Request for Comments: remediating OpenSSH segfaults with specific versions of XCode on Intel (Ventura?)
grey
artkiver at gmail.com
Sun Jun 11 23:14:16 UTC 2023
Hello!
This https://trac.macports.org/ticket/67539 was opened about a week
ago, and while I have not been able to replicate it on any of my
systems locally, it seems as if the root cause is due to XCode's clang
(related: https://github.com/llvm/llvm-project/issues/57692 and
https://infosec.exchange/@harrysintonen/110508989501024969 as
referenced in https://trac.macports.org/ticket/67539#comment:34 )
I am guessing: that the same underlying issue may also be responsible
for https://trac.macports.org/ticket/67442 though in both instances, I
haven't been able to replicate the segfaults presumably because:
1. I am mostly working on Apple Silicon systems.
2. When I retrieved an Intel based Apple system of mine to test
further, it's too old to be running recent macOS and XCode versions,
and llvm16/-devel from MacPorts doesn't exhibit such issues
(presumably because the bug in clang was patched since then).
So, longer story shorter: I can't presently replicate either of these
bugs with any of the systems I have at my disposal, making testing
potential fixes challenging.
Simply adding more to compiler.blacklist-append seems as if it also
might not be so great as a strategy, since that isn't quite granular
enough to distinguish between whether the clang/Xcode is Intel or
Apple Silicon either.
@piru provided a potential heuristic here:
https://trac.macports.org/ticket/67539#comment:39
As I theorized here: https://trac.macports.org/ticket/67539#comment:41
maybe we could use @piru's heuristic in a manner similar to how Jeremy
Hu added some smarts for wavpack compiler preferences here:
https://github.com/macports/macports-ports/commit/6fb35a1f2843454f08ef5027dfe0e3db59016d99
However, after asking for extra sets of eyeballs on IRC and seeing
nothing but mplog in the messages for the past 45+ minutes now, I
figure asking for additional perspective and insights from the
Developers mailing list is hopefully an acceptable course of action?
I am a little bit in over my head with this one.
At a minimum, if any MacPorts contributors can for starters: replicate
the issue, that would be helpful as in turn, they can presumably also
test potential fixes, whereas I haven't even been able to replicate
the segfaults leaving me a bit at a loss.
Thank you in advance for any assistance you may be able to provide!
More information about the macports-dev
mailing list