Menu
▾
▴
Re: [Sdcc-user] strange problem with passing variables on stack (mcs51, --auto-stack, large memory model, w/ bank switching)
|
From: Maarten B. <sou...@ds...> - 2010-01-07 22:18:28
|
> It should be a stack overflow. The stack supports up to 256 bytes. (?)
> The SP is at 0x78, so less than half full.
Yes, the stackpointer can go upto address 255. With these values I
doubt it is stack overflow.
>
> Here is the program output now:
>
> sending 2d bytes.
> payload addr X:0xe091.
> SP 72.
> sending 7200 bytes.
> payload addr X:0xe091.
> SP 78.
So now the pointer keeps its value and only len is corrupted. Both
rf_send() and rf_send_b() think payload is at SP-4 which is wrong
for rf_send_b() because it has an extra bank pushed on the stack.
The MSB of len (0x72) is not the old _bp value but probably the LSB
of the return address after lcall __sdcc_banked_call. You can check
this in the .rst file which is the .lst after linking.
I don't know why it does this, because it should know that banked
functions require an extra byte on the stack.
>
> Here is the code now:
>
> int
> cc2430_rf_send(void *payload, unsigned short payload_len)
> {
> //cc2430_rf_payload = payload;
> //cc2430_rf_payload_len = payload_len;
> printf("sending %x bytes.\n",payload_len);
> printf("payload addr %p.\n", payload);
> printf("SP %x.\n", SP);
> return cc2430_rf_send_b(payload, payload_len);
> }
>
> int
> cc2430_rf_send_b(void *payload, unsigned short payload_len) __banked
> //cc2430_rf_send_b(void *payload_in, unsigned short payload_len_in) __banked
> {
> uint8_t i, counter;
> //unsigned short payload_len=cc2430_rf_payload_len;
> //void *payload = cc2430_rf_payload;
>
> printf("sending %x bytes.\n",payload_len);
> printf("payload addr %p.\n", payload);
> printf("SP %x.\n", SP);
>
> }
>
> 1052
> ;------------------------------------------------------------
> 1053 ;
> ../../cpu/cc2430/dev/cc2430_rf_intr.c:128: cc2430_rf_send(void *payload,
> unsigned short payload_len)
> 1054 ;
> -----------------------------------------
> 1055 ; function cc2430_rf_send
> 1056 ;
> -----------------------------------------
> 023C 1057 _cc2430_rf_send:
> 023C C0*00 1058 push _bp
> 023E 85 81*00 1059 mov _bp,sp
> 0241 AA 82 1060 mov r2,dpl
> 0243 AB 83 1061 mov r3,dph
> 0245 AC F0 1062 mov r4,b
> 1063 ;
> ../../cpu/cc2430/dev/cc2430_rf_intr.c:132: printf("sending %x
> bytes.\n",payload_len);
> 0247 C0 02 1064 push ar2
> 0249 C0 03 1065 push ar3
> 024B C0 04 1066 push ar4
> 024D E5*00 1067 mov a,_bp
> 024F 24 FC 1068 add a,#0xfc
> 0251 F8 1069 mov r0,a
> 0252 E6 1070 mov a,@r0
> 0253 C0 E0 1071 push acc
> 0255 08 1072 inc r0
> 0256 E6 1073 mov a,@r0
> 0257 C0 E0 1074 push acc
> 0259 74r00 1075 mov a,#__str_0
> 025B C0 E0 1076 push acc
> 025D 74s00 1077 mov a,#(__str_0 >> 8)
> 025F C0 E0 1078 push acc
> 0261 74 80 1079 mov a,#0x80
> 0263 C0 E0 1080 push acc
> 0265 12s00r00 1081 lcall _printf
> 0268 E5 81 1082 mov a,sp
> 026A 24 FB 1083 add a,#0xfb
> 026C F5 81 1084 mov sp,a
> 026E D0 04 1085 pop ar4
> 0270 D0 03 1086 pop ar3
> 0272 D0 02 1087 pop ar2
> 1088 ;
> ../../cpu/cc2430/dev/cc2430_rf_intr.c:133: printf("payload addr %p.\n",
> payload);
> 0274 C0 02 1089 push ar2
> 0276 C0 03 1090 push ar3
> 0278 C0 04 1091 push ar4
> 027A C0 02 1092 push ar2
> 027C C0 03 1093 push ar3
> 027E C0 04 1094 push ar4
> 0280 74r13 1095 mov a,#__str_1
> 0282 C0 E0 1096 push acc
> 0284 74s00 1097 mov a,#(__str_1 >> 8)
> 0286 C0 E0 1098 push acc
> 0288 74 80 1099 mov a,#0x80
> 028A C0 E0 1100 push acc
> 028C 12s00r00 1101 lcall _printf
> 028F E5 81 1102 mov a,sp
> 0291 24 FA 1103 add a,#0xfa
> 0293 F5 81 1104 mov sp,a
> 1105 ;
> ../../cpu/cc2430/dev/cc2430_rf_intr.c:134: printf("SP %x.\n", SP);
> 0295 AD 81 1106 mov r5,_SP
> 0297 7E 00 1107 mov r6,#0x00
> 0299 C0 05 1108 push ar5
> 029B C0 06 1109 push ar6
> 029D 74r25 1110 mov a,#__str_2
> 029F C0 E0 1111 push acc
> 02A1 74s00 1112 mov a,#(__str_2 >> 8)
> 02A3 C0 E0 1113 push acc
> 02A5 74 80 1114 mov a,#0x80
> 02A7 C0 E0 1115 push acc
> 02A9 12s00r00 1116 lcall _printf
> 02AC E5 81 1117 mov a,sp
> 02AE 24 FB 1118 add a,#0xfb
> 02B0 F5 81 1119 mov sp,a
> 02B2 D0 04 1120 pop ar4
> 02B4 D0 03 1121 pop ar3
> 02B6 D0 02 1122 pop ar2
> 1123 ;
> ../../cpu/cc2430/dev/cc2430_rf_intr.c:135: return
> cc2430_rf_send_b(payload, payload_len);
> 02B8 E5*00 1124 mov a,_bp
> 02BA 24 FC 1125 add a,#0xfc
> 02BC F8 1126 mov r0,a
> 02BD E6 1127 mov a,@r0
> 02BE C0 E0 1128 push acc
> 02C0 08 1129 inc r0
> 02C1 E6 1130 mov a,@r0
> 02C2 C0 E0 1131 push acc
> 02C4 8A 82 1132 mov dpl,r2
> 02C6 8B 83 1133 mov dph,r3
> 02C8 8C F0 1134 mov b,r4
> 02CA 78r00 1135 mov r0,#_cc2430_rf_send_b
> 02CC 79s00 1136 mov r1,#(_cc2430_rf_send_b
> >> 8)
> 02CE 7As00 1137 mov r2,#(_cc2430_rf_send_b
> >> 16)
> 029B C0 06 1109 push ar6
> 029D 74r25 1110 mov a,#__str_2
> 029F C0 E0 1111 push acc
> 02A1 74s00 1112 mov a,#(__str_2 >> 8)
> 02A3 C0 E0 1113 push acc
> 02A5 74 80 1114 mov a,#0x80
> 02A7 C0 E0 1115 push acc
> 02A9 12s00r00 1116 lcall _printf
> 02AC E5 81 1117 mov a,sp
> 02AE 24 FB 1118 add a,#0xfb
> 02B0 F5 81 1119 mov sp,a
> 02B2 D0 04 1120 pop ar4
> 02B4 D0 03 1121 pop ar3
> 02B6 D0 02 1122 pop ar2
> 1123 ;
> ../../cpu/cc2430/dev/cc2430_rf_intr.c:135: return
> cc2430_rf_send_b(payload, payload_len);
> 02B8 E5*00 1124 mov a,_bp
> 02BA 24 FC 1125 add a,#0xfc
> 02BC F8 1126 mov r0,a
> 02BD E6 1127 mov a,@r0
> 02BE C0 E0 1128 push acc
> 02C0 08 1129 inc r0
> 02C1 E6 1130 mov a,@r0
> 02C2 C0 E0 1131 push acc
> 02C4 8A 82 1132 mov dpl,r2
> 02C6 8B 83 1133 mov dph,r3
> 02C8 8C F0 1134 mov b,r4
> 02CA 78r00 1135 mov r0,#_cc2430_rf_send_b
> 02CC 79s00 1136 mov r1,#(_cc2430_rf_send_b
> >> 8)
> 02CE 7As00 1137 mov r2,#(_cc2430_rf_send_b
> >> 16)
>
> 1115
> ;------------------------------------------------------------
> 1116 ;Allocation info for local variables in
> function 'cc2430_rf_send_b'
> 1117
> ;------------------------------------------------------------
> 1118 ;payload_len Allocated to
> stack - offset -4
> 1119 ;payload Allocated to
> stack - offset 1
> 1120 ;i Allocated to
> registers r5
> 1121 ;counter Allocated to
> registers r2
> 1122
> ;------------------------------------------------------------
> 1123 ;
> ../../cpu/cc2430/dev/cc2430_rf.c:160: cc2430_rf_send_b(void *payload,
> unsigned short payload_len) __banked
> 1124 ;
> -----------------------------------------
> 1125 ; function cc2430_rf_send_b
> 1126 ;
> -----------------------------------------
> 028D 1127 _cc2430_rf_send_b:
> 028D C0*00 1128 push _bp
> 028F 85 81*00 1129 mov _bp,sp
> 0292 C0 82 1130 push dpl
> 0294 C0 83 1131 push dph
> 0296 C0 F0 1132 push b
> 1133 ;
> ../../cpu/cc2430/dev/cc2430_rf.c:167: printf("sending %x
> bytes.\n",payload_len);
> 0298 E5*00 1134 mov a,_bp
> 029A 24 FC 1135 add a,#0xfc
> 029C F8 1136 mov r0,a
> 029D E6 1137 mov a,@r0
> 029E C0 E0 1138 push acc
> 02A0 08 1139 inc r0
> 02A1 E6 1140 mov a,@r0
> 02A2 C0 E0 1141 push acc
> 02A4 74r55 1142 mov a,#__str_2
> 1115
> ;------------------------------------------------------------
> 1116 ;Allocation info for local variables in
> function 'cc2430_rf_send_b'
> 1117
> ;------------------------------------------------------------
> 1118 ;payload_len Allocated to
> stack - offset -4
> 1119 ;payload Allocated to
> stack - offset 1
> 1120 ;i Allocated to
> registers r5
> 1121 ;counter Allocated to
> registers r2
> 1122
> ;------------------------------------------------------------
> 1123 ;
> ../../cpu/cc2430/dev/cc2430_rf.c:160: cc2430_rf_send_b(void *payload,
> unsigned short payload_len) __banked
> 1124 ;
> -----------------------------------------
> 1125 ; function cc2430_rf_send_b
> 1126 ;
> -----------------------------------------
> 028D 1127 _cc2430_rf_send_b:
> 028D C0*00 1128 push _bp
> 028F 85 81*00 1129 mov _bp,sp
> 0292 C0 82 1130 push dpl
> 0294 C0 83 1131 push dph
> 0296 C0 F0 1132 push b
> 1133 ;
> ../../cpu/cc2430/dev/cc2430_rf.c:167: printf("sending %x
> bytes.\n",payload_len);
> 0298 E5*00 1134 mov a,_bp
> 029A 24 FC 1135 add a,#0xfc
> 029C F8 1136 mov r0,a
> 029D E6 1137 mov a,@r0
> 029E C0 E0 1138 push acc
> 02A0 08 1139 inc r0
> 02A1 E6 1140 mov a,@r0
> 02A2 C0 E0 1141 push acc
> 02A4 74r55 1142 mov a,#__str_2
>
>
> Here is crtbank.asm:
>
> __sdcc_banked_call::
> push _PSBANK ;save return bank
> xch a,r0 ;save Acc in r0, do not assume any
> register bank
> push acc ;push LSB address
> mov a,r1
> push acc ;push MSB address
> mov a,r2 ;get new bank
> anl a,#0x0F ;remove storage class indicator
> anl _PSBANK,#0xF0
> orl _PSBANK,a ;select bank
> xch a,r0 ;restore Acc
> ret ;make the call
>
>
>
> Maarten Brock wrote:
> > The output even shows different text from what's in the
> > code. Either one is not copy/pasted here.
> >
> > Is there any chance you're stack is overflowing?
> >
> >
> >
> >> Well then I'm stumped. For some reason the payload_len has changed from
> >> 2d to 9000. Take a look at the program output.
> >>
> >>
> >>
> >> Maarten Brock wrote:
> >>
> >>> Anthony,
> >>>
> >>>
> >>>
> >>>> I didn't need to adapt the __sdcc_banked_call routine, I was able to use
> >>>> the provided example unmodified.
> >>>>
> >>>>
> >>> Ok.
> >>>
> >>>
> >>>
> >>>> rf_send_b is expecting payload_len to be at SP -4 and payload to be at
> >>>> SP -1. rf_send doesn't put payload on the stack at all so rf_send_b
> >>>> doesn't find payload_len in the correct position.
> >>>>
> >>>>
> >>> No, rf_send_b wants payload at SP+1 (plus 1) and it puts it there
> >>> itself at the start of the function when receiving DPL/DPH/B. It
> >>> treats payload as a local variable.
> >>>
> >>>
> >>>
> >>>> Maarten Brock wrote:
> >>>>
> >>>>
> >>>>> Anthony,
> >>>>>
> >>>>> I see no problem with payload being sent through
> >>>>> DPL/DPH/B. It is properly assigned when sending in
> >>>>> cc2430_rf_send() and properly read and put on stack when
> >>>>> receiving in cc2430_rf_send_b(). Are you messing up DPTR
> >>>>> or B or the stack in your adapted __sdcc_banked_call
> >>>>> except the one push of the current bank?
> >>>>>
> >>>>> Btw. Did you know that sdcc can also printf pointers
> >>>>> with %p?
> >>>>>
> >>>>> Maarten
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>> I'm using:
> >>>>>>
> >>>>>> user@instant-contiki:~/contiki-2.x/examples/udp-ipv6$ sdcc -v
> >>>>>> SDCC : mcs51/gbz80/z80/avr/ds390/pic16/pic14/TININative/xa51/ds400/hc08
> >>>>>> 2.9.4 #5556 (Oct 29 2009) (UNIX)
> >>>>>>
> >>>>>>
> >>>>>> compile flags are:
> >>>>>>
> >>>>>> sdcc --codeseg BANK1 --std-c99 --model-large --stack-auto -c
> >>>>>> ../../cpu/cc2430/dev/cc2430_rf.c -o obj-brione/cc2430_rf.o
> >>>>>> sdcc --codeseg HOME --std-c99 --model-large --stack-auto -c
> >>>>>> ../../cpu/cc2430/dev/cc2430_rf_intr.c -o obj-brione/cc2430_rf_intr.o
> >>>>>>
> >>>>>> In the following routines, I see incorrect variable passing on the stack.
> >>>>>>
> >>>>>> int cc2430_rf_send(void *data, unsigned short len);
> >>>>>> int cc2430_rf_send_b (void *data, unsigned short len) __banked;
> >>>>>>
> >>>>>> int
> >>>>>> cc2430_rf_send(void *payload, unsigned short payload_len)
> >>>>>> {
> >>>>>> printf("sending %x bytes.\n",payload_len);
> >>>>>> printf("payload addr %08lx.\n", payload);
> >>>>>> return cc2430_rf_send_b(payload, payload_len);
> >>>>>> }
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> int
> >>>>>> cc2430_rf_send_b(void *payload, unsigned short payload_len) __banked
> >>>>>> {
> >>>>>> uint8_t i, counter;
> >>>>>> printf("sending %x bytes.\n",payload_len);
> >>>>>> printf("payload addr %08lx.\n", payload);
> >>>>>> }
> >>>>>>
> >>>>>> In the assembly for cc2430_rf_send the payload arg is mov'd to dpl,
> >>>>>> dph, b instead of pushed on the stack;
> >>>>>> 996
> >>>>>> ;------------------------------------------------------------
> >>>>>> 997 ;Allocation info for local variables in
> >>>>>> function 'cc2430_rf_send'
> >>>>>> 998
> >>>>>> ;------------------------------------------------------------
> >>>>>> 999 ;payload_len Allocated to
> >>>>>> stack - offset -4
> >>>>>> 1000 ;payload Allocated to
> >>>>>> registers r2 r3 r4
> >>>>>> 1001
> >>>>>> ;------------------------------------------------------------
> >>>>>> 1002 ;
> >>>>>> ../../cpu/cc2430/dev/cc2430_rf_intr.c:123: cc2430_rf_send(void *payload,
> >>>>>> unsigned short payload_len)
> >>>>>> 1003 ;
> >>>>>> -----------------------------------------
> >>>>>> 1004 ; function cc2430_rf_send
> >>>>>> 1005 ;
> >>>>>> -----------------------------------------
> >>>>>> 01E7 1006 _cc2430_rf_send:
> >>>>>>
> >>>>>> <calls to printf deleted>
> >>>>>>
> >>>>>> 0240 D0 04 1054 pop ar4
> >>>>>> 0242 D0 03 1055 pop ar3
> >>>>>> 0244 D0 02 1056 pop ar2
> >>>>>> 1057 ;
> >>>>>> ../../cpu/cc2430/dev/cc2430_rf_intr.c:127: return
> >>>>>> cc2430_rf_send_b(payload, payload_len);
> >>>>>> 0246 E5*00 1058 mov a,_bp
> >>>>>> 0248 24 FC 1059 add a,#0xfc
> >>>>>> 024A F8 1060 mov r0,a
> >>>>>> 024B E6 1061 mov a,@r0
> >>>>>> 024C C0 E0 1062 push acc
> >>>>>> 024E 08 1063 inc r0
> >>>>>> 024F E6 1064 mov a,@r0
> >>>>>> 0250 C0 E0 1065 push acc
> >>>>>> 0252 8A 82 1066 mov dpl,r2
> >>>>>> 0254 8B 83 1067 mov dph,r3
> >>>>>> 0256 8C F0 1068 mov b,r4
> >>>>>> 0258 78r00 1069 mov r0,#_cc2430_rf_send_b
> >>>>>> 025A 79s00 1070 mov r1,#(_cc2430_rf_send_b
> >>>>>> >> 8)
> >>>>>> 025C 7As00 1071 mov r2,#(_cc2430_rf_send_b
> >>>>>> >> 16)
> >>>>>> 025E 12s00r00 1072 lcall __sdcc_banked_call
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> 1087
> >>>>>> ;------------------------------------------------------------
> >>>>>> 1088 ;Allocation info for local variables in
> >>>>>> function 'cc2430_rf_send_b'
> >>>>>> 1089
> >>>>>> ;------------------------------------------------------------
> >>>>>> 1090 ;payload_len Allocated to
> >>>>>> stack - offset -4
> >>>>>> 1091 ;payload Allocated to
> >>>>>> stack - offset 1
> >>>>>> 1092 ;i Allocated to
> >>>>>> registers r5
> >>>>>> 1093 ;counter Allocated to
> >>>>>> registers r2
> >>>>>> 1094
> >>>>>> ;------------------------------------------------------------
> >>>>>> 1095 ;
> >>>>>> ../../cpu/cc2430/dev/cc2430_rf.c:158: cc2430_rf_send_b(void *payload,
> >>>>>> unsigned short payload_len) __banked
> >>>>>> 1096 ;
> >>>>>> -----------------------------------------
> >>>>>> 1097 ; function cc2430_rf_send_b
> >>>>>> 1098 ;
> >>>>>> -----------------------------------------
> >>>>>> 0254 1099 _cc2430_rf_send_b:
> >>>>>> 0254 C0*00 1100 push _bp
> >>>>>> 0256 85 81*00 1101 mov _bp,sp
> >>>>>> 0259 C0 82 1102 push dpl
> >>>>>> 025B C0 83 1103 push dph
> >>>>>> 025D C0 F0 1104 push b
> >>>>>> 1105 ;
> >>>>>> ../../cpu/cc2430/dev/cc2430_rf.c:161: printf("sending %x
> >>>>>> bytes.\n",payload_len);
> >>>>>> 025F E5*00 1106 mov a,_bp
> >>>>>> 0261 24 FC 1107 add a,#0xfc
> >>>>>> 0263 F8 1108 mov r0,a
> >>>>>> 0264 E6 1109 mov a,@r0
> >>>>>> 0265 C0 E0 1110 push acc
> >>>>>> 0267 08 1111 inc r0
> >>>>>> 0268 E6 1112 mov a,@r0
> >>>>>> 0269 C0 E0 1113 push acc
> >>>>>> 026B 74r0A 1114 mov a,#__str_0
> >>>>>>
> >>>>>>
> >>>>>> Program output is
> >>>>>> sending 2d bytes.
> >>>>>> payload_len addr 40006b00.
> >>>>>> sending 9000 bytes.
> >>>>>> payload addr 00e09100.
> >>>>>>
> >>>>>>
> >>>>>>
> >>> ------------------------------------------------------------------------------
> >>> This SF.Net email is sponsored by the Verizon Developer Community
> >>> Take advantage of Verizon's best-in-class app development support
> >>> A streamlined, 14 day to market process makes app distribution fast and easy
> >>> Join now and get one step closer to millions of Verizon customers
> >>> http://p.sf.net/sfu/verizon-dev2dev
> >>> _______________________________________________
> >>> Sdcc-user mailing list
> >>> Sdc...@li...
> >>> https://lists.sourceforge.net/lists/listinfo/sdcc-user
> >>>
> >>>
> >>
> >
> >
> >
> > ------------------------------------------------------------------------------
> > This SF.Net email is sponsored by the Verizon Developer Community
> > Take advantage of Verizon's best-in-class app development support
> > A streamlined, 14 day to market process makes app distribution fast and easy
> > Join now and get one step closer to millions of Verizon customers
> > http://p.sf.net/sfu/verizon-dev2dev
> > _______________________________________________
> > Sdcc-user mailing list
> > Sdc...@li...
> > https://lists.sourceforge.net/lists/listinfo/sdcc-user
> >
>
>
|