World of Warcraft Classic crash "Object name not found"

[romkansk]

First please let me say that this project is awesome and I'm very greatful to people who maintain it. This game is one of very few things I left runing unsendboxed on my new system. I know there's no feasible way to test everything and find underlaying issue so I'm hoping someone can help me with workaround even at reduced isolation.

Describe the bug World of Warcraft Burning Crusade Classic consistently crashes after 3-4 minutes when running sandboxed. This happens regardless of whether you log in or just stay in the main menu.

Displayed error message repeated twice:

WerFault.exe (2836): SBIE2101 Object name not found: Unnamed object, error OpenProcess (C0000022) access=001FFFFF initialized=1

To Reproduce

1. Go to battle.net and download installer.
2. Launch it sandboxed and install.
3. Log in with any account - no need to have any games bought.
4. Download and launch "World of Warcraft Burning Crusade Classic" - should be available for everyone since game is subscription based.
5. Launch the game and stay in main menu for 3-4 minutes.

Expected behavior No crash.

System details and installed software (please provide the following information): Windows 10 Enterprise 21H1, Ryzen 9 5900X, Sandboxie-plus 0.9.3

Sandboxie configuration Reproducible with default sandbox and even with OpenIpcPath=* which I tried to see if Ipc was the problem.

Additional context This problem doesn't seem like it's anytinhg new as there's a thread on old Sandboxie forum which describes the same behaviour.

Game runs completely fine until the crash and consistent timing makes me think it can be something similar to https://github.com/sandboxie-plus/Sandboxie/issues/319

WowClassic.exe trace log

There's no new resouce access calls until `WerFault.exe` is called at `21:11:07:547` ``` WowClassic.exe (16300) _ Thread 15092 __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} _ Thread 14764 __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} _ Thread 14432 __ 21:07:19.652 Ipc \Sessions\3\BaseNamedObjects\30EB73088b953463352548ad95dd0d94c5b7ed8f01D79137003FAC __ 21:07:14.453 Pipe open \Device\Afd __ 21:07:14.393 Pipe open \Device\Afd __ 21:07:14.353 Pipe open \Device\Afd __ 21:07:14.343 Pipe open \Device\Afd __ 21:07:14.283 Pipe open \Device\Afd __ 21:07:14.253 Pipe open \Device\Afd __ 21:07:14.223 Pipe open \Device\Afd __ 21:07:14.193 Pipe open \Device\Afd __ 21:07:14.163 Pipe open \Device\Afd __ 21:07:13.332 Pipe open \Device\Afd __ 21:07:13.332 Debug trace CreateProcess: C:\Sandbox\RUser\multiplayer\user\all\Battle.net\Agent\Agent.exe ("C:/ProgramData/Battle.net/Agent/Agent.exe"); err=0 __ 21:07:11.279 Pipe open \Device\Afd __ 21:07:11.279 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:11.279 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:11.279 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:11.279 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} __ 21:07:11.049 Ipc \PdcPort __ 21:07:11.039 Pipe \Device\DeviceApi __ 21:07:11.009 ComClass (2) {BCDE0395-E52F-467C-8E3D-C4579291692E} MMDeviceEnumerator class __ 21:07:11.009 Ipc open \RPC Control\AudioClientRpc __ 21:07:11.009 Ipc \RPC Control\LRPC-ab399c5dcafad4f06e __ 21:07:11.009 Pipe \Device\DeviceApi __ 21:07:10.989 ComClass (2) {BCDE0395-E52F-467C-8E3D-C4579291692E} MMDeviceEnumerator class __ 21:07:10.989 Ipc open \Sessions\3\BaseNamedObjects\MidiMapper_modLongMessage_RefCnt __ 21:07:10.959 Ipc open \RPC Control\AudioClientRpc __ 21:07:10.949 ComClass {BCDE0395-E52F-467C-8E3D-C4579291692E} MMDeviceEnumerator class __ 21:07:10.949 Ipc open \RPC Control\Audiosrv __ 21:07:10.849 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:10.849 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:10.849 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:10.849 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} __ 21:07:10.398 Ipc \Sessions\3\BaseNamedObjects\__ComCatalogCache__ __ 21:07:10.398 Ipc \BaseNamedObjects\__ComCatalogCache__ __ 21:07:10.398 Ipc open \KernelObjects\MaximumCommitCondition __ 21:07:10.398 Ipc Open \KnownDlls\clbcatq.dll __ 21:07:10.398 Ipc \Sessions\3\BaseNamedObjects\__ComCatalogCache__ __ 21:07:10.398 Ipc \BaseNamedObjects\__ComCatalogCache__ __ 21:07:10.398 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:10.398 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:10.398 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:07.806 Ipc (5) \Sessions\3\BaseNamedObjects\CDdf212806D6EmB31yE0c __ 21:07:07.806 Ipc \Sessions\3\BaseNamedObjects\30EB73081dcb46948b2e40e3823fc51ef2eb74f901D79137003FAC __ 21:07:07.806 Ipc \Sessions\3\BaseNamedObjects\30EB73088b953463352548ad95dd0d94c5b7ed8f01D79137003FAC __ 21:07:07.706 Pipe \Device\DeviceApi __ 21:07:07.696 WinClass open (3) Shell_TrayWnd __ 21:07:07.686 WinClass GxWindowClass __ 21:07:07.655 Ipc \Sessions\3\BaseNamedObjects\CDdf212806D6EmB31yE0c __ 21:07:07.655 Ipc \Sessions\3\BaseNamedObjects\30EB73081dcb46948b2e40e3823fc51ef2eb74f901D79137003FAC __ 21:07:07.655 Ipc \Sessions\3\BaseNamedObjects\30EB73088b953463352548ad95dd0d94c5b7ed8f01D79137003FAC __ 21:07:07.555 Pipe \Device\DeviceApi __ 21:07:07.555 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:07.555 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:07.555 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:07.555 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:07.555 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:07.555 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:07.525 Ipc \Sessions\3\BaseNamedObjects\CDdf212806D6EmB31yE0c __ 21:07:07.525 Ipc \Sessions\3\BaseNamedObjects\30EB73081dcb46948b2e40e3823fc51ef2eb74f901D79137003FAC __ 21:07:07.525 Ipc \Sessions\3\BaseNamedObjects\30EB73088b953463352548ad95dd0d94c5b7ed8f01D79137003FAC __ 21:07:07.525 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:07.525 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:07.525 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:07.375 Ipc Open \KnownDlls\IMAGEHLP.dll __ 21:07:07.345 Pipe \Device\NvAdminDevice __ 21:07:07.335 Ipc \RPC Control\LRPC-ab399c5dcafad4f06e __ 21:07:07.335 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:07.335 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:07.335 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:07.335 Pipe \Device\KsecDD __ 21:07:07.335 Pipe \Device\DeviceApi __ 21:07:07.325 Ipc Open \KnownDlls\cfgmgr32.dll __ 21:07:07.325 Ipc Open \KnownDlls\Setupapi.dll __ 21:07:07.315 Ipc \Sessions\3\BaseNamedObjects\WoW ASYNCTHREADSHAREDMEM.1 __ 21:07:06.644 Ipc \Sessions\3\BaseNamedObjects\../Data/data __ 21:07:06.644 Ipc open \RPC Control\LSARPC_ENDPOINT __ 21:07:06.494 Pipe open (25) \Device\Afd __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:06.464 Ipc open \BaseNamedObjects\[CoreUI]-PID(10980)-TID(3980) db717870-1f9a-4ea2-a0c8-d312c340bfc8 __ 21:07:06.464 Ipc Open \BaseNamedObjects\[CoreUI]-PID(16300)-TID(14432) 28d9cfb3-e12f-4a1c-b2d0-726912719778 __ 21:07:06.464 WinClass UserAdapterWindowClass __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:06.464 Ipc open \BaseNamedObjects\CoreMessagingRegistrar __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:06.464 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:06.464 Ipc open \BaseNamedObjects\msctf.serverDefault3 __ 21:07:06.464 Ipc open \RPC Control\lsapolicylookup __ 21:07:06.464 Ipc open \Sessions\3\BaseNamedObjects\MSCTF.CtfMonitorInstMutexDefault3 __ 21:07:06.464 Ipc open \Sessions\3\BaseNamedObjects\CicLoadWinStaWinSta0 __ 21:07:06.464 Ipc open \Sessions\3\BaseNamedObjects\CTF.AsmListCache.FMPDefault3 __ 21:07:06.464 Ipc open \Sessions\3\BaseNamedObjects\MSCTF.Asm.MutexDefault3 __ 21:07:06.464 Pipe \Device\CNG __ 21:07:06.454 Ipc Open \KnownDlls\bcryptPrimitives.dll __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:120:WilError_03_p0h __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:120:WilError_03_p0 __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:120:WilError_03 __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:06.444 WinClass open (3) Shell_TrayWnd __ 21:07:06.444 Ipc Open \KnownDlls\SHLWAPI.dll __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\windows_shell_global_counters __ 21:07:06.444 Ipc Open \KnownDlls\SHCORE.dll __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0h __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02_p0 __ 21:07:06.444 Ipc \Sessions\3\BaseNamedObjects\SM0:16300:304:WilStaging_02 __ 21:07:06.444 Ipc open \Sessions\3\Windows\Theme3118905559 __ 21:07:06.444 Ipc open \Windows\Theme2453279201 __ 21:07:06.444 Ipc open \Sessions\3\Windows\ThemeSection __ 21:07:06.444 Ipc Open \KnownDlls\OLEAUT32.dll __ 21:07:06.444 Ipc Open \KnownDlls\MSCTF.dll __ 21:07:06.444 Ipc open \ThemeApiPort __ 21:07:06.444 WinClass RichEdit20A __ 21:07:06.414 Ipc \Sessions\3\BaseNamedObjects\Blizzard Entertainment World of Warcraft __ 21:07:06.414 Ipc (4) \Sessions\3\BaseNamedObjects\BlizzServiceRegistry_Mutex __ 21:07:06.414 Ipc \Sessions\3\BaseNamedObjects\BlizzServiceRegistry __ 21:07:06.414 Ipc \Sessions\3\BaseNamedObjects\BlizzServiceRegistry_Mutex __ 21:07:06.214 Ipc Open \KnownDlls\WINTRUST.dll __ 21:07:06.214 Ipc Open \KnownDlls\SHELL32.dll __ 21:07:06.204 Ipc Open \KnownDlls\CRYPT32.dll __ 21:07:06.194 Ipc Open \KnownDlls\WS2_32.dll __ 21:07:06.194 Ipc Open \KnownDlls\sechost.dll __ 21:07:06.194 Ipc Open \KnownDlls\MSVCRT.dll __ 21:07:06.194 Ipc Open \KnownDlls\advapi32.dll __ 21:07:06.194 Ipc Open \KnownDlls\combase.dll __ 21:07:06.194 Ipc Open \KnownDlls\rpcrt4.dll __ 21:07:06.194 Ipc Open \KnownDlls\ole32.dll __ 21:07:06.094 Ipc Open \KnownDlls\IMM32.dll __ 21:07:06.094 Ipc \RPC Control\epmapper __ 21:07:06.094 Ipc Open \KnownDlls\ucrtbase.dll __ 21:07:06.094 Ipc Open \KnownDlls\msvcp_win.dll __ 21:07:06.094 Ipc Open \KnownDlls\gdi32full.dll __ 21:07:06.094 Ipc Open \KnownDlls\gdi32.dll __ 21:07:06.094 Ipc Open \KnownDlls\win32u.dll __ 21:07:06.094 Ipc Open \KnownDlls\user32.dll __ 21:07:06.084 Ipc \Sessions\3\BaseNamedObjects\SboxSession __ 21:07:06.084 Ipc open \RPC Control\SbieSvcPort __ 21:07:06.084 Ipc \Sessions\3\BaseNamedObjects\SBIE_BOXED_DummyEvent_16300 __ 21:07:06.084 Drive \Device\HarddiskVolume6 __ 21:07:06.084 Drive \Device\HarddiskVolume3 __ 21:07:06.084 Ipc Open \KnownDlls\PSAPI.DLL __ 21:07:06.074 Ipc Open \Sessions\3\Windows\ApiPort __ 21:07:06.074 Ipc Open \Sessions\3\Windows\SharedSection __ 21:07:06.074 Ipc Open \KnownDlls\kernelbase.dll __ 21:07:06.074 Ipc Open \KnownDlls\kernel32.dll _ Thread 13864 __ 21:07:11.079 Pipe ? _ Thread 12512 __ 21:07:11.279 Pipe open (5) \Device\Afd _ Thread 10828 __ 21:07:06.654 Pipe open \Device\Afd __ 21:07:06.654 Pipe \Device\KsecDD __ 21:07:06.654 Ipc Open \KnownDlls\bcrypt.dll __ 21:07:06.644 Ipc open \RPC Control\DNSResolver _ Thread 6456 __ 21:07:11.279 Pipe open \Device\Afd _ Thread 6124 __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} __ 21:07:06.644 Ipc open \RPC Control\dhcpcsvc6 __ 21:07:06.644 Pipe open \Device\Nsi __ 21:07:06.644 Ipc Open \KnownDlls\NSI.dll _ Thread 5300 __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} _ Thread 2332 __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{3B978630-00C1-4B12-84F8-74080C039495} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{D0A0533E-6D20-4870-8B15-35D2AEEF8D36} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{422861EA-FD87-4CA6-8984-1C789E723A4E} __ 21:07:06.644 Pipe open \Device\NetBT_Tcpip_{E0A2A605-7408-4E30-9668-42EDE7D07877} __ 21:07:06.644 Ipc open \RPC Control\dhcpcsvc __ 21:07:06.644 Pipe open \Device\Nsi ```

[romkansk]

It would seem that this is a result of deliberate defence agains injected code employed by WoW client as a means to prevent cheating. Same crash happens when you try to attach debugger to it.

I would have to settle on just running Battle.net client sandboxed then...

It's probably not worth to keep this ticket open, maybe add World of Warcraft to https://sandboxie-plus.github.io/sandboxie-docs/Content/SandboxieKnownConflicts.html ?

[isaak654]

maybe add World of Warcraft to https://sandboxie-plus.github.io/sandboxie-docs/Content/SandboxieKnownConflicts.html ?

You can simply do that by clicking the link "Improve this page" at the bottom of the page.

[isaak654]

Reproducible with default sandbox and even with OpenIpcPath=* which I tried to see if Ipc was the problem.

OpenIpcPath=* command was recently fixed on 0.9.6, so I think this issue needs to be re-evaluated. See also https://github.com/sandboxie-plus/Sandboxie/issues/1227 if you want to experiment lower degrees of isolation and help the developer to figure out if something can be done.

Another suggestion to take a detailed IPC log is to enable IpcTrace=* (in Sandboxie Plus, it's the IPC tracing option in the Trace tab)... recently I took more than 20 logs with it, and it helped me to discover this workaround that convinced the maintainer to release a permanent fix about an old compatibility issue.

[DavidXanatos]

how does teh game behave with the latest sandboxie?

[romkansk]

Re-tested with Sandboxie-Plus 1.0.10 x64 Far as I can tell there's no difference in behaviour - crash is still reproducible from main menu without OpenIpcPath=* and with it.

[isaak654]

@romkansk Please try the same steps I did here in order to generate/share your crash dump (.dmp file): https://github.com/sandboxie-plus/Sandboxie/issues/1243#issuecomment-1042120096

[romkansk]

I currently can't re-test it though if necessary I'll post a crash dump in a few days.

Although I don't think it's worth maintainers time to deal with this since it's DRM software that deliberately resists being messed with. According to some discussions (mainly on botting forums) Blizzard often changes their detection methods and seem to employ them in all their games - Diablo II Resurrected has a smilir crash, though not reproducible from main menu.