I’m trying to use ASan to debug code of my plugin (dynamic library) running in a big 3rd party host app which is using Juce and Chromium Embedded Framework (CEF).
It works fine on MacOS 10.11 (El Capitan) and XCode 8, but the very same app on a new MacBook with MacOS 10.14 (Mojave) and either XCode 9 or 11 first stops with EXC_BREAKPOINT (code=EXC_I386_BPT, subcode=0x0)
and then crashes with EXC_BAD_INSTRUCTION (code=EXC_I386_INVOP, subcode=0x0)
in
* frame #0: 0x000000011768fe78 Chromium Embedded Framework`___lldb_unnamed_symbol167560$$Chromium Embedded Framework + 88
frame #1: 0x000000011768fba5 Chromium Embedded Framework`___lldb_unnamed_symbol167550$$Chromium Embedded Framework + 37
frame #2: 0x00007fff5c522c99 libsystem_malloc.dylib`malloc_zone_malloc + 103
frame #3: 0x00007fff5c524191 libsystem_malloc.dylib`malloc_set_zone_name + 84
frame #4: 0x00000001011d9d2d libclang_rt.asan_osx_dynamic.dylib`wrap_malloc_set_zone_name + 173
frame #5: 0x0000000102002f1b libdispatch.dylib`_dispatch_client_callout + 8
frame #6: 0x0000000102004ba9 libdispatch.dylib`_dispatch_once_callout + 87
frame #7: 0x00007fff3ae6132d QuartzCore`get_malloc_zone(unsigned long) + 43
frame #8: 0x00007fff3ae6157a QuartzCore`CA::Transaction::set_disable_actions(bool) + 44
frame #9: 0x00007fff2da3f5a0 AppKit`-[NSView _updateLayerBackedness] + 414
frame #10: 0x00007fff2da2555e AppKit`-[NSView didChangeValueForKey:] + 65
frame #11: 0x00000001007e6550 Max`juce::NSViewComponentPeer::NSViewComponentPeer(juce::Component&, int, NSView*) + 640
frame #12: 0x00000001007e62a2 Max`juce::Component::createNewPeer(int, void*) + 50
I’m at a loss here even just about whether the problem lies in MacOS, ASan, CEF, Juce, or the host App.
I also tried to avoid interception of the functions above via ASan’s suppression list, but never got it to work. Many thanks!
2
Answers
By default Chromium builds on Mac have allocator shim enabled which overwrites malloc zones and causes issues with ASAN. To disable it you have to build from sources with GN option
use_allocator_shim=false
.Alternatively you can build Chromium with
is_asan=true
option to enable ASAN.If none of your objects need this, I just discovered that you can actually entirely remove "Chromium Embedded Framework.framework" from said app’s frameworks and things will still work ; this allows me to debug my externals with asan / ubsan 🙂