Edge/Chrome/Brave/Vivaldi v90 hang with 5.49.7 and hardware acceleration on

[isaak654]

In the first report, one user tested clean installs of 5.49.5 and 5.49 , but they fail too. For further details:

Report n. 1

> Since updating to Edge 90.0.818.39, Brave 90.1.23.71, Chrome 90.0.4430.72 I can no longer open these browsers with Sandboxie 5.49.7 x64bit on one of my laptops. Sandboxie 5.49.7x64 worked fine with the previous versions of all three browsers. All browsers were updated outside of Sandboxie, and the contents of the sandboxes were emptied prior to updating (I have auto empty enabled, but always double check). > > When I launch these browsers I get an error window pop up, which I cannot progress from. Closing the error windows just closes the error, but no browser opens. Leaving the error to see if it rights itself doesn't work - I have left it 1 hour but the error remains and no browser opens. > > This is the error, which is the same on all three browsers: > > https://www.wilderssecurity.com/threads/sandboxie-plus-0-7.436454/page-7#post-3000839 > > Steps I've tried include trying various sandboxes, rebooting, running c-cleaner, uninstalling and reinstalling both Sandboxie and Chrome (including previous versions of Sandboxie and starting over with a new ini file), running a SFC & DSIM restore health command. Windows version 20H2 19042.928. Windows Defender only. Only sandboxie settings I've changed is to allow autorecovery and auto delete of the sandbox on recovery, otherwise it's out of the box. None of these things have worked. > > Yeah it's 100% a Chrome 90.x issue. At first for me it was only Google Chrome that wasn't working, it started when it moved from version 89.x to 90.x. I get the attached error in my post when I try and launch it in Sandboxie. Then as other Chrome browsers have updated to 90.x, they too, now fail to open with the same error. Vivaldi still works for me, but that is still on v 89.x on my machine. It's not a Sandboxie 5.49.7 thing because all Chrome based browsers worked fine on 5.49.7 until they updated from 89.x to 90.x. Also, I've tested clean installs of 5.49.5 and 5.49 , but they fail too. FF and all other apps behave as expected though. > > What I don't understand is why it's just one machine for me - my fastest and newest one. All my machines are configured identically in terms of updates, settings and software. The only difference between the working ones and not working one, is that the not working one has an 11th gen CPU and Iris Xe graphics (though not sure what that would have to do with it - probably nothing). > > Since disabling hardware acceleration stops the Edge hangs on launching (introduced with Chrome based browsers updating from 89.x to 90.x), perhaps just perhaps, the CPU/GPU combo of the one machine I cannot launch any Chrome based browsers on at all, is not entirely irrelevant after all? (Disclaimer - I am by no means as tech savvy as most on here). It's pretty much the only difference between that machine and the other 5 that are working. > > The machine in question has an i7-1165G7 with Iris Xe and no dedicated GPU. My other five machines are a mixture of various CPUs and GPUs. Anyone else with an ultrabook with an i7-1165G7 and Iris Xe? Can you launch Chromium browsers running 90.x under Sandboxie without getting [this](https://www.wilderssecurity.com/threads/sandboxie-plus-0-7.436454/page-7#post-3000839) error? I'm not talking about hangs, I mean with the error and nothing launching full stop.

Report n. 2

> I can no longer use Chrome-based browser with SBIE 5.49.7 either. I think the issue started with chrome version 90 because > any version about that will not run in sbie; things act like they are going to load but never do. Using Vivaldi, chrome base > 90.0.4430.58, nothing loads at all. I am also using Windows version 20H2 19042.928.

Report n. 3

> Long time SBIE user but new to the forum. > > I've been having problems with the last several releases of Chromium Edge being a little slow loading sandboxed but the latest release it now takes Edge about 16 seconds to load. Outside the sandbox Edge pops right up. Since I haven't seen any other complaints it must be something specific to my system. > > The details... > Windows 10 20H2 19042.867 X64 > Sandboxie Plus 0.7.4/5.49.7, I use the classic interface. > Chromium Edge 90.0.818.39 > > What I have tried... > Clean installed Sandboxie Plus. > Deleted the Edge profile and started fresh. > Deleted sandboxie.ini and started fresh. > Tried running Edge from the default box, normally Edge has a dedicated sandbox. > Disabled extensions in Edge. > > None of the above has made any difference in Edge's load time, but disabling hardware acceleration did the trick.

Report n. 4

> Edge (Chrome v90) will open using Sbie 5.49.7... if I wait for more than 10 seconds. > In Edge turning off Hardware Acceleration allows Edge to open in Sbie almost instantly.

Report n. 5

> > Suddenly when sandboxed in Sandboxie Plus my Brave browser gives an error page every time: > https://www.wilderssecurity.com/threads/sandboxie-plus-0-7.436454/page-8#post-3001055 > I suppose Brave updated and now it's not compatible with Sandboxie + any more. > Unsandboxed it works normally.

[isaak654]

I don't have this issue, I just merged 5 different reports. The only workaround for them is to disable hw acceleration, I hope this can be fixed in a future release.

It seems like they updated the browsers outside of the sandbox and that the hardware acceleration setting (in enabled state) conflicts with the same browsers opened inside the sandboxes.

[hg421]

Yes, I see this issue with MS Edge 90 as well (on Windows 1909 and 20H2). What happens actually is that, when starting the browser, the GPU process crashes at a certain point and is then repeatedly launched again, until it gives up. (Effectively one then browses with hardware acceleration disabled...)

Here is what I found while trying to debug this.

Chromium browsers do hardware compositing in a separate process (the GPU process). For this, apparently the window that DirectComposition renders into must be owned by the process that does the rendering, i.e. in this case by the GPU process. But the browser windows are attached to the main process. So, what they do is they create a child window owned by a thread of the GPU process (the "Window owner thread"), with window class Intermediate D3D Window, which is reparented by the main process to be a child of its window. (See: https://github.com/chromium/chromium/blob/b1995fbf6d2064776862b0deced3b5220404fad5/ui/gl/child_window_win.h#L17-L19)

Here is an illustration of how this looks like (this is running un-sandboxed):

Now, if the browser is started inside the sandbox, somehow something goes wrong with the window creation. The function ChildWindowWin::Initialize launches the "Window owner thread" which then runs the CreateWindowsOnThread routine. It tries to create the window by calling CreateWindowEx:

HWND window = CreateWindowEx(
    WS_EX_NOPARENTNOTIFY | WS_EX_LAYERED | WS_EX_TRANSPARENT |
        WS_EX_NOREDIRECTIONBITMAP,
    reinterpret_cast<wchar_t*>(g_window_class), L"",
    WS_CHILDWINDOW | WS_DISABLED | WS_VISIBLE, 0, 0, size.width(),
    size.height(), *parent_window, nullptr, nullptr, nullptr);
if (!window) {
    logging::SystemErrorCode error = logging::GetLastSystemErrorCode();
    base::debug::Alias(&error);
    CHECK(false);
}

https://github.com/chromium/chromium/blob/0eed97327b80d123d2a90379bf1ed3ab201c23ad/ui/gl/child_window_win.cc#L96-L106

For some reason CreateWindowEx fails and returns NULL, which causes an assertation failure (and, if no debugger is attached, leads to an immediate crash). Unfortunately I have no idea what is happening here, also GetLastError returns 0...

I guess I'll have to leave this for someone else to figure out :)

[isaak654]

Report n. 6 by stapp:

I can confirm with Vivaldi 3.8.2259.27 using Chrome/90.0.4430.86 that Sandboxie will not run (using Plus 0.7.4 on this machine) Updated vivaldi to latest release 3.8.2259.37 (Stable channel) (64-bit) which uses Chrome/90.0.4430.95 on my Sbie Classic machine 5.49.7 I used "C:\Program Files\Sandboxie\Start.exe" vivaldi.exe --no-sandbox" as the target and at least I can run vivaldi under sbie supervision.

[NewKidOnTheBlock]

I can confirm this error with the latest Brave Portable (based on 90.1.23.71)

-> The previous Brave Portable version (based on 88.1.20.110) works just fine in SB 5.49.7

[FredB750]

I experienced trouble with all 64 bit chrome v90+ browsers. The 32bit versions seem to run OK.?? Would like to hear if anyone else has found the same to be true?

[DavidXanatos]

I'm looking into the issue

[DavidXanatos]

This issue should be resolved in the next build untill then you can sue this patched SbieDll.dll https://xanasoft.com/Downloads/SbieDll_5.49.8a.zip

Strangely the window reparrenting @hg421 reported still seams broken, never the less the HW acceleration seams working when you go to chrome://gpu it tells you whats working and what not

[xame-arch]

I tested on windows 8.1 and it doesn't work

[isaak654]

I tested on windows 8.1 and it doesn't work

Could you share your config and your sandboxie version?

[xame-arch]

Sandboxie 5.49.8

config: [GlobalSettings]

Template=7zipShellEx Template=FireFix_for_Win7

[DefaultBox]

ConfigLevel=9 AutoRecover=y BlockNetworkFiles=y Template=OpenSmartCard Template=OpenBluetooth Template=FileCopy Template=SkipHook Template=qWave Template=BlockPorts Template=LingerPrograms Template=Chrome_Phishing_DirectAccess Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Favorites% RecoverFolder=%Desktop% BorderColor=#00FFFF,ttl Enabled=y

[UserSettings_11BA028F]

SbieCtrl_UserName=hublot SbieCtrl_NextUpdateCheck=-1 SbieCtrl_WindowCoords=811,150,789,527 SbieCtrl_ActiveView=40021 SbieCtrl_UpdateCheckNotify=y SbieCtrl_EnableLogonStart=y SbieCtrl_EnableAutoStart=y SbieCtrl_AddDesktopIcon=y SbieCtrl_AddQuickLaunchIcon=y SbieCtrl_AddContextMenu=y SbieCtrl_AddSendToMenu=y SbieCtrl_AutoApplySettings=n SbieCtrl_BoxExpandedView=DefaultBox,f,g,h,i

[f]

Enabled=y ConfigLevel=9 AutoRecover=y BlockNetworkFiles=y Template=OpenSmartCard Template=OpenBluetooth Template=FileCopy Template=SkipHook Template=qWave Template=BlockPorts Template=LingerPrograms Template=Chrome_Phishing_DirectAccess Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Favorites% RecoverFolder=%Desktop% BorderColor=#00FFFF,ttl

[g]

Enabled=y ConfigLevel=9 BlockNetworkFiles=y Template=OpenSmartCard Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=qWave Template=BlockPorts Template=LingerPrograms Template=Chrome_Phishing_DirectAccess Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Desktop% BorderColor=#00FFFF,ttl,6

[h]

Enabled=y ConfigLevel=9 BlockNetworkFiles=y Template=OpenSmartCard Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=qWave Template=BlockPorts Template=LingerPrograms Template=Chrome_Phishing_DirectAccess Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Desktop% BorderColor=#00FFFF,ttl,6

[i]

Enabled=y ConfigLevel=9 BlockNetworkFiles=y Template=OpenSmartCard Template=OpenBluetooth Template=SkipHook Template=FileCopy Template=qWave Template=BlockPorts Template=LingerPrograms Template=Chrome_Phishing_DirectAccess Template=Firefox_Phishing_DirectAccess Template=AutoRecoverIgnore RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}% RecoverFolder=%Personal% RecoverFolder=%Desktop% BorderColor=#00FFFF,ttl,6

[isaak654]

I think the maintainer takes in consideration only the latest sbie version, could you test 5.51.6 please? Please report the name of the browser too.

[xame-arch]

Indeed it works I deleted my sandboxes and install the update, I do not know if it is because I had not deleted my sandboxes or after installation reload the configuration.