With the beta AVR toolchain 3.0.0.207, the prologue for functions using a frame has changed and is now causing stack corruption when an interrupt fires. Take for example a function which needs 5 bytes of frame. This is how the frame is setup in the function prologue:
Under WinAVR2010: a30: df 93 push r29 a32: cf 93 push r28 a34: 00 d0 rcall .+0 ; 0xa36 a36: 00 d0 rcall .+0 ; 0xa38 a38: 0f 92 push r0 a3a: cd b7 in r28, 0x3d ; 61 a3c: de b7 in r29, 0x3e ; 62 AVR Toolchain 3.0.0.207: +00000507: 93DF PUSH R29 Push register on stack +00000508: 93CF PUSH R28 Push register on stack +00000509: B7CD IN R28,0x3D In from I/O location +0000050A: B7DE IN R29,0x3E In from I/O location +0000050B: 9725 SBIW R28,0x05 Subtract immediate from word +0000050C: BFDE OUT 0x3E,R29 Out to I/O location +0000050D: BFCD OUT 0x3D,R28 The stack corruption occurs when an interrupt fires between addresses 0x50C and 0x50D in the example above since the stack pointer is only half updated. I initially submitted this bug under GCC bugzilla, but upon further investigation, it looks like this comes from AVR-LibC as I can take the LibC from the toolchain, insert it in WinAVR2010 and get the same stack prologue code. Our proxy prevents me from accessing Savanna so I can't submit a report there. -- View this message in context: http://old.nabble.com/Stack-corruption-with-AVR-toolchain-tp29420969p29420969.html Sent from the AVR - Libc - Dev mailing list archive at Nabble.com. _______________________________________________ AVR-libc-dev mailing list AVR-libc-dev@nongnu.org http://lists.nongnu.org/mailman/listinfo/avr-libc-dev
