Null pointer dereference in CFBundleGetAllBundles()

[cmcgee1024]

I am getting the following stack of a segmentation fault on Linux with Swift 6.1.0:

💣 Program crashed: Bad pointer dereference at 0x0000000000000000

Thread 0 crashed:

 0 0x0000ffff9b16b2dc _CFIsSwift + 12 in libFoundation.so
 1 0x0000ffff9b126500 CFBundleGetAllBundles + 211 in libFoundation.so
 2 0x0000ffff9af9850c specialized static Bundle.allBundlesRegardlessOfType.getter + 27 in libFoundation.so
 3 0x0000ffff9af98824 specialized Bundle.init(for:) + 499 in libFoundation.so
 4 static SWBBuildServiceConnection.buildServiceLocation(for:overridingServiceBundleURL:) + 3199 in swift-build at /swiftpm/.build/checkouts/swift-build/Sources/SwiftBuild/SWBBuildServiceConnection.swift:499:40

After some debugging, CFBundleGetAllBundles() is called with _allBundles. It creates a mutable copy of it using __CFArrayCreateMutableCopy0 and that does a CF_IS_SWIFT check. That check involves dereferencing the array for obj->isa and then segfaults.

Steps to reproduce:

• Using a Linux aarch64 container (Ubuntu 24.04)
• Install Swift 6.1.0
• Clone the latest SwiftPM code https://github.com/swiftlang/swift-package-manager#
• Run the following command:

swift run swift-build --package-path Fixtures/Miscellaneous/Plugins/MySourceGenPlugin --build-system swiftbuild --vv