Re: [PATCH v2 0/1] MR9090: ntdll: Use Mach COW for write watches support on macOS.

Tim Clem (@tclem) commented about dlls/ntdll/unix/virtual.c:

• mach_msg_type_number_t info_count;
• mach_port_t object_name;
• vm_region_extended_info_data_t info;
• SIZE_T end = current_address + ROUND_SIZE( base, size, host_page_mask );
• kern_return_t kr;
• if (!(view->protect & VPROT_WRITEWATCH) || !use_kernel_writewatch) return;
• while (current_address < end)
• {

•    vm_prot_t mach_prot = get_mach_prot( current_address );
  

•    region_address = current_address;
  

•    info_count = VM_REGION_EXTENDED_INFO_COUNT;
  

•    kr = mach_vm_region( mach_task_self(), &region_address, &region_size, VM_REGION_EXTENDED_INFO, 
  

•                         (vm_region_info_t)&info, &info_count, &object_name );
  

Have you confirmed that the protection from these `vm_region_info_t`s is accurate under Rosetta? I seem to remember it reporting the actual underlying page protection that Mach is using, which in the case of wx pages might be different than how it acts - or was allocated - under Rosetta (since w|x isn't supported in native ARM and is emulated by Rosetta by handling the exceptions). So for instance for a MEM_WRITE_WATCH page with PAGE_EXECUTE_READWRITE protections, I imagine the assert below might fail.