.FieldDescriptor - .,\
24 | __constg_swiftt:0000000102DF831C 1, 4>
25 | ```
26 |
27 | ->
28 |
29 | * StructDescriptor的例子:ConcreteConfigPrimitiveBox
30 | * struc : sizeof=0x1C == 0x000000010771431c == IDA的 0x0000000102df831c
31 | * [0x00~0x03] = Flags
32 | * 0x000000d1
33 | * [0x04~0x07] = Parent
34 | * 0xffffffdc
35 | * stru_102DF82FC - .
36 | * = 0x102DF82FC - (0x0000000102df831c + 0x4)
37 | * = 0x102DF82FC - 0x0000000102df8320
38 | * = 0xFFFFFFDC
39 | * [0x08~0x0B] = Name
40 | * 0xffe75bcc
41 | * aConcreteconfig - .
42 | * aConcreteconfig == "ConcreteConfigPrimitiveBox"
43 | * = 0x102C6DEF0 - (0x0000000102df831c + 0x8)
44 | * = 0xFFE75BCC
45 | * [0x0C~0x0F] = AccessFunction = AccessFunctionPtr
46 | * 0xfd6669b4
47 | * $s14MainAppLibrary26ConcreteConfigPrimitiveBoxVMa - .
48 | * = 0x10045ECDC - (0x0000000102df831c + 0xC)
49 | * = 0xFD6669B4
50 | * [0x10~0x13] = FieldDescriptor == Fields
51 | * 0x00000000
52 | * $s14MainAppLibrary26ConcreteConfigPrimitiveBoxVMn.FieldDescriptor - .
53 | * = 0x0000000102df832c - (0x0000000102df831c + 0x10)
54 | * = 0
55 | * [0x14~0x17] = NumFields
56 | * 0x00000001
57 | * 这个结构体只有一个字段=属性property=域field ?
58 | * 好像是:field offset vector length = 1
59 | * 此处是有1个field offset vector的
60 | * [0x18~0x1B] = FieldOffsetVectorOffset
61 | * 0x00000004
62 | * The offset of the field offset vector for this struct's stored properties in its metadata
63 | * 此处的field offset vector的offset是4
64 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # StructMetadata的内存布局图
2 |
3 | * Swift的StructMetadata内存布局图 = Swift ValueMetadata Memory Layout
4 | * 在线预览
5 | * [Swift的StructMetadata内存布局图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65d80e3ad609432b5b881dff)
6 | * 离线查看
7 | * 
8 | * 核心定义
9 | * 
10 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/structmetadata/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # StructMetadata的内存布局文字版
2 |
3 | * Swift的StructMetadata的内存布局
4 | * [-0x08] = ValueWitnessTable* `vwt`;
5 | * [+0x00] = int64 `kind`
6 | * 是**固定的**:`0x200`
7 | * [+0x08] = **StructDescriptor*** `description`
8 | * StructDescriptor
9 | * FieldDescriptor
10 | * FieldRecord
11 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/README.md:
--------------------------------------------------------------------------------
1 | # `VWT`=`ValueWitnessTable`
2 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/memory_layout/README.md:
--------------------------------------------------------------------------------
1 | # VWT的内存布局
2 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/memory_layout/example.md:
--------------------------------------------------------------------------------
1 | # VWT的内存布局的举例
2 |
3 | ## Builtin.NativeObject的VWT
4 |
5 | * `Builtin.NativeObject`的`VWT`内存布局
6 | * [+0x00] = initializeBufferWithCopyOfBuffer
7 | * `name="swift::metadataimpl::BufferValueWitnesses, true, 8ul, 8ul, (swift::metadataimpl::FixedPacking)1>::initializeBufferWithCopyOfBuffer(swift::TargetValueBuffer*, swift::TargetValueBuffer*, swift::TargetMetadata const*)"`
8 | * `mangled="_ZN5swift12metadataimpl20BufferValueWitnessesINS0_14ValueWitnessesINS0_18SwiftRetainableBoxEEELb1ELm8ELm8ELNS0_12FixedPackingE1EE32initializeBufferWithCopyOfBufferEPNS_17TargetValueBufferINS_9InProcessEEESA_PKNS_14TargetMetadataIS8_EE"`
9 | * [+0x08] = destroy
10 | * `name="swift::metadataimpl::ValueWitnesses::destroy(swift::OpaqueValue*, swift::TargetMetadata const*)"`
11 | * `mangled="_ZN5swift12metadataimpl14ValueWitnessesINS0_18SwiftRetainableBoxEE7destroyEPNS_11OpaqueValueEPKNS_14TargetMetadataINS_9InProcessEEE"`
12 | * [+0x10] = initializeWithCopy
13 | * `name="swift::metadataimpl::ValueWitnesses::initializeWithCopy(swift::OpaqueValue*, swift::OpaqueValue*, swift::TargetMetadata const*)"`
14 | * `mangled="_ZN5swift12metadataimpl14ValueWitnessesINS0_18SwiftRetainableBoxEE18initializeWithCopyEPNS_11OpaqueValueES5_PKNS_14TargetMetadataINS_9InProcessEEE"`
15 | * [+0x18] = assignWithCopy
16 | * `name="swift::metadataimpl::ValueWitnesses::assignWithCopy(swift::OpaqueValue*, swift::OpaqueValue*, swift::TargetMetadata const*)"`
17 | * `mangled="_ZN5swift12metadataimpl14ValueWitnessesINS0_18SwiftRetainableBoxEE14assignWithCopyEPNS_11OpaqueValueES5_PKNS_14TargetMetadataINS_9InProcessEEE"`
18 | * [+0x20] = initializeWithTake
19 | * `name="swift::metadataimpl::ValueWitnesses::initializeWithTake(swift::OpaqueValue*, swift::OpaqueValue*, swift::TargetMetadata const*)"`
20 | * `mangled="_ZN5swift12metadataimpl14ValueWitnessesINS0_18SwiftRetainableBoxEE18initializeWithTakeEPNS_11OpaqueValueES5_PKNS_14TargetMetadataINS_9InProcessEEE"`
21 | * [+0x28] = assignWithTake
22 | * `name="swift::metadataimpl::ValueWitnesses::assignWithTake(swift::OpaqueValue*, swift::OpaqueValue*, swift::TargetMetadata const*)"`
23 | * `mangled="_ZN5swift12metadataimpl14ValueWitnessesINS0_18SwiftRetainableBoxEE14assignWithTakeEPNS_11OpaqueValueES5_PKNS_14TargetMetadataINS_9InProcessEEE"`
24 | * [+0x30] = getEnumTagSinglePayload
25 | * `name="swift::metadataimpl::FixedSizeBufferValueWitnesses, true, 8ul, 8ul, true>::getEnumTagSinglePayload(swift::OpaqueValue const*, unsigned int, swift::TargetMetadata const*)"`
26 | * `mangled="_ZN5swift12metadataimpl29FixedSizeBufferValueWitnessesINS0_14ValueWitnessesINS0_18SwiftRetainableBoxEEELb1ELm8ELm8ELb1EE23getEnumTagSinglePayloadEPKNS_11OpaqueValueEjPKNS_14TargetMetadataINS_9InProcessEEE"`
27 | * [+0x38] = storeEnumTagSinglePayload
28 | * `name="swift::metadataimpl::FixedSizeBufferValueWitnesses, true, 8ul, 8ul, true>::storeEnumTagSinglePayload(swift::OpaqueValue*, unsigned int, unsigned int, swift::TargetMetadata const*)"`
29 | * `mangled="_ZN5swift12metadataimpl29FixedSizeBufferValueWitnessesINS0_14ValueWitnessesINS0_18SwiftRetainableBoxEEELb1ELm8ELm8ELb1EE25storeEnumTagSinglePayloadEPNS_11OpaqueValueEjjPKNS_14TargetMetadataINS_9InProcessEEE"`
30 | * [+0x40] = int64 size
31 | * `0x0000000000000008`
32 | * [+0x48] = int64 stride
33 | * `0x0000000000000008`
34 | * [+0x50~0x53] = int32 flags
35 | * `0x00010007`
36 | * [+0x54~0x57] = int32 extraInhabitantCount
37 | * `0x7fffffff`
38 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/memory_layout/figure.md:
--------------------------------------------------------------------------------
1 | # VWT内存布局图
2 |
3 | * 概述
4 | * 
5 | * 详见
6 | * [ValueMetadata](../../../valuemetadata/README.md)
7 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/memory_layout/ida_def.md:
--------------------------------------------------------------------------------
1 | # VWT内存布局的IDA定义
2 |
3 | * struct `ValueWitnessTable`
4 |
5 | ```c
6 | struct __cppobj ValueWitnessTable
7 | {
8 | void (__fastcall *initializeBufferWithCopyOfBuffer)(void *dst, void *src, void *metadataSelf);
9 | void (__fastcall *destroy)(void *object, void *witnessSelf);
10 | void (__fastcall *initializeWithCopy)(void *dst, void *src, void *metadataSelf);
11 | void (__fastcall *assignWithCopy)(void *dst, void *src, void *metadataSelf);
12 | void (__fastcall *initializeWithTake)(void *dst, void *src, void *metadataSelf);
13 | void (__fastcall *assignWithTake)(void *dst, void *src, void *metadataSelf);
14 | unsigned __int64 (__fastcall *getEnumTagSinglePayload)(void *enumPtr, __int64 emptyCases, void *metadataSelf);
15 | void (__fastcall *storeEnumTagSinglePayload)(void *enumPtr, __int64 whichCase, void *metadataSelf);
16 | __int64 size;
17 | __int64 stride;
18 | TargetValueWitnessFlags flags;
19 | __int32 extraInhabitantCount;
20 | };
21 | ```
22 |
23 | * enum `TargetValueWitnessFlags`
24 |
25 | ```c
26 | enum TargetValueWitnessFlags : __int32
27 | {
28 | AlignmentMask = 0xFF,
29 | IsNonPOD = 0x10000,
30 | IsNonInline = 0x20000,
31 | HasSpareBits = 0x80000,
32 | IsNonBitwiseTakable = 0x100000,
33 | HasEnumWitnesses = 0x200000,
34 | Incomplete = 0x400000,
35 | IsNonCopyable = 0x800000,
36 | };
37 | ```
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/memory_layout/text.md:
--------------------------------------------------------------------------------
1 | # VWT内存布局 文字版
2 |
3 | ## 概述
4 |
5 | * `Swift`的`VWT`=`Value Witness Table` 结构布局=字段=属性
6 | * [+0x00] = void* `initializeBufferWithCopyOfBuffer`
7 | * [+0x08] = void* `destroy`
8 | * [+0x10] = void* `initializeWithCopy`
9 | * [+0x18] = void* `assignWithCopy`
10 | * [+0x20] = void* `initializeWithTake`
11 | * [+0x28] = void* `assignWithTake`
12 | * [+0x30] = void* `getEnumTagSinglePayload`
13 | * [+0x38] = void* `storeEnumTagSinglePayload`
14 | * [+0x40] = void* int64 `size`
15 | * [+0x48] = void* int64 `stride`
16 | * [+0x50~0x53] = int32 `flags`
17 | * [+0x54~0x57] = int32 `extraInhabitantCount`
18 |
19 | ## 详解
20 |
21 | * `Swift`的`VWT`=`Value Witness Table` 结构布局=字段=属性
22 | * [+0x00] = initializeBufferWithCopyOfBuffer
23 | * 定义:`T *(*initializeBufferWithCopyOfBuffer)(B *dest, B *src, M *self);`
24 | * [+0x08] = destroy
25 | * 定义:`void (*destroy)(T *object, witness_t *self);`
26 | * [+0x10] = initializeWithCopy
27 | * 定义:`T *(*initializeWithCopy)(T *dest, T *src, M *self);`
28 | * [+0x18] = assignWithCopy
29 | * 定义:`T *(*assignWithCopy)(T *dest, T *src, M *self);`
30 | * [+0x20] = initializeWithTake
31 | * 定义:`T *(*initializeWithTake)(T *dest, T *src, M *self);`
32 | * [+0x28] = assignWithTake
33 | * 定义:`T *(*assignWithTake)(T *dest, T *src, M *self);`
34 | * [+0x30] = getEnumTagSinglePayload
35 | * 定义:`unsigned (*getEnumTagSinglePayload)(const T* enum, UINT_TYPE emptyCases, M *self);`
36 | * [+0x38] = storeEnumTagSinglePayload
37 | * 定义:`void (*storeEnumTagSinglePayload)(T* enum, UINT_TYPE whichCase, UINT_TYPE emptyCases, M *self);`
38 | * [+0x40] = size
39 | * 定义:`SIZE_TYPE size;`
40 | * [+0x48] = stride
41 | * 定义:`SIZE_TYPE stride;`
42 | * [+0x50~0x53] = flags
43 | * 定义:`UINT_TYPE flags;`
44 | * [+0x54~0x57] = extraInhabitantCount
45 | * 定义:`UINT_TYPE extraInhabitantCount;`
46 | * 说明
47 | * `SIZE_TYPE` = `StoredSize` = `size_t` ? = `int64`
48 | * `UINT_TYPE` = `unsigned` = `int32`
49 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/src.md:
--------------------------------------------------------------------------------
1 | # VWT的Swift源码
2 |
3 | [swift-language/include/swift/ABI/ValueWitness.def at master · eaplatanios/swift-language](https://github.com/eaplatanios/swift-language/blob/master/include/swift/ABI/ValueWitness.def)
4 |
5 | ```c
6 | /// T *(*initializeBufferWithCopyOfBuffer)(B *dest, B *src, M *self);
7 | /// Given an invalid buffer, initialize it as a copy of the
8 | /// object in the source buffer.
9 | FUNCTION_VALUE_WITNESS(initializeBufferWithCopyOfBuffer,
10 | InitializeBufferWithCopyOfBuffer,
11 | MUTABLE_VALUE_TYPE,
12 | (MUTABLE_BUFFER_TYPE, MUTABLE_BUFFER_TYPE, TYPE_TYPE))
13 |
14 | BEGIN_VALUE_WITNESS_RANGE(ValueWitness,
15 | InitializeBufferWithCopyOfBuffer)
16 | BEGIN_VALUE_WITNESS_RANGE(RequiredValueWitness,
17 | InitializeBufferWithCopyOfBuffer)
18 | BEGIN_VALUE_WITNESS_RANGE(RequiredValueWitnessFunction,
19 | InitializeBufferWithCopyOfBuffer)
20 |
21 | /// void (*destroy)(T *object, witness_t *self);
22 | ///
23 | /// Given a valid object of this type, destroy it, leaving it as an
24 | /// invalid object. This is useful when generically destroying
25 | /// an object which has been allocated in-line, such as an array,
26 | /// struct, or tuple element.
27 | FUNCTION_VALUE_WITNESS(destroy,
28 | Destroy,
29 | VOID_TYPE,
30 | (MUTABLE_VALUE_TYPE, TYPE_TYPE))
31 |
32 | /// T *(*initializeWithCopy)(T *dest, T *src, M *self);
33 | ///
34 | /// Given an invalid object of this type, initialize it as a copy of
35 | /// the source object. Returns the dest object.
36 | FUNCTION_VALUE_WITNESS(initializeWithCopy,
37 | InitializeWithCopy,
38 | MUTABLE_VALUE_TYPE,
39 | (MUTABLE_VALUE_TYPE, MUTABLE_VALUE_TYPE, TYPE_TYPE))
40 |
41 | /// T *(*assignWithCopy)(T *dest, T *src, M *self);
42 | ///
43 | /// Given a valid object of this type, change it to be a copy of the
44 | /// source object. Returns the dest object.
45 | FUNCTION_VALUE_WITNESS(assignWithCopy,
46 | AssignWithCopy,
47 | MUTABLE_VALUE_TYPE,
48 | (MUTABLE_VALUE_TYPE, MUTABLE_VALUE_TYPE, TYPE_TYPE))
49 |
50 | /// T *(*initializeWithTake)(T *dest, T *src, M *self);
51 | ///
52 | /// Given an invalid object of this type, initialize it by taking
53 | /// the value of the source object. The source object becomes
54 | /// invalid. Returns the dest object.
55 | FUNCTION_VALUE_WITNESS(initializeWithTake,
56 | InitializeWithTake,
57 | MUTABLE_VALUE_TYPE,
58 | (MUTABLE_VALUE_TYPE, MUTABLE_VALUE_TYPE, TYPE_TYPE))
59 |
60 | /// T *(*assignWithTake)(T *dest, T *src, M *self);
61 | ///
62 | /// Given a valid object of this type, change it to be a copy of the
63 | /// source object. The source object becomes invalid. Returns the
64 | /// dest object.
65 | FUNCTION_VALUE_WITNESS(assignWithTake,
66 | AssignWithTake,
67 | MUTABLE_VALUE_TYPE,
68 | (MUTABLE_VALUE_TYPE, MUTABLE_VALUE_TYPE, TYPE_TYPE))
69 |
70 | /// unsigned (*getEnumTagSinglePayload)(const T* enum, UINT_TYPE emptyCases)
71 | /// Given an instance of valid single payload enum with a payload of this
72 | /// witness table's type (e.g Optional) , get the tag of the enum.
73 | FUNCTION_VALUE_WITNESS(getEnumTagSinglePayload,
74 | GetEnumTagSinglePayload,
75 | UINT_TYPE,
76 | (IMMUTABLE_VALUE_TYPE, UINT_TYPE, TYPE_TYPE))
77 |
78 | /// void (*storeEnumTagSinglePayload)(T* enum, UINT_TYPE whichCase,
79 | /// UINT_TYPE emptyCases)
80 | /// Given uninitialized memory for an instance of a single payload enum with a
81 | /// payload of this witness table's type (e.g Optional), store the
82 | /// tag.
83 | FUNCTION_VALUE_WITNESS(storeEnumTagSinglePayload,
84 | StoreEnumTagSinglePayload,
85 | VOID_TYPE,
86 | (MUTABLE_VALUE_TYPE, UINT_TYPE, UINT_TYPE, TYPE_TYPE))
87 |
88 | END_VALUE_WITNESS_RANGE(RequiredValueWitnessFunction,
89 | StoreEnumTagSinglePayload)
90 |
91 | /// SIZE_TYPE size;
92 | ///
93 | /// The required storage size of a single object of this type.
94 | DATA_VALUE_WITNESS(size,
95 | Size,
96 | SIZE_TYPE)
97 |
98 | BEGIN_VALUE_WITNESS_RANGE(TypeLayoutWitness,
99 | Size)
100 |
101 | BEGIN_VALUE_WITNESS_RANGE(RequiredTypeLayoutWitness,
102 | Size)
103 |
104 | /// SIZE_TYPE stride;
105 | ///
106 | /// The required size per element of an array of this type. It is at least
107 | /// one, even for zero-sized types, like the empty tuple.
108 | DATA_VALUE_WITNESS(stride,
109 | Stride,
110 | SIZE_TYPE)
111 |
112 |
113 | /// UINT_TYPE flags;
114 | ///
115 | /// The ValueWitnessAlignmentMask bits represent the required
116 | /// alignment of the first byte of an object of this type, expressed
117 | /// as a mask of the low bits that must not be set in the pointer.
118 | /// This representation can be easily converted to the 'alignof'
119 | /// result by merely adding 1, but it is more directly useful for
120 | /// performing dynamic structure layouts, and it grants an
121 | /// additional bit of precision in a compact field without needing
122 | /// to switch to an exponent representation.
123 | ///
124 | /// The ValueWitnessIsNonPOD bit is set if the type is not POD.
125 | ///
126 | /// The ValueWitnessIsNonInline bit is set if the type cannot be
127 | /// represented in a fixed-size buffer or if it is not bitwise takable.
128 | ///
129 | /// The ExtraInhabitantsMask bits represent the number of "extra inhabitants"
130 | /// of the bit representation of the value that do not form valid values of
131 | /// the type.
132 | ///
133 | /// The Enum_HasSpareBits bit is set if the type's binary representation
134 | /// has unused bits.
135 | ///
136 | /// The HasEnumWitnesses bit is set if the type is an enum type.
137 | DATA_VALUE_WITNESS(flags,
138 | Flags,
139 | UINT_TYPE)
140 |
141 | /// UINT_TYPE extraInhabitantCount;
142 | ///
143 | /// The number of extra inhabitants in the type.
144 | DATA_VALUE_WITNESS(extraInhabitantCount,
145 | ExtraInhabitantCount,
146 | UINT_TYPE)
147 |
148 | END_VALUE_WITNESS_RANGE(RequiredTypeLayoutWitness,
149 | ExtraInhabitantCount)
150 |
151 | END_VALUE_WITNESS_RANGE(RequiredValueWitness,
152 | ExtraInhabitantCount)
153 |
154 | END_VALUE_WITNESS_RANGE(TypeLayoutWitness,
155 | ExtraInhabitantCount)
156 |
157 | #endif /* WANT_REQUIRED_VALUE_WITNESSES */
158 |
159 | #if WANT_ENUM_VALUE_WITNESSES
160 |
161 | // The following value witnesses are conditionally present if the witnessed
162 | // type is an enum.
163 |
164 | /// unsigned (*getEnumTag)(T *obj, M *self);
165 | ///
166 | /// Given a valid object of this enum type, extracts the tag value indicating
167 | /// which case of the enum is inhabited. Returned values are in the range
168 | /// [0..NumElements-1].
169 | FUNCTION_VALUE_WITNESS(getEnumTag,
170 | GetEnumTag,
171 | INT_TYPE,
172 | (IMMUTABLE_VALUE_TYPE, TYPE_TYPE))
173 |
174 | BEGIN_VALUE_WITNESS_RANGE(EnumValueWitness,
175 | GetEnumTag)
176 |
177 | /// void (*destructiveProjectEnumData)(T *obj, M *self);
178 | /// Given a valid object of this enum type, destructively extracts the
179 | /// associated payload.
180 | FUNCTION_VALUE_WITNESS(destructiveProjectEnumData,
181 | DestructiveProjectEnumData,
182 | VOID_TYPE,
183 | (MUTABLE_VALUE_TYPE, TYPE_TYPE))
184 |
185 | /// void (*destructiveInjectEnumTag)(T *obj, unsigned tag, M *self);
186 | /// Given an enum case tag and a valid object of case's payload type,
187 | /// destructively inserts the tag into the payload. The given tag value
188 | /// must be in the range [-ElementsWithPayload..ElementsWithNoPayload-1].
189 | FUNCTION_VALUE_WITNESS(destructiveInjectEnumTag,
190 | DestructiveInjectEnumTag,
191 | VOID_TYPE,
192 | (MUTABLE_VALUE_TYPE, UINT_TYPE, TYPE_TYPE))
193 |
194 | END_VALUE_WITNESS_RANGE(EnumValueWitness,
195 | DestructiveInjectEnumTag)
196 |
197 | END_VALUE_WITNESS_RANGE(ValueWitness,
198 | DestructiveInjectEnumTag)
199 | ```
200 |
--------------------------------------------------------------------------------
/src/swift_common/typemetadata/valuemetadata/vwt/vs_cpp.md:
--------------------------------------------------------------------------------
1 |
2 | # Swift的VWT和C++对应关系
3 |
4 | | Swift Value Witness Operation | C++ equivalent |
5 | | ------------------------------ | ----- |
6 | | `initializeWithCopy` | copy constructor |
7 | | `assignWithCopy` | copy assignment operator |
8 | | `initializeWithTake` | move constructor, followed by a call to destructor on the source |
9 | | `assignWithTake` | move assignment operator, followed by a call to destructor on the source |
10 | | `destroy` | destructor |
11 | | `size` | `sizeof(T)` minus trailing padding |
12 | | `stride` | `sizeof(T)` |
13 | | `flags` | among other information, contains alignment, i.e., `alignof(T)` |
14 |
--------------------------------------------------------------------------------
/src/swift_common/valuebuffer.md:
--------------------------------------------------------------------------------
1 | # ValueBuffer
2 |
--------------------------------------------------------------------------------
/src/swift_function/README.md:
--------------------------------------------------------------------------------
1 | # Swift函数
2 |
--------------------------------------------------------------------------------
/src/swift_function/SwiftObject/README.md:
--------------------------------------------------------------------------------
1 | # SwiftObject
2 |
--------------------------------------------------------------------------------
/src/swift_function/SwiftObject/swift_getinitializedobjcclass.md:
--------------------------------------------------------------------------------
1 | # swift_getInitializedObjCClass
2 |
3 | ## 源码
4 |
5 | [swift/stdlib/public/runtime/SwiftObject.mm at main · apple/swift (github.com)](https://github.com/apple/swift/blob/main/stdlib/public/runtime/SwiftObject.mm)
6 |
7 | ```c
8 | Class swift::swift_getInitializedObjCClass(Class c) {
9 | // Used when we have class metadata and we want to ensure a class has been
10 | // initialized by the Objective-C runtime. We need to do this because the
11 | // class "c" might be valid metadata, but it hasn't been initialized yet.
12 | // Send a message that's likely not to be overridden to minimize potential
13 | // side effects. Ignore the return value in case it is overridden to
14 | // return something different. See
15 | // https://github.com/apple/swift/issues/52863 for an example.
16 | [c self];
17 | return c;
18 | }
19 | ```
20 |
21 | ## 总结
22 |
23 | * Swift的`swift_getInitializedObjCClass`函数定义
24 | * `Class swift::swift_getInitializedObjCClass(Class c)`
25 | * 参数
26 | * `Class c`
27 | * 返回值
28 | * 类型:Class
29 |
--------------------------------------------------------------------------------
/src/swift_function/array/README.md:
--------------------------------------------------------------------------------
1 | # Array
2 |
--------------------------------------------------------------------------------
/src/swift_function/array/formindex_after.md:
--------------------------------------------------------------------------------
1 | # Array.formIndex(after:)
2 |
3 | ## 源码
4 |
5 | `swift/stdlib/public/core/Array.swift`
6 |
7 | ```c
8 | /// Replaces the given index with its successor.
9 | ///
10 | /// - Parameter i: A valid index of the collection. `i` must be less than
11 | /// `endIndex`.
12 | @inlinable
13 | public func formIndex(after i: inout Int) {
14 | // NOTE: this is a manual specialization of index movement for a Strideable
15 | // index that is required for Array performance. The optimizer is not
16 | // capable of creating partial specializations yet.
17 | // NOTE: Range checks are not performed here, because it is done later by
18 | // the subscript function.
19 | i += 1
20 | }
21 | ```
22 |
23 | ## 总结
24 |
25 | * Swift函数:Array.formIndex(after:)
26 | * 定义
27 | * formIndex(after i: inout Int)
28 | * 参数
29 | * 变量名
30 | * 传入:after
31 | * 内部:i
32 | * 类型:inout Int == 指针类型,内部会改变值
33 | * 返回值
34 | * 传入的after==i (值已加1)
35 |
--------------------------------------------------------------------------------
/src/swift_function/set/README.md:
--------------------------------------------------------------------------------
1 | # Set
2 |
--------------------------------------------------------------------------------
/src/swift_function/set/nativeset_unsafeinsertnew.md:
--------------------------------------------------------------------------------
1 | # _NativeSet._unsafeInsertNew
2 |
3 | `swift/stdlib/public/core/NativeSet.swift`
4 |
5 | ```c
6 | extension _NativeSet { // Insertions
7 | /// Insert a new element into uniquely held storage.
8 | /// Storage must be uniquely referenced with adequate capacity.
9 | /// The `element` must not be already present in the Set.
10 | @inlinable
11 | internal func _unsafeInsertNew(_ element: __owned Element) {
12 | _internalInvariant(count + 1 <= capacity)
13 | let hashValue = self.hashValue(for: element)
14 | if _isDebugAssertConfiguration() {
15 | // In debug builds, perform a full lookup and trap if we detect duplicate
16 | // elements -- these imply that the Element type violates Hashable
17 | // requirements. This is generally more costly than a direct insertion,
18 | // because we'll need to compare elements in case of hash collisions.
19 | let (bucket, found) = find(element, hashValue: hashValue)
20 | guard !found else {
21 | #if !$Embedded
22 | ELEMENT_TYPE_OF_SET_VIOLATES_HASHABLE_REQUIREMENTS(Element.self)
23 | #else
24 | fatalError("duplicate elements in a Set")
25 | #endif
26 | }
27 | hashTable.insert(bucket)
28 | uncheckedInitialize(at: bucket, to: element)
29 | } else {
30 | let bucket = hashTable.insertNew(hashValue: hashValue)
31 | uncheckedInitialize(at: bucket, to: element)
32 | }
33 | _storage._count &+= 1
34 | }
35 |
36 |
37 | /// Insert a new element into uniquely held storage.
38 | /// Storage must be uniquely referenced.
39 | /// The `element` must not be already present in the Set.
40 | @inlinable
41 | internal mutating func insertNew(_ element: __owned Element, isUnique: Bool) {
42 | _ = ensureUnique(isUnique: isUnique, capacity: count + 1)
43 | _unsafeInsertNew(element)
44 | }
45 |
46 |
47 | @inlinable
48 | internal func _unsafeInsertNew(_ element: __owned Element, at bucket: Bucket) {
49 | hashTable.insert(bucket)
50 | uncheckedInitialize(at: bucket, to: element)
51 | _storage._count += 1
52 | }
53 | ```
54 |
--------------------------------------------------------------------------------
/src/swift_function/unsafemutablebufferpointer/README.md:
--------------------------------------------------------------------------------
1 | # UnsafeMutableBufferPointer
2 |
--------------------------------------------------------------------------------
/src/swift_function/unsafemutablebufferpointer/init_start_count.md:
--------------------------------------------------------------------------------
1 | # UnsafeMutableBufferPointer.init(start:count:)
2 |
3 | ## 源码
4 |
5 | `swift/stdlib/public/core/UnsafeRawBufferPointer.swift.gyb`
6 |
7 | ```c
8 | @frozen
9 | public struct Unsafe${Mutable}RawBufferPointer {
10 | @usableFromInline
11 | internal let _position, _end: Unsafe${Mutable}RawPointer?
12 |
13 |
14 | /// Creates a buffer over the specified number of contiguous bytes starting
15 | /// at the given pointer.
16 | ///
17 | /// - Parameters:
18 | /// - start: The address of the memory that starts the buffer. If `starts`
19 | /// is `nil`, `count` must be zero. However, `count` may be zero even
20 | /// for a non-`nil` `start`.
21 | /// - count: The number of bytes to include in the buffer. `count` must not
22 | /// be negative.
23 | @inlinable
24 | public init(
25 | @_nonEphemeral start: Unsafe${Mutable}RawPointer?, count: Int
26 | ) {
27 | _debugPrecondition(count >= 0, "${Self} with negative count")
28 | _debugPrecondition(count == 0 || start != nil,
29 | "${Self} has a nil start and nonzero count")
30 | _position = start
31 | _end = start.map { $0 + _assumeNonNegative(count) }
32 | }
33 | }
34 | ```
35 |
36 | ## 总结
37 |
38 | * UnsafeMutableBufferPointer
39 | * `init(start:count:)`
40 | * 定义
41 | * `init(start: UnsafeMutablePointer?, count: Int)`
42 | * 参数
43 | * `start: UnsafeMutablePointer?`
44 | * `count: Int`
45 | * 返回值
46 | * `指针`
47 |
--------------------------------------------------------------------------------
/src/swift_re_overview/README.md:
--------------------------------------------------------------------------------
1 | # Swift逆向概览
2 |
3 | [iOS逆向](https://book.crifan.org/books/ios_reverse_dev/website/)期间,有些app二进制代码内部是:`ObjC`和[Swift](https://developer.apple.com/swift/)混合的。
4 |
5 | 所以涉及到:[Swift](https://www.swift.org/)逆向。
6 |
--------------------------------------------------------------------------------
/src/swift_re_overview/mindmap.md:
--------------------------------------------------------------------------------
1 | # Swift逆向脑图
2 |
3 | 此处用脑图去表示出此教程的核心内容:
4 |
5 | * Swift逆向脑图
6 | * [Swift逆向脑图| ProcessOn免费在线作图,在线流程图,在线思维导图](https://www.processon.com/view/link/65df356c778cc210345622f5)
7 |
--------------------------------------------------------------------------------
/src/swift_re_related/README.md:
--------------------------------------------------------------------------------
1 | # Swift逆向相关
2 |
--------------------------------------------------------------------------------
/src/swift_re_related/dynamic_debug/README.md:
--------------------------------------------------------------------------------
1 | # Swift逆向之动态调试
2 |
3 | 调试时,辅助用IDA打开Swift的各种库文件,比如:
4 |
5 | * `libswiftCore.dylib`
6 | * `libswiftFoundation.dylib`
7 | * 等等
8 |
9 | 方便调试内容。
10 |
11 | 这样,通过动态调试和查看IDA中的分析,函数的伪代码实现等等,就可以有更深入的理解很多函数和变量了。
12 |
13 |
14 | ---
15 |
16 |
17 | TODO:把下面帖子中有用的内容,整理过来:
18 |
19 | * 【未解决】iOS逆向Swift:swift_getAssociatedTypeWitness
20 | * 【未解决】iOS逆向Swift:Data.withUnsafeMutableBytes(_:)
21 | * 【已解决】iOS逆向Swift:Data.withUnsafeBytes(_:)
22 | * 【未解决】iOS逆向WhatsApp:swiftPodCopy_10039A1B4
23 | * 【未解决】iOS逆向Swift:Set.init(_:)
24 | *
25 | * 【记录】iOS逆向Swift:IDA静态分析libswiftFoundation.dylib
26 | * 。。。
27 | *
28 | * 【已解决】iOS逆向Swift:库文件libswiftCore.dylib
29 | * 【已解决】iOS逆向WhatsApp:ArrayAdoptStorage_2ToW1_CB2C
30 | * static Swift.Array._adoptStorage(_: __owned Swift._ContiguousArrayStorage<τ_0_0>, count: Swift.Int) -> (Swift.Array<τ_0_0>, Swift.UnsafeMutablePointer<τ_0_0>)
31 | * 【已解决】iOS逆向:dyld_stub_binder
32 | * 【已解决】iOS逆向Swift:String的WitnessTable详情
33 | * destroy value witness for Swift.String
34 | * 【已解决】iOS逆向Swift:Float对应的Builtin.Int32的VWT的具体值
35 | * type metadata for Swift.Float
36 | * 【未解决】iOS逆向Swift:_NativeSet._unsafeInsertNew
37 | * Swift._NativeSet._unsafeInsertNew(_: __owned τ_0_0, at: Swift._HashTable.Bucket) -> ()
38 | * 【已解决】iOS逆向Swift:Optional的VWT=ValueWitnessTable
39 | * 【未解决】iOS逆向Swift:_SetStorage.allocate
40 | * static Swift._SetStorage.allocate(capacity: Swift.Int) -> Swift._SetStorage<τ_0_0>
41 | * 【已解决】iOS逆向Swift:Xcode中给Swift函数_NativeSet.init加断点
42 | * Swift._NativeSet.init(capacity: Swift.Int) -> Swift._NativeSet<τ_0_0>
43 | * 【未解决】iOS逆向Swift:NativeSet
44 | * Collection
45 | * 【未解决】iOS逆向WhatsApp:Collection.map(_:)(void)
46 | * 【未解决】iOS逆向Swift:swift_getAssociatedTypeWitness
47 | * Swift.Collection.isEmpty.getter : Swift.Bool
48 | * 【基本解决】iOS逆向Swift:protocol requirements base descriptor的含义
49 | * protocol requirements base descriptor for Swift.Collection
50 | * 【已解决】iOS逆向:Swift的pod_copy
51 | * pod_copy(swift::OpaqueValue*, swift::OpaqueValue*, swift::TargetMetadata const*)
52 | * 【已解决】iOS逆向:Swift._ContiguousArrayStorage
53 | * type metadata accessor for Swift._ContiguousArrayStorage
54 | * 【已解决】iOS逆向:swift_getTypeByMangledNameInContext
55 | * 【未解决】iOS逆向:__swift_instantiateConcreteTypeFromMangledName
56 | * 【已解决】iOS逆向WhatsApp:Swift函数String.append(_:)的字符串拼接的实现逻辑
57 | * Swift.String.append(Swift.String) -> ()
58 |
59 | ---
60 |
61 |
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/README.md:
--------------------------------------------------------------------------------
1 | # Swift逆向之静态分析
2 |
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/export_header.md:
--------------------------------------------------------------------------------
1 | # 导出Swift头文件
2 |
3 | TODO:把导出ObjC和Swift混淆时会报错的问题,和解决办法(最新版的class-dump),整理过来
4 |
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/ida/README.md:
--------------------------------------------------------------------------------
1 | # IDA分析Swift
2 |
3 | IDA中,分析Swift相关变量类型时,往往需要借助于Swift定义,才能更好的看懂变量的逻辑(值、属性、调用函数等)。
4 |
5 | 此处去整理相关内容:
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/ida/add_swift_definitions.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/crifan/ios_re_swift_reverse/b8245222f657f9badcd89caccd3d39e8602d5008/src/swift_re_related/static_analysis/ida/add_swift_definitions.md
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/ida/swift_definitions/REDME.md:
--------------------------------------------------------------------------------
1 | # IDA中Swift相关定义
2 |
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/ida/swift_definitions/crifan_added.md:
--------------------------------------------------------------------------------
1 | # Crifan新增Swift相关定义
2 |
3 | * Update: `20241217`
4 |
5 | 虽然IDA中已自带一些定义,但是不够全,自己额外又去新增了一些Swift相关定义:
6 |
7 | ## SwiftObject
8 |
9 | 说明:虽然IDA已自带`_TtCs12_SwiftObject`,但是没有具体大小的定义,且名字不够简洁,所以自己还是加上自己的定义
10 |
11 | ```c
12 | struct SwiftObject // _TtCs12_SwiftObject
13 | {
14 | unsigned __int8 opaque[16];
15 | };
16 | ```
17 |
18 | ## ClassMetadata
19 |
20 | ```c
21 | struct ClassMetadata
22 | {
23 | __int64 kind;
24 | void *superClass;
25 | __int64 cacheData[2];
26 | void *data;
27 | __int32 classFlags;
28 | __int32 instanceAddressPoint;
29 | __int32 instanceSize;
30 | __int16 instanceAlignmentMask;
31 | __int16 reserved;
32 | __int32 classSize;
33 | __int32 classAddressPoint;
34 | void *typeDescriptor;
35 | void *iVarDestroyer;
36 | };
37 | ```
38 |
39 | ## TargetValueWitnessFlags
40 |
41 | ```c
42 | enum TargetValueWitnessFlags : __int32
43 | {
44 | AlignmentMask = 0xFF,
45 | IsNonPOD = 0x10000,
46 | IsNonInline = 0x20000,
47 | HasSpareBits = 0x80000,
48 | IsNonBitwiseTakable = 0x100000,
49 | HasEnumWitnesses = 0x200000,
50 | Incomplete = 0x400000,
51 | IsNonCopyable = 0x800000,
52 | };
53 | ```
54 |
55 | ## ValueWitnessTable
56 |
57 | IDA虽然自带`ValueWitnessTable`,但是细节不够好。所以还是加上自己更新后的,内容更全的:
58 |
59 | ```c
60 | struct __cppobj ValueWitnessTable
61 | {
62 | void (__fastcall *initializeBufferWithCopyOfBuffer)(void *dst, void *src, void *metadataSelf);
63 | void (__fastcall *destroy)(void *object, void *witnessSelf);
64 | void (__fastcall *initializeWithCopy)(void *dst, void *src, void *metadataSelf);
65 | void (__fastcall *assignWithCopy)(void *dst, void *src, void *metadataSelf);
66 | void (__fastcall *initializeWithTake)(void *dst, void *src, void *metadataSelf);
67 | void (__fastcall *assignWithTake)(void *dst, void *src, void *metadataSelf);
68 | unsigned __int64 (__fastcall *getEnumTagSinglePayload)(void *enumPtr, __int64 emptyCases, void *metadataSelf);
69 | void (__fastcall *storeEnumTagSinglePayload)(void *enumPtr, __int64 whichCase, void *metadataSelf);
70 | __int64 size;
71 | __int64 stride;
72 | TargetValueWitnessFlags flags;
73 | __int32 extraInhabitantCount;
74 | };
75 | ```
76 |
77 | ## SwiftString
78 |
79 | * 说明
80 | * IDA已自带:`Swift::String`,其实和此处定义一样,但是自己的类名`SwiftString`,更加简洁好用
81 | * 且后续已优化为,`SwiftString`是`SwiftLargeString`和`SwiftSmallString`的union联合体结构,更加准确
82 |
83 | ### SwiftLargeString
84 |
85 | ```c
86 | struct SwiftLargeString
87 | {
88 | // 1st int64: b0-b63
89 | // __int64 flagsAndCount;
90 | __int64 count: 48; // b0-b47
91 |
92 | __int64 reserved: 11; // b48-b58
93 |
94 | __int64 isForeignUTF8 : 1; // b59
95 | __int64 isTailAllocated : 1; // b60
96 | __int64 isNativeStored : 1; // b61
97 | __int64 isNFC : 1; // b62
98 | __int64 isASCII : 1; // b63
99 |
100 | // 2nd int64: b0-b63
101 |
102 | // 2nd int64: b0-b59
103 | __int64 objectAddr : 60;
104 |
105 | // 2nd int64: b60-b63
106 | __int64 isForeign: 1;
107 | __int64 isSmall: 1;
108 | __int64 isBridged: 1;
109 | __int64 isImmortal: 1;
110 | };
111 | ```
112 |
113 | 注:
114 |
115 | * 对比,旧的定义是
116 | ```c
117 | struct SwiftLargeString
118 | {
119 | __int64 flagsAndCount;
120 | void *objAddr;
121 | }
122 | ```
123 |
124 | ### SwiftSmallString
125 |
126 | ```c
127 | struct SwiftSmallString
128 | {
129 | char smallStr[15];
130 |
131 | // 2nd int64: b56-b59
132 | __int8 count: 4;
133 | // 2nd int64: b60-b63
134 | __int8 isForeign: 1;
135 | __int8 isSmall: 1;
136 | __int8 isASCII: 1;
137 | __int8 isImmortal: 1;
138 | }
139 | ```
140 |
141 | ### SwiftString
142 |
143 | ```c
144 | union SwiftString
145 | {
146 | SwiftLargeString largeStr;
147 | SwiftSmallString smallStr;
148 | }
149 | ```
150 |
151 | ## SwiftArray
152 |
153 | ```c
154 | struct SwiftArray
155 | {
156 | void *heapMetadata;
157 | __int64 refCount;
158 | __int64 count;
159 | __int64 _capacityAndFlags;
160 | void* firstElement;
161 | };
162 | ```
163 |
164 | ## Struct
165 |
166 | ### SwiftProtocolStructure
167 |
168 | ```c
169 | struct SwiftProtocolStructure
170 | {
171 | __int64 valueBuffer0; // case1: field1, case2: void* realStruct
172 | __int64 valueBuffer1; // case1: field2, case2: int64 unused1
173 | __int64 valueBuffer2; // case1: field3, case2: int64 unused2
174 | void* typeMetadata;
175 | void* pwt;
176 | };
177 | ```
178 |
179 | ## SwiftSet
180 |
181 | ```c
182 | struct SwiftSet
183 | {
184 | void *type;
185 | __int64 refCount;
186 | __int64 _count;
187 | __int64 _capacity;
188 | __int8 _scale;
189 | __int8 _reservedScale;
190 | __int16 _extra;
191 | __int32 _age;
192 | __int64 _seed;
193 | __int64 _rawElements;
194 | __int64 _metadata;
195 | __int64 _firstElement;
196 | };
197 | ```
198 |
199 | ## Swift_DataStorage
200 |
201 | ```c
202 | struct Swift_DataStorage
203 | {
204 | void *isa;
205 | __int64 refCount;
206 | void *_bytes;
207 | __int64 _length;
208 | __int64 _capacity;
209 | __int64 _offset;
210 | void *_deallocator;
211 | bool _needToZero;
212 | };
213 | ```
214 |
215 | ## SwiftData_InlineSlice
216 |
217 | ```c
218 | struct SwiftData_InlineSlice
219 | {
220 | __int32 slice;
221 | Swift_DataStorage *storage;
222 | };
223 | ```
224 |
--------------------------------------------------------------------------------
/src/swift_re_related/static_analysis/ida/swift_definitions/ida_builtin.md:
--------------------------------------------------------------------------------
1 | # IDA自带Swift相关定义
2 |
3 | * Update: `20241217`
4 |
5 | 此处发现,最新版IDA(`IDA v8.2.230124`),去分析某个Swift的Mach-O后,已经自带(=自动分析出)一些Swift相关定义:
6 |
7 | ## Swift::UInt
8 |
9 | ```c
10 | typedef unsigned __int64 Swift::UInt;
11 | ```
12 |
13 | ## Swift::Double
14 |
15 | ```c
16 | typedef double Swift::Double;
17 | ```
18 |
19 | ## Swift::String
20 |
21 | ```c
22 | struct Swift::String
23 | {
24 | __int64 _countAndFlagsBits;
25 | void *_object;
26 | };
27 | ```
28 |
29 | ## _TtCs12_SwiftObject
30 |
31 | ```c
32 | struct _TtCs12_SwiftObject;
33 | ```
34 |
35 | ## ClassDescriptor
36 |
37 | ```c
38 | struct ClassDescriptor
39 | {
40 | int Flags;
41 | __int32 Parent;
42 | __int32 Name;
43 | __int32 AccessFunction;
44 | __int32 FieldDescriptor;
45 | __int32 SuperclassType;
46 | int MetadataNegativeSizeInWords;
47 | int MetadataPositiveSizeInWords;
48 | int NumImmediateMembers;
49 | int NumFields;
50 | };
51 | ```
52 |
53 | ## ModuleDescriptor
54 |
55 | ```c
56 | struct ModuleDescriptor
57 | {
58 | int Flags;
59 | __int32 Parent;
60 | __int32 Name;
61 | };
62 | ```
63 |
64 | ## StructDescriptor
65 |
66 | ```c
67 | struct StructDescriptor
68 | {
69 | int Flags;
70 | __int32 Parent;
71 | __int32 Name;
72 | __int32 AccessFunction;
73 | __int32 FieldDescriptor;
74 | int NumFields;
75 | int FieldOffsetVectorOffset;
76 | };
77 | ```
78 |
79 | ## FieldDescriptorKind
80 |
81 | ```c
82 | enum FieldDescriptorKind : __int16
83 | {
84 | FDK_Struct = 0,
85 | FDK_Class = 1,
86 | FDK_Enum = 2,
87 | FDK_MultiPayloadEnum = 3,
88 | FDK_Protocol = 4,
89 | FDK_ClassProtocol = 5,
90 | FDK_ObjCProtocol = 6,
91 | FDK_ObjCClass = 7,
92 | };
93 | ```
94 |
95 | ## FieldDescriptor
96 |
97 | ```c
98 | struct FieldDescriptor
99 | {
100 | __int32 MangledTypeName;
101 | __int32 Superclass;
102 | FieldDescriptorKind Kind;
103 | __int16 FieldRecordSize;
104 | int NumFields;
105 | };
106 | ```
107 |
108 | ## FieldRecord
109 |
110 | ```c
111 | struct FieldRecord
112 | {
113 | int Flags;
114 | __int32 MangledTypeName;
115 | __int32 FieldName;
116 | };
117 | ```
118 |
119 | ## EnumDescriptor
120 |
121 | ```c
122 | struct EnumDescriptor
123 | {
124 | int Flags;
125 | __int32 Parent;
126 | __int32 Name;
127 | __int32 AccessFunction;
128 | __int32 FieldDescriptor;
129 | int NumPayloadCasesAndPayloadSizeOffset;
130 | int NumEmptyCases;
131 | };
132 | ```
133 |
134 | ## MetadataKind
135 |
136 | ```c
137 | enum MetadataKind : __int32
138 | {
139 | MK_Class = 0x0,
140 | MK_Struct = 0x200,
141 | MK_Enum = 0x201,
142 | MK_Optional = 0x202,
143 | MK_ForeignClass = 0x203,
144 | MK_ForeignReferenceType = 0x204,
145 | MK_Opaque = 0x300,
146 | MK_Tuple = 0x301,
147 | MK_Function = 0x302,
148 | MK_Existential = 0x303,
149 | MK_Metatype = 0x304,
150 | MK_ObjCClassWrapper = 0x305,
151 | MK_ExistentialMetatype = 0x306,
152 | MK_ExtendedExistential = 0x307,
153 | MK_HeapLocalVariable = 0x400,
154 | MK_HeapGenericLocalVariable = 0x500,
155 | MK_ErrorObject = 0x501,
156 | MK_Task = 0x502,
157 | MK_Job = 0x503,
158 | MK_LastEnumerated = 0x7FF,
159 | };
160 | ```
161 |
162 | ## ValueMetadata
163 |
164 | ```c
165 | struct ValueMetadata
166 | {
167 | __int64 kind;
168 | void *description;
169 | };
170 | ```
171 |
172 | ## ValueWitnessTable
173 |
174 | ```c
175 | struct ValueWitnessTable
176 | {
177 | void *initializeBufferWithCopyOfBuffer;
178 | void *destroy;
179 | void *initializeWithCopy;
180 | void *assignWithCopy;
181 | void *initializeWithTake;
182 | void *assignWithTake;
183 | void *getEnumTagSinglePayload;
184 | void *storeEnumTagSinglePayload;
185 | __int64 size;
186 | __int64 stride;
187 | int flags;
188 | int extraInhabitantCount;
189 | };
190 | ```
191 |
192 | ## ProtocolDescriptor
193 |
194 | ```c
195 | struct ProtocolDescriptor
196 | {
197 | int Flags;
198 | __int32 Parent;
199 | __int32 Name;
200 | int NumRequirementsInSignature;
201 | int NumRequirements;
202 | __int32 AssociatedTypeNames;
203 | };
204 | ```
205 |
206 | ## AnonymousContextDescriptor
207 |
208 | ```c
209 | struct AnonymousContextDescriptor
210 | {
211 | int Flags;
212 | __int32 Parent;
213 | };
214 | ```
215 |
--------------------------------------------------------------------------------