https://bugzilla.mindrot.org/show_bug.cgi?id=3584
Bug ID: 3584
Summary: Segfault when built with optimisations on macOS 13
(x86_64) with Xcode 14.3
Product: Portable OpenSSH
Version: 9.3p1
Hardware: amd64
OS: Mac OS X
Status: NEW
Severity: major
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs@mindrot.org
Reporter: carlo.antonio.cabrera@gmail.com
Building openssh 9.3p1 with `-Os` in CFLAGS on macOS 13 using Xcode 14
(with, e.g., `./configure && make install`) fails due to a segfault
when `make` runs `ssh-keygen -A`:
```
/bin/bash: line 1: 13268 Segmentation fault: 11 ./ssh-keygen -A
```
Here's what I get out of lldb using the just-built `ssh-keygen`:
```
? lldb -- ./ssh-keygen -A
(lldb) target create "./ssh-keygen"
Current executable set to
'/tmp/openssh-20230623-7195-4d1ep3/openssh-9.3p1/ssh-keygen' (x86_64).
(lldb) settings set -- target.run-args "-A"
(lldb) r
Process 15308 launched:
'/tmp/openssh-20230623-7195-4d1ep3/openssh-9.3p1/ssh-keygen' (x86_64)
Process 15308 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason =
EXC_BAD_ACCESS (code=1, address=0x0)
frame #0: 0x000000010000300e ssh-keygen`main(argc=0,
argv=0x0000000000000000) at ssh-keygen.c:3355:32 [opt]
3352 /* Ensure that fds 0, 1 and 2 are open or directed to
/dev/null */
3353 sanitise_stdfd();
3354
-> 3355 __progname = ssh_get_progname(argv[0]);
3356
3357 seed_rng();
3358
Target 0: (ssh-keygen) stopped.
warning: ssh-keygen was compiled with optimization - stepping may
behave oddly; variables may not be available.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason =
EXC_BAD_ACCESS (code=1, address=0x0)
* frame #0: 0x000000010000300e ssh-keygen`main(argc=0,
argv=0x0000000000000000) at ssh-keygen.c:3355:32 [opt]
frame #1: 0x00007ff80f3fb41f dyld`start + 1903
(lldb) fr v argv
(char **) argv = 0x0000000000000000
```
I haven't worked out why `argv` is a null pointer, but that seems to be
what is happening.
Building openssh without any `-O` flags makes the segfault go away.
The segfault also does *not* occur on the following (even with `-Os`):
- macOS 13 on arm64 with Xcode 14.3
- macOS 12 on both x86_64 and arm64 with Xcode 14.2
- macOS 11 on both x86_64 and arm64 with Xcode 13.2
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3584
Summary: Segfault when built with optimisations on macOS 13
(x86_64) with Xcode 14.3
Product: Portable OpenSSH
Version: 9.3p1
Hardware: amd64
OS: Mac OS X
Status: NEW
Severity: major
Priority: P5
Component: ssh-keygen
Assignee: unassigned-bugs@mindrot.org
Reporter: carlo.antonio.cabrera@gmail.com
Building openssh 9.3p1 with `-Os` in CFLAGS on macOS 13 using Xcode 14
(with, e.g., `./configure && make install`) fails due to a segfault
when `make` runs `ssh-keygen -A`:
```
/bin/bash: line 1: 13268 Segmentation fault: 11 ./ssh-keygen -A
```
Here's what I get out of lldb using the just-built `ssh-keygen`:
```
? lldb -- ./ssh-keygen -A
(lldb) target create "./ssh-keygen"
Current executable set to
'/tmp/openssh-20230623-7195-4d1ep3/openssh-9.3p1/ssh-keygen' (x86_64).
(lldb) settings set -- target.run-args "-A"
(lldb) r
Process 15308 launched:
'/tmp/openssh-20230623-7195-4d1ep3/openssh-9.3p1/ssh-keygen' (x86_64)
Process 15308 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason =
EXC_BAD_ACCESS (code=1, address=0x0)
frame #0: 0x000000010000300e ssh-keygen`main(argc=0,
argv=0x0000000000000000) at ssh-keygen.c:3355:32 [opt]
3352 /* Ensure that fds 0, 1 and 2 are open or directed to
/dev/null */
3353 sanitise_stdfd();
3354
-> 3355 __progname = ssh_get_progname(argv[0]);
3356
3357 seed_rng();
3358
Target 0: (ssh-keygen) stopped.
warning: ssh-keygen was compiled with optimization - stepping may
behave oddly; variables may not be available.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason =
EXC_BAD_ACCESS (code=1, address=0x0)
* frame #0: 0x000000010000300e ssh-keygen`main(argc=0,
argv=0x0000000000000000) at ssh-keygen.c:3355:32 [opt]
frame #1: 0x00007ff80f3fb41f dyld`start + 1903
(lldb) fr v argv
(char **) argv = 0x0000000000000000
```
I haven't worked out why `argv` is a null pointer, but that seems to be
what is happening.
Building openssh without any `-O` flags makes the segfault go away.
The segfault also does *not* occur on the following (even with `-Os`):
- macOS 13 on arm64 with Xcode 14.3
- macOS 12 on both x86_64 and arm64 with Xcode 14.2
- macOS 11 on both x86_64 and arm64 with Xcode 13.2
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs