SDL error when trying to run certain games in steam

[craftyguy]

I am unable to launch certain games (e.g. Mount and Blade: Warband) when using the steam profile provided with firejail, or even when using --noprofile option. I am using firejail version 0.9.45. OS is Arch Linux with kernel 4.9.

Output in terminal when running firejail --noprofile steam:

CHIDDeviceListSDL(): Couldn't load libSDL2-2.0.so.0, not enumerating devices

Here's the output when the game is launched:

Installing breakpad exception handler for appid(steam)/version(1481930308)
Game update: AppID 48700 "Mount & Blade: Warband", ProcID 211, IP 0.0.0.0:0
ERROR: ld.so: object '/home/clayton/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored.
>>> Adding process 211 for game ID 48700
ERROR: ld.so: object '/home/clayton/.local/share/Steam/ubuntu12_64/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.
/home/clayton/.local/share/Steam/SteamApps/common/MountBlade Warband/mb_warband_linux: /usr/lib32/libcurl-gnutls.so.4: no version information available (required by /home/clayton/.local/share/Steam/SteamApps/common/MountBlade Warband/mb_warband_linux)
ERROR: ld.so: object '/home/clayton/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored.
>>> Adding process 212 for game ID 48700
>>> Adding process 214 for game ID 48700
>>> Adding process 215 for game ID 48700
Game removed: AppID 48700 "Mount & Blade: Warband", ProcID 211

In kernel log when the game is launched:

[ 4279.759294] SDLHotplugALSA[14952]: segfault at 0 ip 00000000f75d1e88 sp 00000000ed2ff240 error 4 in libSDL2-2.0.so.0[f753d000+e4000]

[craftyguy]

Ok so after a bit more investigation, I've noticed I see the same "CHIDDeviceListSDL()" error when starting steam without firejail, but I do not see the segfault from SDLHotPlugALSA.. that only shows up when using firejail. The game does run without firejail despite the earlier CHIDDeviceListSDL" error.

Also worth noting that I am using Pulseaudio 9.0, and have added “enable-memfd = yes” in /etc/pulse/daemon.conf (and restarted pulseaudio). I thought maybe the "hotplug ALSA" might be a hint in some way, from the segfault..

[netblue30]

Something is going on with Steam. After an update last week on my Ubuntu 16.04, it doesn't work anymore, even without firejail. Or maybe is because of a Ubuntu update - hard to tell. Anyway, here are some other people running into problems: https://github.com/netblue30/firejail/issues/975

Question about Pulseaudio 0.9 - does it work with other programs, like "firejail firefox" or "firejail vlc"?

[craftyguy]

Hmm, Steam loads for me, and I can even launch some games (e.g. Crusader Kings 2), and play them just fine. Based on the segfault, it looks like it might be related to SDL, but I have no idea how to go about debugging it. I don't seem to be experiencing any of the problems in #975, but I am also using Arch Linux (first comment in that issue says Arch doesn't seem to be affected)

I've tested with the steam runtime and without it (using OS lib32-* libs in multilib Arch Linux), and have also tested with a new steam install (removed ~/.local/share/Steam and ~/.steam), the game still segfaults with the SDL Alsa error

Question about Pulseaudio 0.9 - does it work with other programs, like "firejail firefox" or "firejail vlc"?

Yea, it works fine with qutebrowser, firefox, and clementine, all through firejail.

[craftyguy]

Is there a way to determine which files this application is trying to access (presumably by running it without firejail), or run firejail in some sort of permissive-but-logging mode to see what it would normally deny so I can whitelist it? I've had no luck at all getting this application to run under firejail.

[netblue30]

If you run "firejail --trace program-name" will print on the screen the files the program tries to access.

[craftyguy]

Thank you, I tried it.

So when I try to run the game, through Steam, I get (exactly) this in the console where I launch Steam:

registry.cpp (271) : Assertion Failed: on disk registry has changed and is marked dirty - we're about to lose data.
Game update: AppID 48700 "Mount & Blade: Warband", ProcID 218, IP 0.0.0.0:0
ERROR: ld.so: object '/home/clayton/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored.
ERROR: ld.so: object '/home/clayton/.steam/bin64/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/home/clayton/.steam/bin64/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
ERROR: ld.so: object '/usr/lib/firejail/libtrace.so' from /etc/ld.so.preload cannot be preloaded (wrong ELF class: ELFCLASS64): ignored.
/home/clayton/.local/share/Steam/SteamApps/common/MountBlade Warband/mb_warband_linux: /usr/lib32/libcurl-gnutls.so.4: no version information available (required by /home/clayton/.local/share/Steam/SteamApps/common/MountBlade Warband/mb_warband_linux)
>>> Adding process 218 for game ID 48700
Setting breakpad minidump AppID = 48700
Steam_SetMinidumpSteamID:  Caching Steam ID:  76561197972064807 [API loaded no]
ERROR: ld.so: object '/home/clayton/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored.
ERROR: ld.so: object '/home/clayton/.steam/bin64/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored.
221:sh:open /dev/tty:5
221:sh:open /dev/null:5
221:sh:open /dev/tty:5
>>> Adding process 219 for game ID 48700
Game removed: AppID 48700 "Mount & Blade: Warband", ProcID 219
No cached sticky mapping in ActivateActionSet.

Here's the profile I am using for Steam:

noblacklist ${HOME}/.killingfloor noblacklist ${HOME}/.local/share/3909/PapersPlease noblacklist ${HOME}/.local/share/Steam noblacklist ${HOME}/.local/share/SuperHexagon noblacklist ${HOME}/.local/share/Terraria noblacklist ${HOME}/.local/share/Aspyr noblacklist ${HOME}/.local/share/aspyr-media noblacklist ${HOME}/.local/share/cdprojektred noblacklist ${HOME}/.local/share/feral-interactive noblacklist ${HOME}/.local/share/Paradox Interactive noblacklist ${HOME}/.local/share/steam noblacklist ${HOME}/.local/share/vpltd noblacklist ${HOME}/.local/share/vulkan noblacklist ${HOME}/.mbwarband noblacklist ${HOME}/.nv noblacklist ${HOME}/.paradoxinteractive noblacklist ${HOME}/.steam noblacklist ${HOME}/.steampath noblacklist ${HOME}/.steampid noblacklist ${HOME}/My Games noblacklist ${HOME}/.pulse noblacklist ${HOME}/.config/pulse noblacklist /home/mustafa/Develop/WarbandSteamRT

whitelist ${HOME}/.killingfloor whitelist ${HOME}/.local/share/3909/PapersPlease whitelist ${HOME}/.local/share/Steam whitelist ${HOME}/.local/share/SuperHexagon whitelist ${HOME}/.local/share/Terraria whitelist ${HOME}/.local/share/Aspyr whitelist ${HOME}/.local/share/aspyr-media whitelist ${HOME}/.local/share/cdprojektred whitelist ${HOME}/.local/share/feral-interactive whitelist ${HOME}/.local/share/Paradox Interactive whitelist ${HOME}/.local/share/steam whitelist ${HOME}/.local/share/vpltd whitelist ${HOME}/.local/share/vulkan whitelist ${HOME}/.mbwarband whitelist ${HOME}/.nv whitelist ${HOME}/.paradoxinteractive whitelist ${HOME}/.steam whitelist ${HOME}/.steampath whitelist ${HOME}/.steampid whitelist ${HOME}/My Games

Blacklist Paths

include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-devel.inc

Options

caps.drop all

netfilter

nonewprivs

noroot

protocol unix,inet,inet6,netlink

seccomp

[craftyguy]

Hmm, did something change that might address this? Because it's still an issue for me.

[netblue30]

reopened, thanks.

[BafDyce]

As a workaround, you can try to set the following launch options (right-click on the library entry for the game -> properties -> general -> set launch options) for the game:

unset LD_LIBRARY_PATH; %command%

This works for some games which give the ERROR: ld.so: object '/home/user/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored. error message.

[chiraag-nataraj]

Is this still an issue @craftyguy?

[craftyguy]

@chiraag-nataraj well, not sure since I gave up trying to run steam games through firejail.. now I just use system permissions (e.g. a dedicated 'steam' user) to 'jail' steam + games.

[chiraag-nataraj]

Okay, I'll close this for now, then. Please feel free to re-open if you decide to try to get firejail to place nicely with Steam in the future.

[SkewedZeppelin]

@craftyguy ot: some games spread their tentacles far and wide and are also becoming a more popular target to attack

if you aren't using firejail, consider trying the flatpak version and follow the steps here https://github.com/flathub/com.valvesoftware.Steam/wiki/Sandbox-hardening

[craftyguy]

@SkewedZeppelin Running games under a local user with no access (using normal unix-y permissions) to anything else in the filesystem, etc should be sufficient without having to get into the container mess. All of the examples in that link are essentially non-issues with this method, since the user cannot access things owned by other users/groups it is not a member of.

[Kobaxidze256]

Had a similar problem with Terraria. Added netlink to protocol filter.