Theo pointed out the NOBTCFI reversal here. Now the reason that we
still see SIGILL despite fixes to the assembly code is because the
-mbranch-protection=pac-ret option added by the configure script
actually downgrades our default of enabling both BTI and PAC to just
enabling PAC. So the necessary BTI instructrions were missing from
the C code.
With the diff below things seem to work fine on Apple M2. There is
one failure in the testsuite:
1) Failure:
TestIO_Console#test_failed_path
[/home/ports/pobj/ruby-3.3.3/ruby-3.3.3/test/io/console/test_io_console.rb:46]:
[Errno::ENODEV, Errno::ENOTTY, Errno::EBADF, Errno::ENXIO] exception expected,
not #<Errno::EOPNOTSUPP: Operation not supported - /dev/null>.
but I'm pretty sure that is unrelated to BTI support.
Index: lang/ruby/3.3/Makefile
===================================================================
RCS file: /cvs/ports/lang/ruby/3.3/Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 Makefile
--- lang/ruby/3.3/Makefile 21 Jun 2024 16:01:52 -0000 1.8
+++ lang/ruby/3.3/Makefile 22 Jun 2024 11:34:53 -0000
@@ -1,5 +1,4 @@
-USE_NOBTCFI-aarch64 = Yes
-REVISION-main = 0
+REVISION-main = 1
VERSION = 3.3.3
DISTNAME = ruby-${VERSION}
Index: lang/ruby/3.3/patches/patch-configure
===================================================================
RCS file: /cvs/ports/lang/ruby/3.3/patches/patch-configure,v
retrieving revision 1.3
diff -u -p -r1.3 patch-configure
--- lang/ruby/3.3/patches/patch-configure 14 Jun 2024 19:41:34 -0000
1.3
+++ lang/ruby/3.3/patches/patch-configure 22 Jun 2024 11:34:53 -0000
@@ -6,6 +6,15 @@ so ports don't have to be bumped when Op
Index: configure
--- configure.orig
+++ configure
+@@ -10913,7 +10913,7 @@ esac
+ case "$target_cpu" in #(
+ aarch64) :
+
+- for opt in -mbranch-protection=pac-ret -msign-return-address=all
++ for opt in -mbranch-protection=standard -msign-return-address=all
+ do :
+
+
@@ -31909,7 +31909,7 @@ fi
;; #(
openbsd*|mirbsd*) :
