Am 27.10.2013 07:54, schrieb Paolo Bonzini: > Here is the code with annotations > > broken works > ------------------------------------------------------------------------- > push %ebx > sub $0x18,%esp sub $0x1c,%esp > mov %ebx,0x14(%esp) > mov %esi,0x18(%esp) > > movl $0x6d62a8,(%esp) movl $0x6d62a8,(%esp) > mov 0x24(%esp),%ebx mov 0x24(%esp),%ebx > ebx = to; > call ___emutls_get_address call ___emutls_get_address > eax = ¤t; > > mov (%eax),%esi > esi = current; > > mov %ebx,(%eax) mov %ebx,(%eax) > current = to; > > mov 0x28(%esp),%eax mov 0x28(%esp),%eax > eax = action > mov %eax,0x24(%ebx) mov %eax,0x24(%ebx) > to->action = action > mov 0x20(%ebx),%eax mov 0x20(%ebx),%eax > eax = to->fiber > mov %eax,(%esp) mov %eax,(%esp) > "push" to->fiber > call *0x835fc0 call *0x835fc0 > SwitchToFiber(to->fiber) > sub $0x4,%esp sub $0x4,%esp > undo PASCAL calling convention > > ** mov 0x20(%esp),%eax > eax = from > mov 0x24(%eax),%eax mov 0x24(%esi),%eax > eax = from->action > > mov 0x14(%esp),%ebx > mov 0x18(%esp),%esi > add $0x18,%esp add $0x1c,%esp > pop %ebx > ret ret > > > I think the problem is that 0x20(%esp) gets somehow corrupted at the > instruction I highlighted with **. > > The simplest fix then would be to add a barrier() before and after > SwitchToFiber. > > Paolo
I tried adding two barrier() statements around SwitchToFiber(). That change did not result in different assembler code (=> unchanged behaviour, QEMU still raises an assertion). Stefan