Closed Bug 1353304 Opened 8 years ago Closed 1 year ago

Assertion failure: (MOZ_ASSERT_UNREACHABLE: Opcode sequence includes commands after JMP)

Categories

(Core :: General, defect)

Product:
Core
Component:
General
Platform:
x86_64
Windows 8.1
Type:
defect

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: ccorcoran, Unassigned)

References

Details

(Whiteboard: [ele:1a])

Running TestDllInterceptor.exe yields the following output: > TEST-PASS | WindowsDllInterceptor | Hook added > TEST-PASS | WindowsDllInterceptor | Hook called > TEST-PASS | WindowsDllInterceptor | Hook works properly > TEST-PASS | WindowsDllInterceptor | Hook was not called after unregistration > TEST-PASS | WindowsDllInterceptor | Original function worked properly > TEST-PASS | WindowsDllInterceptor | Could hook GetWindowInfo from user32.dll > TEST-PASS | WindowsDllInterceptor | Executed hooked function GetWindowInfo from user32.dll > Assertion failure: false (MOZ_ASSERT_UNREACHABLE: Opcode sequence includes commands after JMP), at d:\mozilla-central\obj-x86_64-pc-mingw32\dist\include\nsWindowsDllInterceptor.h:837 Running in a debugger I see that this is the line being tested, from \toolkit\xre\test\win\TestDllInterceptor.cpp > TestHook(TestSetWindowLongPtr, "user32.dll", "SetWindowLongPtrA") && The same assertion fails for SetWindowLongPtrW. All other tests pass. Disassembly of the respective functions in Windbg: > 0:000> u user32!SetWindowLongPtrA > USER32!SetWindowLongPtrA: > 00007ffb`8e205170 41b901000000 mov r9d,1 > 00007ffb`8e205176 e9a5f8ffff jmp USER32!_SetWindowLongPtr (00007ffb`8e204a20) > 00007ffb`8e20517b 41b8ffff0000 mov r8d,0FFFFh > 00007ffb`8e205181 66413bc0 cmp ax,r8w > 00007ffb`8e205185 0f84800c0000 je USER32!HMValidateHandleNoRip+0x4f (00007ffb`8e205e0b) > 00007ffb`8e20518b e9ad0c0000 jmp USER32!HMValidateHandleNoRip+0x75 (00007ffb`8e205e3d) > 00007ffb`8e205190 cc int 3 > 00007ffb`8e205191 b201 mov dl,1 > 0:000> u user32!SetWindowLongPtrW > USER32!SetWindowLongPtrW: > 00007ffb`8e204ad0 4533c9 xor r9d,r9d > 00007ffb`8e204ad3 e948ffffff jmp USER32!_SetWindowLongPtr (00007ffb`8e204a20) > 00007ffb`8e204ad8 b201 mov dl,1 > 00007ffb`8e204ada e871feffff call USER32!HMValidateHandle (00007ffb`8e204950) > 00007ffb`8e204adf 488bd8 mov rbx,rax > 00007ffb`8e204ae2 eb82 jmp USER32!_SetWindowLongPtr+0x42 (00007ffb`8e204a66) > 00007ffb`8e204ae4 cc int 3 > 00007ffb`8e204ae5 90 nop mozconfig build options: > ac_add_options --disable-optimize > ac_add_options --enable-debug I didn't test yet with other options but as this is caused by a system binary, the build options probably don't matter. My user32.dll is version 6.3.9600.18535 OS ver: Windows 8 64-bit / version 6.3 build 9600
From the duplicate, kernel32!CreateFileA is also broken on some builds of Win8 (but not all -- it might depend on what Windows Updates you have).
Severity: normal → S3

I do not see any such crashes on crash-stats these days.

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.