offhub
commented
1 week ago If there is a crash dump, can you share it?
Closed Rngexile closed 1 day ago
offhub
commented
1 week ago If there is a crash dump, can you share it?
Rngexile
commented
1 week ago I've reinstalled sbie 1.14.2 to get crash dumps.
I thought maybe it was related to the global "edit admin only" that works weirdly (i have to "restart sbie as admin" in UI to be able to change configs while my windows account is in admin group ...) so i have tested both cases. I have tested my main firefox profile with a default yellow sandbox and a nearly default orange sandbox (disabled some templates like bluethooth). So, 4 crash dumps. Firefox_crash_dumps.zip It seems to me that FF crashes while under high cpu/gpu activity and not so much with only 1 website opened.
I've tested a new firefox profil in a default yellow sandbox and added by one my FF extensions (noscript, ff multi account containers, uBlock origin and video downloadhelper without coapp) and tested each time with many websites. I couldn't reproduce the crashes...
DavidXanatos
commented
1 week ago The crashdump is not pointing to sbiedll, does not mean its not sandboxies faoult but its not helpfull. does anyone else has this issue?
Rngexile
commented
1 week ago I tried to get useful trace log yesterday but didn't see anything special to me with the "deny" entries and didn't go further with the +450Mo file. I'll do more tests tomorrow and get more traces with syscalls+pipes+ipc+interface+com+api+setError.
Beside my FF issue, the 1.14.2 seems rock solid.
Rngexile
commented
1 week ago Well, i'm no expert at all and i couldn't pinpoint some obvious problem with sbie traces (1.14.2). I've tried many sbie settings for my sandbox (jobs, BlockInterferePower, ..., many sandboxes) but sometimes crashes happens whatever i do with firefox and sometimes it seems stable until it crashes for whatever reason (when i close some tabs with middle mouse, when i open a new website, just randomly). Sometimes it seems to work good for a moment, then i reboot, test again and it crashes repeatidely. Really erratic behaviour.
I suspect my main firefox profil does not play well with sandboxie 1.14.1-2 for whatever reason. Maybe some firefox settings, maybe an extension. Still, 1.14.0 is problem free. I'll do more tests later to try to find some FF setting/extension triggering the problem in1.14.2.
DavidXanatos
commented
1 week ago Could you please do a hybrid test with 1.14.0 and 1.14.1 install 1.14.0 and unpack 1.14.1 and start replacing 1.14.0 files with 1.14.1 files Use the Stop All command formthe maintenance menu before replacing files, start with SbieDll.dll SbieSvc.exe SbieDrv.sys Let me know which file causes the failure on your system, this will help a lot by narrowing down which change is the culprit.
Rngexile
commented
1 week ago Hybrid test 1.14.0-1.14.1 done :
SbieDll.dll : no issue, firefox ran well. SbieSvc.exe : the service did not start, so i replaced SbieSvc.exe.sig too and then it started ok. No issue after that, firefox ran well. SbieDrv.sys : issue proced. I tried to replace that file alone (without 1.14.1 SbieDll.dll and SbieSvc.exe SbieSvc.exe.sig) and with the 3 other 1.14.1 files, with same issue in firefox.
Then i replaced ALL 1.14.0 files with 1.14.1 files : issue proced. Then i replaced only SbieDrv.sys 1.14.1 by SbieDrv.sys 1.14.0 : no issue.
Back to full 1.14.0 files without issue.
Rngexile
commented
1 week ago I've noted some new (since when ?, idk) behaviour inside firefox config (General panel > Update firefox). In a red sandbox, if we want an accurate config state, we have to "open/read" acess to C:\ProgramData\Mozilla. (NormalFilePath=C:\ProgramData\Mozilla) I initially thought it messed with mozilla service but it does not seem to be the problem.
Exemple :
The accurate config (as showed in firefox while not sandboxed or proper access in red box) :
The innacurate config (as showed in red sandbox without proper access) :
DavidXanatos
commented
1 week ago Then i replaced only SbieDrv.sys 1.14.1 by SbieDrv.sys 1.14.0 : no issue.
Ok so you are saying the issue is located in the SbieDrv.sys 1.14.1 driver (sys file) i.e. installing 1.14.1 and replacing the driver with the one from 1.14.0 resolves the issue with firefox?
DavidXanatos
commented
1 week ago @Rngexile would you be able to test a unsigned 1.14.3 driver? to validate the issue is properly localized?
DavidXanatos
commented
1 week ago Rngexile
commented
1 week ago Ok, i've done your test. Driver 1.14.3 instead of 1.14.1 (in a 1.14.1 install) does not proc my issue in firefox.
========= Test : 1- install 1.14.1 over the top on 1.14.0 2- test my main firefox profile : same issue proced 3- reboot pc 4- test my main firefox profile : same issue proced
5- try to reboot in test mode with menus ... windows does not boot in test mode ... Only way i got to reboot in test mode, for memory : run a cmd prompt in admin :
bcdedit /set nointegritychecks ON
bcdedit /set testsigning onthen reboot and voilà
6- replace the 1.14.1 driver with the 1.14.3 driver : everything loads fine 7- test my main firefox profile : no issue, firefox is ok even with huge load Driver 1.14.3 does not proc my issue. 8- back to full 1.14.0 and reboot in "normal mode" :
bcdedit /set nointegritychecks OFF
bcdedit /set testsigning off=========
DavidXanatos
commented
1 week ago Very good so the change fixed the issue with firefox :)
DavidXanatos
commented
1 week ago @Rngexile Thank you very much for testing and reporting the issue :) Now that we know what the cause is (the driver verifier fix introduced in 1.14.1) we will still need to somehow find a driver verifier fix which does not cause the issues you had. I'll keep trying to reproduce the your issue here locally, I fail to get FF to crash unfortunately. So in case that does not work for me, would you be willing to try a few more test driver builds, to see if the issue can be fixed without causing new issues?
Rngexile
commented
5 days ago @Rngexile Thank you very much for testing and reporting the issue :) Now that we know what the cause is (the driver verifier fix introduced in 1.14.1) we will still need to somehow find a driver verifier fix which does not cause the issues you had. I'll keep trying to reproduce the your issue here locally, I fail to get FF to crash unfortunately. So in case that does not work for me, would you be willing to try a few more test driver builds, to see if the issue can be fixed without causing new issues?
Back from small trip. Ofc, i can do some more tests with new drivers. :)
Rngexile
commented
5 days ago I finally may have fund something useful after another battery of tests. A setting in firefox seems to trigger my crash in sbie-plus 1.14.1-2 (check the box, restart firefox, browse internet ... crash).
i currently run my main firefox profil with sbie-plus 1.14.1 without crash after huge loads, after pc reboots, after a while running firefox. If i reactivate the setting, then i can crash firefox in its sandbox.
Let me know if you need some traces or else. :)
Rngexile
commented
5 days ago I confirm that the workaround setting in Firefox (127.0.1+127.0.2) works fine with sandboxie-plus 1.14.1 and 1.14.2 on my pc. No issue since that change, running in red sandbox in 1.14.2. Maybe it could help the chromium-based browsers (similar setting ?) that seems to have some issues too as i see in wilders forums ?
Describe what you noticed and did
I've installed Sbie-plus 1.14.2 over the top 1.14.0 (no problem with 1.14.0) this morning then tried to run firefox (127.0.0 and 127.0.1) in its usual sandbox and launched some websites. FF crashed after few seconds.
When launched in its usual hardened privacy sandbox or in a new default sandbox : Firefox crashes randomly in 1sec to 1min. If i open a small directory of bookmarks (8-10) it usually crashes in one second. Then the Firefox crashreporter tries to start. I can't find any specific website to crash FF (i've tried many).
I get FF crashes in default yellow sandbox, "default" orange sandbox, and in its usual red sandbox. Same with Sbie-plus 1.14.1. No problem with 1.14.0 since 17/05/2024.
While running Sbie-plus 1.14.2, i've quickly tried some applications in their respective usual hardened privacy sandbox without any problem (mpc-hc, VLC, foobar2000, ...).
I'm back to 1.14.0 without any problem so far.
How often did you encounter it so far?
Everytime in default yellow sandbox (or usual red sandbox), after about 1sec-1min.
Expected behavior
Firefox should not crash and run flawlessly in its sandbox.
Affected program
Firefox 127.0.0 and 127.0.1
Download link
https://www.mozilla.org/en-US/firefox/all/#product-desktop-release
Where is the program located?
The program is installed only outside the sandbox.
Did the program or any related process close unexpectedly?
No, not at all.
Crash dump
No response
What version of Sandboxie are you running now?
1.14.0
Is it a new installation of Sandboxie?
I just updated Sandboxie from a previous version (I remember which one it is).
Is it a regression from previous versions?
1.14.1
In which sandbox type you have this problem?
In a standard isolation sandbox (yellow sandbox icon).
Can you reproduce this problem on a new empty sandbox?
I can confirm it also on a new empty sandbox.
What is your Windows edition and version?
Windows 10 home 22H2 64bit
In which Windows account you have this problem?
An account with UAC protection set to Always notify.
Please mention any installed security software
Microsoft defender antivirus
Did you previously enable some security policy settings outside Sandboxie?
Some protection settings in windows defender exploit protection settings for Firefox. I've disabled them all (back to default win10 config) then rebooted and the crashes still appeared in 1.14.1 and 1.14.2.
Trace log
No response
Sandboxie.ini configuration