Every time I open Xcode, there is massive hard drive churn. iStat seems to indicate that the culprit is socketfilterfw. The computer is not properly useable again for upwards of 2 minutes since the disk churn slows everything to a crawl. Is anyone else experiencing this, or can they suggest why it's happening? I believe it started when I upgraded to 10.10.
iMac, OS X Yosemite (10.10.1), iMac 12,1 (mid-2011)
As a follow-up: someone else was able to determine what socketfilterfw was doing, and this led to what seems to be a solution. See here, but I will summarize their findings. When Xcode launches, the OS X Firewall needs to scan the entire Xcode application bundle for some reason (some kind of checksum validation?). socketfilterfw is the Firewall's agent for doing this.
It was suggested that we fiddle with the Firewall settings under the Security preference pane to try to fix this, and I've found that by removing the listing for Xcode and turning off the setting "Automatically allow signed software to receive incoming connections", it seems to have stopped socketfilterfw from taking over my computer for a couple minutes at every launch of Xcode. I also tried changing Xcode's Firewall listing from "allow" to "block", and this did not make a difference; only removing it from the list did.
Oddly, I am not asked to accept a connection when Xcode opens. Time will tell if turning off the "signed software" option leads to an annoying number of dialogs about 'accepting the connection' when launching other apps, but if it prevents the massive CPU/HD attack from socketfilterfw, then it's probably worth it regardless.
As a follow-up: someone else was able to determine what socketfilterfw was doing, and this led to what seems to be a solution. See here, but I will summarize their findings. When Xcode launches, the OS X Firewall needs to scan the entire Xcode application bundle for some reason (some kind of checksum validation?). socketfilterfw is the Firewall's agent for doing this.
It was suggested that we fiddle with the Firewall settings under the Security preference pane to try to fix this, and I've found that by removing the listing for Xcode and turning off the setting "Automatically allow signed software to receive incoming connections", it seems to have stopped socketfilterfw from taking over my computer for a couple minutes at every launch of Xcode. I also tried changing Xcode's Firewall listing from "allow" to "block", and this did not make a difference; only removing it from the list did.
Oddly, I am not asked to accept a connection when Xcode opens. Time will tell if turning off the "signed software" option leads to an annoying number of dialogs about 'accepting the connection' when launching other apps, but if it prevents the massive CPU/HD attack from socketfilterfw, then it's probably worth it regardless.
Just an addendum: I had assumed that it was necessary to turn off the option "Automatically allow signed software to receive incoming connections" since I thought that would effectively be the same as listing Xcode in the exceptions list as "allow", but in fact it appears that simply removing the Xcode entry from that list is sufficient.
I now have this problem with Xcode 7.2 and El Capitan. I have tried all the other stuff above and the only thing that stops it from happening is to disable the firewall, which I find more than a little risky. socketfilterfw will kick on every time I do a build and launch (not sure if it does it on just a build). It will run up to nearly 100% of the CPU usage and easily eat 400MB of RAM. It's completely bottlenecking the system and it takes about 5 minutes for it to stop. I'm seriously thinking about going back to Xcode 5 and Mountain Lion just to avoid this.
Xcode clobbered by socketfilterfw on every launch
