MAS build crashes right before mainWindow gets visible: GPU not usable

[nbonamy]

I am posting https://github.com/electron/electron/issues/41927 here feeling it may very be osx-sign specific.

Preflight Checklist

• [X] I have read the Contributing Guidelines for this project.
• [X] I agree to follow the Code of Conduct that this project adheres to.
• [X] I have searched the issue tracker for a bug report that matches the one I want to file, without success.

Electron Version

29.1.6

What operating system are you using?

macOS

Operating System Version

14.4.1 (23E224)

What arch are you using?

arm64 (including Apple Silicon)

Last Known Working Electron version

No response

Expected Behavior

MAS builds require com.apple.security.app-sandbox entitlement to be true. I have removed basically all code from my electron app (empty preload, renderer just doing document.querySelector('...').innerHTML = '....'. Also made sure that the only difference between a crashing MAS build and a working Darwin build is the sandbox entitlement.

I open the mainWindow with the following options:

  // Create the browser window
  const window = new BrowserWindow({
    ...opts,
    webPreferences: {
      preload: path.join(__dirname, 'preload.js'),
      nodeIntegration: false,
      contextIsolation: true,
      webSecurity: false,
      defaultEncoding: 'UTF-8',
      devTools: process.env.DEBUG ? true : false,
      //sandbox: true,
    },
  });

Tested both with sandbox:true and sandbox:false (default).

Added some logs to make sure no other code was interfering.

Also tested a build with an early app.disableHardwareAcceleration(); but that did not change anything.

Actual Behavior

Apple to sign and upload build to App Store Connect. Then after install from TestFlight, application crashes with following log:

[60779:0422/085601.349845:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085601.447580:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085601.648929:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085601.747660:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085601.850440:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085601.945457:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085602.046702:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085602.139119:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085602.237936:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085602.334529:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085602.437363:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085602.532444:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085602.629973:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085602.727078:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085602.827445:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085602.922868:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[60779:0422/085603.020853:ERROR:gpu_process_host.cc(989)] GPU process exited unexpectedly: exit_code=5
[60779:0422/085603.020867:FATAL:gpu_data_manager_impl_private.cc(448)] GPU process isn't usable. Goodbye.
Trace/BPT trap: 5

Not sure what to do from here.

Testcase Gist URL

No response

Additional Information

Using electron-forge with vite-plugin to build.

Also adding the com.apple.security.app-sandbox entitlement to a working Darwin build makes it crash immediately on launch with just:

Killed: 9

By adding app.commandLine.appendSwitch('in-process-gpu') I can get rid of the GPU crash (not sure about side effects though) but then I get in an infinite loop of:

[86722:0422/212905.366246:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.

Also Created a blank project using instructions from https://www.electronforge.io/templates/vite: npm init electron-app@latest my-new-app -- --template=vite

Did no modifications except:

• updated appBundleId
• added provisioning profile
• added code signing identity

After upload and validation by Apple and install through TestFlight, the binary crashes immediately with Trace/BPT trap: 5

Dumped the defaults entitlements and added com.apple.security.cs.allow-jit. After same process seeing same issue:

[55402:0423/185727.855235:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185727.857508:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185727.980709:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185728.079651:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185728.287614:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185728.393762:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185728.495650:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185728.602091:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185728.702365:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185728.809737:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185728.912410:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185729.019420:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185729.120553:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185729.227165:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185729.329023:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185729.436412:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185729.537897:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[55402:0423/185729.645649:ERROR:gpu_process_host.cc(997)] GPU process exited unexpectedly: exit_code=5
[55402:0423/185729.645665:FATAL:gpu_data_manager_impl_private.cc(448)] GPU process isn't usable. Goodbye.
Trace/BPT trap: 5

Entitlements:

<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.device.camera</key>
    <true/>
    <key>com.apple.security.device.microphone</key>
    <true/>
    <key>com.apple.security.device.usb</key>
    <true/>
    <key>com.apple.security.files.bookmarks.app-scope</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-write</key>
    <true/>
    <key>com.apple.security.network.client</key>
    <true/>
    <key>com.apple.security.print</key>
    <true/>
  </dict>
</plist>

[nbonamy]

Problem solved. After trying so many different things and given the time it takes to test anything (upload, wait for validation...) I cannot be 100% sure but I believe it is about making sure I do not use the same entitlements for main app and other files (I need additional entitlements so cannot use default ones):

      osxSign: {
        identity: process.env.IDENTITY_MAS_CODE,
        provisioningProfile: './build/MAS.provisionprofile',
        optionsForFile: (filePath: string) => { 
          let entitlements = './build/Entitlements.mas.child.plist'
          if (filePath.endsWith('YOURAPP.APP')) {
            entitlements = './build/Entitlements.mas.main.plist'
          }
          return {
            hardenedRuntime: true,
            entitlements: entitlements
          };
        },
      },

[Rychu-Pawel]

@nbonamy Could you please elaborate on the entitlements you need for the main app and those you need for other files? Preferably with an example :) I have been trying to deal with exactly the issue you are describing for 6 months now and I believe your finding will solve it.

[nbonamy]

@Rychu-Pawel you can check my repo here: https://github.com/nbonamy/witsy

Specifically:

• optionsForFile: https://github.com/nbonamy/witsy/blob/main/forge.config.ts#L46
• main: https://github.com/nbonamy/witsy/blob/main/build/Entitlements.mas.main.plist
• child: https://github.com/nbonamy/witsy/blob/main/build/Entitlements.mas.child.plist

Hope that helps!

[Rychu-Pawel]

@nbonamy you are great! This worked for me! Man... this should be better documented in the guide. I'm so happy it finally worked 🎉