Am 24.10.2013 23:47, schrieb Paolo Bonzini: > Il 24/10/2013 17:37, Stefan Weil ha scritto: >> Yes, that works, too. It also fixes the problem with the assertion >> (tested with Wine). >> >> No, we cannot remove from_, because the same interface is also used >> for Linux and other hosts which don't have a 'current' variable. >> Or we would have to call qemu_coroutine_self() to get the current >> coroutine. > Yes, I was thinking of using qemu_coroutine_self(). > > By the way, can you post the two assembly language outputs for just > > - CoroutineWin32 *from = DO_UPCAST(CoroutineWin32, base, from_); > + CoroutineWin32 *from = DO_UPCAST(CoroutineWin32, base, current); > > which AIUI works and is enough to fix the bug? > > Paolo
See disassembled code below. I removed compiler option -fstack-protector-all to simplify the assembler code and tested that the result was not affected by this removal. The C and assembler code from the test is also available at http://qemu.weilnetz.de/test/coroutine-win32/. Stefan unpatched QEMU, crash with assertion 00448670 <_qemu_coroutine_switch>: 448670: 53 push %ebx 448671: 83 ec 18 sub $0x18,%esp 448674: c7 04 24 a8 62 6d 00 movl $0x6d62a8,(%esp) 44867b: 8b 5c 24 24 mov 0x24(%esp),%ebx 44867f: e8 ec 9e 27 00 call 6c2570 <___emutls_get_address> 448684: 89 18 mov %ebx,(%eax) 448686: 8b 44 24 28 mov 0x28(%esp),%eax 44868a: 89 43 24 mov %eax,0x24(%ebx) 44868d: 8b 43 20 mov 0x20(%ebx),%eax 448690: 89 04 24 mov %eax,(%esp) 448693: ff 15 c0 5f 83 00 call *0x835fc0 448699: 83 ec 04 sub $0x4,%esp 44869c: 8b 44 24 20 mov 0x20(%esp),%eax 4486a0: 8b 40 24 mov 0x24(%eax),%eax 4486a3: 83 c4 18 add $0x18,%esp 4486a6: 5b pop %ebx 4486a7: c3 ret patched, works 00448620 <_qemu_coroutine_switch>: 448620: 83 ec 1c sub $0x1c,%esp 448623: c7 04 24 a8 62 6d 00 movl $0x6d62a8,(%esp) 44862a: 89 5c 24 14 mov %ebx,0x14(%esp) 44862e: 8b 5c 24 24 mov 0x24(%esp),%ebx 448632: 89 74 24 18 mov %esi,0x18(%esp) 448636: e8 25 9f 27 00 call 6c2560 <___emutls_get_address> 44863b: 8b 30 mov (%eax),%esi 44863d: 89 18 mov %ebx,(%eax) 44863f: 8b 44 24 28 mov 0x28(%esp),%eax 448643: 89 43 24 mov %eax,0x24(%ebx) 448646: 8b 43 20 mov 0x20(%ebx),%eax 448649: 89 04 24 mov %eax,(%esp) 44864c: ff 15 c0 5f 83 00 call *0x835fc0 448652: 8b 46 24 mov 0x24(%esi),%eax 448655: 83 ec 04 sub $0x4,%esp 448658: 8b 5c 24 14 mov 0x14(%esp),%ebx 44865c: 8b 74 24 18 mov 0x18(%esp),%esi 448660: 83 c4 1c add $0x1c,%esp 448663: c3 ret