I’ve noticed the mojo binary does not work inside the default sandbox used by Codex CLI on macOS. It crashes inside the Crashpad reporter initialization. This is a big pain point for doing LLM agent-driven Mojo development.
Is there a workaround available to disable crash reporting?
It turns out the crash is triggered by a denied sysctl read prior to the crash reporter being activated. Moved to [BUG] mojo crashes due to denied sysctl read inside Codex CLI sandbox on macOS · Issue #6156 · modular/modular · GitHub.
Problem:
Mojo will crash if asked to compile or format a program without being able to read the L1d and L2 cache size. This prevents running the Mojo compiler inside Codex on macOS with the default security settings.
The relevant macOS seatbelt policy settings are:
(allow sysctl-read
(sysctl-name "hw.l1dcachesize")
(sysctl-name "hw.l2cachesize"))
Unfortunately, Codex does not expose a way to change the sandbox policy at this level of granularity.
Workaround:
I have created a fork of Codex [GitHub - BenWibking/codex at macos-sysctl-reads · GitHub] that allows the user to adjust the sandbox policy to allow these two sysctls.
This change allows Mojo to run inside the Codex sandbox without requiring user prompts for each compiler invocation. LLM-driven Mojo development is now much more convenient.
You have to add these lines to ~/.codex/config.toml:
[macos_seatbelt_profile_extensions]
macos_sysctls = ["hw.l1dcachesize", "hw.l2cachesize"]
and set
export MODULAR_CRASH_REPORTING_ENABLED=0
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.