From 49c2ef2732f748e626e52f5980f64e60567457aa Mon Sep 17 00:00:00 2001
From: Alistair Smith <hi@alistair.sh>
Date: Fri, 13 Feb 2026 17:16:57 -0800
Subject: [PATCH] fix: remove write to frozen JSC::Options::usePollingTraps
 (segfault on Linux)

The options page is mprotected read-only after JSC initialization.
Writing to usePollingTraps from Bun__activateRuntimeInspectorMode crashes
with SEGV at offset 0xB34 (the usePollingTraps field offset in the frozen page).
Confirmed via ASAN on Linux aarch64.
---
 src/bun.js/bindings/BunDebugger.cpp | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/src/bun.js/bindings/BunDebugger.cpp b/src/bun.js/bindings/BunDebugger.cpp
index 805e86f382..ade9cdfacf 100644
--- a/src/bun.js/bindings/BunDebugger.cpp
+++ b/src/bun.js/bindings/BunDebugger.cpp
@@ -1006,11 +1006,7 @@ extern "C" void VM__cancelStop(JSC::VM* vm)
 // Called from Zig when the event loop path activates the inspector.
 // Ensures runtimeInspectorActivated is set so that connect() and
 // interruptForMessageDelivery() use STW-based message delivery.
-// Also enables polling traps so that:
-// 1. The SignalSender stops its retry loop (it checks usePollingTraps)
-// 2. Future NeedDebuggerBreak traps are delivered reliably via polling
 extern "C" void Bun__activateRuntimeInspectorMode()
 {
     Bun::runtimeInspectorActivated.store(true);
-    JSC::Options::usePollingTraps() = true;
 }