[humzashahid98]

Is the "no JIT' policy somehow baked into the hardware/software of iOS devices, instead of something Apple finds by doing an app review?

I thought it was the latter (that running a JIT on iOS would be possible but not accepted on the app store), but then I'm left wondering why they seem to have submitted a JIT-less version on a third party app store.

Maybe the intent was ease development by having only one version to support for the first-party and also third-party app stores.

[grishka]

IIRC it's part of the sandbox apps run in, which, in turn, makes use of the hardware memory protection. To do JIT, you need to first write your dynamically generated code into the memory, and then execute it. The memory you obtain via e.g. malloc() doesn't allow execution, only reading and writing (this is controlled by permission flags, in the page table, on the memory pages your app is given by the kernel). To obtain memory that is both writable and executable, you call mmap() specifying corresponding flags. The kernel just refuses to allocate such memory for your app because it doesn't have necessary permissions, or "entitlements" in Apple speak.

[humzashahid98]

Thank you for the insightful answer! That's nice to know. I hadn't considered that they had a system like that in place.