Compiler/MSP430F6779A: Possible 'C' Function call Stack Overflow and Compiler Implementation for sprintf and scanf and possible usage of _CIOBUF_ Linker Output Section

Hi, Kip,

I will check and feedback to you later. 

Thanks, 

Lixin 

I turn this post to c/c++ compiler team to help. 

Thanks,

Lixin 

Among the details of the implementation of the C I/O (C input and output) functions is a buffer named _CIOBUF_.  It is in a section named .cio.  All of this is intentionally not documented to end users, except that the .cio section must be allocated to read/write memory.  Other than that, there is no reason to worry with these implementation details.

Kip Leitner said:

The application does use sprintf and scanf heavily

Do you mean sscanf instead of scanf?  sprintf and sscanf do not use _CIOBUF_, but scanf does.  For now, I presume you use sscanf and not scanf.  

That being the case, I do not understand why your code needs _CIOBUF_.  Some other C I/O function must get called.  Here is one way to find that function.

Install the cg_xml package.  Use the utility call_graph from it.  A typical invocation looks like ...

C:\work>ofd430 -g -x executable_file.out | cg_xml_install_dir\bin\call_graph -i cg_xml_install_dir\ofd\ti_rts_indirect.txt -i cg_xml_install_dir\ofd\msp430_rts_indirect.txt > graph.txt

(All the details of that command are explained later.)

Search the text file graph.txt for a call to the function __TI_readmsg.  Then look up through the call graph until you see the name of an RTS function you recognize.  For instance, here is what it looks like when scanf (not sscanf) is called ...

|  |  scanf : wcs = 570
|  |  |  __TI_scanfi : wcs = 562
|  |  |  |  _sget_conv : wcs = 20
|  |  |  |  |  atoi : wcs = 6
|  |  |  |  |  |  __mspabi_mpyi : wcs = 2
|  |  |  |  |  strlen : wcs = 2
|  |  |  |  _sproc_float : wcs = 70
|  |  |  |  |  $abproc0 : wcs = 0
|  |  |  |  |  _inpchar : wcs = 40
|  |  |  |  |  |  fgetc : wcs = 38
|  |  |  |  |  |  |  __TI_buff_read : wcs = 26
|  |  |  |  |  |  |  |  __TI_doflush : wcs = 16
|  |  |  |  |  |  |  |  |  write : wcs = 12
|  |  |  |  |  |  |  |  |  |  HOSTwrite : wcs = 10
|  |  |  |  |  |  |  |  |  |  |  __TI_readmsg : wcs = 2
|  |  |  |  |  |  |  |  |  |  |  __TI_writemsg : wcs = 2

Several layers are used to implement a function like scanf.  The functions __TI_readmsg and __TI_writemsg are the only ones that use _CIOBUF_.  

Once you know which RTS function is being called, search your source for it.

Here are the details of the invocation of call_graph ... The command ofd430 is part of the MSP430 compiler installation.  The name cg_xml_install_dir refers to where the cg_xml package is installed.  Change executable_file.out to the name of the final executable file produced by the linker.  The C I/O functions make a few indirect function calls, which present a problem for connecting the call graph.  That problem is overcome by supplying extra information about those indirect function calls with the -i file options.  Those files list out, for RTS functions which make indirect calls, all the functions that might be called.  The call graph makes the worst case presumption that all of them get called.  The command ofd430 is documented in the MSP430 assembly tools manual.  To see the documentation for the cg_xml package, load the file cg_xml_install_dir/index.htm into a web browser.  Click the link for call_graph.

Kip Leitner said:

trying to determine if stack grows from _stack to __STACK_END_ or the reverse.

The reverse.  The stack grows from higher addresses to lower addresses.  In terms of symbols, from __STACK_END to _stack.  

Thanks and regards,

-George