Skip to content

Codex Desktop for Windows only launches with --no-sandbox; normal launch hangs before logger initializes #31808

Description

@dungsil

What version of the Codex App are you using (From “About Codex” dialog)?

Version 26.623.141536 • Released 2026. 7. 7.

What subscription do you have?

Pro

What platform is your computer?

Microsoft Windows NT 10.0.26100.0 x64

What issue are you seeing?

Codex Desktop no longer starts normally on Windows. It only opens if launched with --no-sandbox.

Without --no-sandbox, the app appears to start but hangs/fails very early. The new Codex desktop log files are created as 0 bytes, suggesting the process fails before normal app logging initializes.

With --no-sandbox, the app opens and functions.

Timeline / possible trigger

This started after installing the bundled Chrome plugin from Codex Desktop. I removed the plugin afterward, but the problem persists.

I checked for remaining Chrome plugin state and did not find residue:

  • Chrome plugin page now shows Install plugin
  • config.toml does not list chrome@openai-bundled
  • chrome-native-hosts-v2.json has empty entries:
    { "schemaVersion": 2, "entries": [] }
  • No com.openai.codexextension native messaging host under Chrome registry keys
  • No remaining Chrome extension ID hehggadaopoacecdllhhajmbjkdcmajg found in Chrome user data

So the Chrome plugin may have been the trigger, but it does not look like an active leftover plugin is currently causing the issue.

Actual behavior

Launching Codex normally fails/hangs.

Recent normal-launch attempts produced empty logs such as:

%USERPROFILE%\AppData\Local\Packages\OpenAI.Codex_2p2nqsd0c76g0\LocalCache\Local\Codex\Logs\2026\07\09\codex-desktop-...-t0-i1-....log
Length: 0

Windows Event Viewer shows AppModel activation succeeds, then security mitigation events appear for Codex.exe.

Examples from Microsoft-Windows-Security-Mitigations/KernelMode:

  • Event ID 2: dynamic code blocked for Codex.exe
  • Event ID 10: Win32k system calls blocked for Codex.exe
  • Event ID 36: NtFsControlFile blocked for Codex.exe

There was also an earlier WER Application Hang:

Event: MoAppHang
P1: OpenAI.Codex_26.623.19656.0_x64__2p2nqsd0c76g0
P2: praid:App
P3: 149.0.7827.197

Expected behavior

Codex Desktop should launch normally without requiring --no-sandbox.

Workaround

Launching with --no-sandbox works:

Codex.exe --no-sandbox

But this is not a safe long-term workaround.

Things already tried

  • Removed the Chrome plugin
  • Cleared/reset Codex MSIX local cache/profile under:
    %USERPROFILE%\AppData\Local\Packages\OpenAI.Codex_2p2nqsd0c76g0\LocalCache
    
  • Re-registered the MSIX package with Add-AppxPackage -Register
  • Tried GPU-related workarounds:
    • --disable-gpu-sandbox
    • --disable-gpu
  • Tried app-specific Windows process mitigation override for Codex.exe
    • BlockDynamicCode
    • DisableWin32kSystemCalls
    • DisableFsctlSystemCalls
    • StrictHandle
  • The mitigation override did not fix the normal launch path

Notes

This looks like an Electron/Chromium sandbox initialization issue specific to this Codex Desktop build and Windows environment. The security mitigation events appear during failed non---no-sandbox launches, while --no-sandbox avoids the failure.

What steps can reproduce the bug?

  1. Install the Chrome Control plugin.
  2. Close Codex and attempt to reopen it.

What is the expected behavior?

No response

Additional information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    appIssues related to the Codex desktop appbugSomething isn't workingsandboxIssues related to permissions or sandboxingwindows-osIssues related to Codex on Windows systems

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions