[avr-libc-dev] Stack corruption with AVR toolchain

[DarkDragon]

With the beta AVR toolchain 3.0.0.207, the prologue for functions using a
frame
has changed and is now causing stack corruption when an interrupt fires.
Take
for example a function which needs 5 bytes of frame. This is how the frame
is
setup in the function prologue:

Under WinAVR2010:
a30: df 93 push r29
a32: cf 93 push r28
a34: 00 d0 rcall .+0 ; 0xa36
a36: 00 d0 rcall .+0 ; 0xa38
a38: 0f 92 push r0
a3a: cd b7 in r28, 0x3d ; 61
a3c: de b7 in r29, 0x3e ; 62

AVR Toolchain 3.0.0.207:
+00000507: 93DF PUSH R29 Push register on stack
+00000508: 93CF PUSH R28 Push register on stack
+00000509: B7CD IN R28,0x3D In from I/O location
+0000050A: B7DE IN R29,0x3E In from I/O location
+0000050B: 9725 SBIW R28,0x05 Subtract immediate from word
+0000050C: BFDE OUT 0x3E,R29 Out to I/O location
+0000050D: BFCD OUT 0x3D,R28

The stack corruption occurs when an interrupt fires between addresses 0x50C
and
0x50D in the example above since the stack pointer is only half updated.

I initially submitted this bug under GCC bugzilla, but upon further
investigation, it looks like this comes from AVR-LibC as I can take the LibC
from the toolchain, insert it in WinAVR2010 and get the same stack prologue
code. Our proxy prevents me from accessing Savanna so I can't submit a
report there.

-- 
View this message in context: 
http://old.nabble.com/Stack-corruption-with-AVR-toolchain-tp29420969p29420969.html
Sent from the AVR - Libc - Dev mailing list archive at Nabble.com.