Fix Apple Silicon W^X SIGBUS in setf_jit_lookup_t (FFI callbacks)#1786
Open
dg1sbg wants to merge 1 commit into
Open
Fix Apple Silicon W^X SIGBUS in setf_jit_lookup_t (FFI callbacks)#1786dg1sbg wants to merge 1 commit into
dg1sbg wants to merge 1 commit into
Conversation
On Apple Silicon, JIT'd code/data lives in MAP_JIT memory that is write-protected (execute mode) by default; a thread must switch it to write mode (pthread_jit_write_protect_np) around any store or the store faults with SIGBUS (KERN_PROTECTION_FAILURE). setf_jit_lookup_t (llvmo:jit-lookup-t setf) stores a Lisp function pointer into a JIT-emitted global. make-callback / clasp-ffi:%defcallback reach it via (setf (llvm-sys:jit-lookup-t dylib varname) function), and on arm64-darwin it SIGBUSes at compile time -- this is what makes the defcallback-native regression test (CFFI-DEFCALLBACK) crash during compile-file. Wrap the store in JITDataReadWriteMaybeExecute()/JITDataReadExecute(), matching the existing W^X guards on the other JIT-literal write sites (core__literals_vset, loadltv op_setf_literals / attr_clasp_module_native). Verified on macOS arm64 (native boehmprecise image): CFFI-DEFCALLBACK now passes (previously a Bus error at compile time); no regressions. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
dg1sbg
force-pushed
the
fix/apple-silicon-jit-wx-callback
branch
from
92a4a20 to
3e41447
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
On Apple Silicon, JIT'd code/data lives in
MAP_JITmemory that is write-protected (execute mode) by default. A thread must switch it to write mode (pthread_jit_write_protect_np) around any store, or the store faults withSIGBUS(KERN_PROTECTION_FAILURE).setf_jit_lookup_t(llvmo:jit-lookup-tsetf,src/llvmo/llvmoPackage.cc) stores a Lisp function pointer into a JIT-emitted global.make-callback/clasp-ffi:%defcallbackreach it via(setf (llvm-sys:jit-lookup-t dylib varname) function), and on arm64-darwin this store SIGBUSes at compile time — which is what makes thedefcallback-nativeregression test (CFFI-DEFCALLBACK) crash duringcompile-file.Fix
Wrap the store in
JITDataReadWriteMaybeExecute()/JITDataReadExecute(), matching the existing W^X guards on the other JIT-literal write sites (core__literals_vsetin compiler.cc,op_setf_literals/attr_clasp_module_nativein loadltv.cc). This is the one remaining unguarded JIT-data store, unique to the FFI-callback path.Verification
macOS arm64, native
boehmpreciseimage:CFFI-DEFCALLBACKnow passes (previously a Bus error during compile-file). Full regression suite: no regressions.🤖 Generated with Claude Code