Skip to content
GitLab
Closed
Issue created by Derek Bruening@derekbrueningContributor

ASSERT (win10-1607 notepad) core\arch\x86\emit_utils.c:104 !DYNAMO_OPTION(pad_jmps)

On Win10-1607, launch notepad with the bbsize client in debug build. When notepad comes up, select File|Save As.

A bunch of these show up while the Save As dialog draws itself:

<CURIOSITY : !last_deallocated->unload_in_progress || ((last_deallocated->last_unload_base <= module_base && module_base < (last_deallocated->last_unload_base + last_deallocated->last_unload_size)) && "race - multiple unmaps") in file D:\derek\dr\git\src\core\vmareas.c li
version 6.1.17036, custom build

Then an add_ibl_target unknown reason curiosity, and then this assert:

<Application C:\Windows\SysWoW64\notepad.exe (5464).  Internal Error: DynamoRIO debug check failure: D:\derek\dr\git\src\core\arch\x86\emit_utils.c:104 !DYNAMO_OPTION(pad_jmps)
(Error occurred @362902 frags)
05 1833da9c 7039c21a dynamorio!internal_error+0x124 [d:\derek\dr\git\src\core\utils.c @ 187]
06 1833dadc 7039c5b5 dynamorio!insert_relative_target+0x26a [d:\derek\dr\git\src\core\arch\x86\emit_utils.c @ 104]
07 1833daf4 7038e269 dynamorio!patch_branch+0x25 [d:\derek\dr\git\src\core\arch\x86\emit_utils.c @ 166]
08 1833db94 7025a3b0 dynamorio!link_direct_exit+0x4a9 [d:\derek\dr\git\src\core\arch\emit_utils_shared.c @ 482]
09 1833dc3c 7025ab5a dynamorio!link_branch+0x750 [d:\derek\dr\git\src\core\link.c @ 1175]
0a 1833dd2c 7025ec18 dynamorio!link_fragment_outgoing+0x59a [d:\derek\dr\git\src\core\link.c @ 1808]
0b 1833dfd4 70285fff dynamorio!shift_links_to_new_fragment+0xe38 [d:\derek\dr\git\src\core\link.c @ 2146]
0c 1833e99c 70286804 dynamorio!emit_fragment_common+0xb1ef [d:\derek\dr\git\src\core\emit.c @ 945]
0d 1833e9c4 7030f10a dynamorio!emit_fragment_as_replacement+0x24 [d:\derek\dr\git\src\core\emit.c @ 1026]
0e 1833ec2c 70309b01 dynamorio!end_and_emit_trace+0x1cea [d:\derek\dr\git\src\core\monitor.c @ 1505]
0f 1833ef14 7026817f dynamorio!monitor_cache_enter+0x1681 [d:\derek\dr\git\src\core\monitor.c @ 2109]
10 1833eff4 183421f8 dynamorio!dispatch+0x35f [d:\derek\dr\git\src\core\dispatch.c @ 188]
WARNING: Frame IP not in any known module. Following frames may be wrong.

0:002> dv
             pc = 0x19e06b7f "???"
         target = 0x1839e896 "???"
      hot_patch = 0n1 ''
          value = 0n-27689709
0:002> U @@(pc)
19e06b7f 11a90500abab    adc     dword ptr [ecx-5454FFFBh],ebp
19e06b85 ab              stos    dword ptr es:[edi]
0:002> U @@(target)
1839e896 8b4df0          mov     ecx,dword ptr [ebp-10h]
1839e899 64890d00000000  mov     dword ptr fs:[0],ecx
1839e8a0 59              pop     ecx
0:002> .formats value
Evaluate expression:
  Hex:     1833dad8

0:002> .frame 9
09 1833dc3c 7025ab5a dynamorio!link_branch+0x750 [d:\derek\dr\git\src\core\link.c @ 1175]
0:002> ?? *f
struct _fragment_t
   +0x000 tag              : 0x75f5fca4  "???"
   +0x004 flags            : 0x1000014
   +0x008 size             : 0x15
   +0x00a prefix_size      : 0x10 ''
   +0x00b fcache_extra     : 0x9 ''
   +0x00c start_pc         : 0x19e06b6e  "???"
   +0x010 in_xlate         : <unnamed-tag>
   +0x014 next_vmarea      : 0x19e37870 _fragment_t
   +0x018 prev_vmarea      : 0x17d51cc8 _fragment_t
   +0x01c also             : <unnamed-tag>
   +0x020 id               : 0n253988
0:002> U @@(f->tag)
combase!_SEH_epilog4_GS+0xb:
75f5fca4 f2e98cffffff    bnd jmp combase!_SEH_epilog4 (75f5fc36)

Related to the mpx prefix (xref #1899 (closed))?