ScummVM logo Forum Index - ScummVM website - Contact us - Buy Supported Games: GOG.com Rules - Search - Register - Login curved edge
Folder Forum Index > Other Ports > Segfault on Blackberry Passport when using SCUMM engine
Segfault on Blackberry Passport when using SCUMM engine
  Author    Thread Reply to topic
ToddWalter



Joined: 02 Jan 2015
Posts: 3
Segfault on Blackberry Passport when using SCUMM engine 

I've been noodling around with the NDK and git 1.8.0git-1755-gd8af639. After a fair amount of unexpected learning experiences I have a somewhat-functional binary. In a fine example of irony, I can run an SCI32 game (GK1) flawlessly but any SCUMM game segfaults. GDB output looks odd compared to what I had been seeing up until this point.

code:

GNU gdb (GDB) 7.5 qnx (rev. 863)
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=i686-pc-linux-gnu --target=arm-unknown-nto-qnx8.0.0"...
Reading symbols from /home/luke/git/scummvm/scummvm...done.
[New pid 284205303 tid 1]

warning: Shared object "/home/luke/bbndk/target_10_3_0_698/qnx6/armle-v7/lib/libTouchControlOverlay.so.1" could not be validated and will be ignored.

warning: Shared object "/home/luke/bbndk/target_10_3_0_698/qnx6/armle-v7/lib/libc.so.3" could not be validated and will be ignored.

warning: Could not load shared library symbols for 10 libraries, e.g. /apps/com.example.ScummVM.testDev_ple_ScummVMd1373eeb/native/lib/libTouchControlOverlay.so.1.
Use the "info sharedlibrary" command to see the complete listing.
Do you need "set solib-search-path" or "set sysroot"?
Program terminated with signal 11, Segmentation fault.
#0  0x112854e8 in Scumm::ImuseChannel::getParameters (this=0xc8, stereo=@0x0: <error reading variable>,
    is_16bit=@0x28: <error reading variable>, vol=@0xcccccc: <error reading variable>, pan=@0x0: <error reading variable>)
    at ./engines/scumm/smush/channel.h:121
121         pan = _pan;
(gdb) set solib-search-path ../bbscumm/lib
Reading symbols from /home/luke/git/bbscumm/lib/libTouchControlOverlay.so.1...(no debugging symbols found)...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libTouchControlOverlay.so.1
Reading symbols from /home/luke/git/bbscumm/lib/libSDL-1.2.so.11...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libSDL-1.2.so.11
Reading symbols from /home/luke/git/bbscumm/lib/libogg.so.8...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libogg.so.8
Reading symbols from /home/luke/git/bbscumm/lib/libvorbis.so.4...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libvorbis.so.4
Reading symbols from /home/luke/git/bbscumm/lib/libpng16.so.0...(no debugging symbols found)...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libpng16.so.0
warning: Shared object "/home/luke/bbndk/target_10_3_0_698/qnx6/armle-v7/usr/lib/ldqnx.so.2" could not be validated and will be ignored.
Reading symbols from /home/luke/git/bbscumm/lib/libvorbisfile.so.6...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libvorbisfile.so.6
Reading symbols from /home/luke/git/bbscumm/lib/libFLAC.so.8...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libFLAC.so.8
Reading symbols from /home/luke/git/bbscumm/lib/libmad.so.0...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libmad.so.0
Reading symbols from /home/luke/git/bbscumm/lib/libtheoradec.so.2...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libtheoradec.so.2
Reading symbols from /home/luke/git/bbscumm/lib/libmpeg2.so.0...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libmpeg2.so.0
Reading symbols from /home/luke/git/bbscumm/lib/libxml2.so.1...(no debugging symbols found)...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libxml2.so.1
Reading symbols from /home/luke/git/bbscumm/lib/libpng14.so.0...(no debugging symbols found)...done.
Loaded symbols for /home/luke/git/bbscumm/lib/libpng14.so.0
(gdb) bt
#0  0x112854e8 in Scumm::ImuseChannel::getParameters (this=0xc8, stereo=@0x0: <error reading variable>,
    is_16bit=@0x28: <error reading variable>, vol=@0xcccccc: <error reading variable>, pan=@0x0: <error reading variable>)
    at ./engines/scumm/smush/channel.h:121
#1  0x111e3554 in Scumm::Gdi::drawBitmap (this=<error reading variable: Cannot access memory at address 0x24>,
    ptr=<error reading variable: Cannot access memory at address 0x20>,
    vs=<error reading variable: Cannot access memory at address 0x1c>,
    x=<error reading variable: Cannot access memory at address 0x18>,
    y=<error reading variable: Cannot access memory at address 0x14>,
    width=<error reading variable: Cannot access memory at address 0x10>,
    height=<error reading variable: Cannot access memory at address 0xc>,
    stripnr=<error reading variable: Cannot access memory at address 0x8>,
    numstrip=<error reading variable: Cannot access memory at address 0x4>,
    flag=<error reading variable: Cannot access memory at address 0x3>) at engines/scumm/gfx.cpp:1839
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) disass
Dump of assembler code for function Scumm::ImuseChannel::getParameters(bool&, bool&, int&, int&):
   0x112854ac <+0>:   push   {r7}
   0x112854ae <+2>:   sub   sp, #20
   0x112854b0 <+4>:   add   r7, sp, #0
   0x112854b2 <+6>:   str   r0, [r7, #12]
   0x112854b4 <+8>:   str   r1, [r7, #8]
   0x112854b6 <+10>:   str   r2, [r7, #4]
   0x112854b8 <+12>:   str   r3, [r7, #0]
   0x112854ba <+14>:   ldr   r3, [r7, #12]
   0x112854bc <+16>:   ldr   r3, [r3, #52]   ; 0x34
   0x112854be <+18>:   cmp   r3, #2
   0x112854c0 <+20>:   ite   ne
   0x112854c2 <+22>:   movne   r3, #0
   0x112854c4 <+24>:   moveq   r3, #1
   0x112854c6 <+26>:   uxtb   r2, r3
   0x112854c8 <+28>:   ldr   r3, [r7, #8]
   0x112854ca <+30>:   strb   r2, [r3, #0]
   0x112854cc <+32>:   ldr   r3, [r7, #12]
   0x112854ce <+34>:   ldr   r3, [r3, #44]   ; 0x2c
   0x112854d0 <+36>:   cmp   r3, #8
   0x112854d2 <+38>:   ite   le
   0x112854d4 <+40>:   movle   r3, #0
   0x112854d6 <+42>:   movgt   r3, #1
   0x112854d8 <+44>:   uxtb   r2, r3
   0x112854da <+46>:   ldr   r3, [r7, #4]
   0x112854dc <+48>:   strb   r2, [r3, #0]
   0x112854de <+50>:   ldr   r3, [r7, #12]
   0x112854e0 <+52>:   ldr   r2, [r3, #32]
   0x112854e2 <+54>:   ldr   r3, [r7, #0]
   0x112854e4 <+56>:   str   r2, [r3, #0]
   0x112854e6 <+58>:   ldr   r3, [r7, #12]
=> 0x112854e8 <+60>:   ldr   r2, [r3, #36]   ; 0x24
   0x112854ea <+62>:   ldr   r3, [r7, #24]
   0x112854ec <+64>:   str   r2, [r3, #0]
   0x112854ee <+66>:   mov.w   r3, #1
   0x112854f2 <+70>:   mov   r0, r3
   0x112854f4 <+72>:   add.w   r7, r7, #20
   0x112854f8 <+76>:   mov   sp, r7
   0x112854fa <+78>:   pop   {r7}
   0x112854fc <+80>:   bx   lr
End of assembler dump.
(gdb)




Does the SMUSH code pick up any ARM assembly somewhere? Alternatively, I had to alter gfxARM.s slightly to get past a SIGILL so it's possible I'm screwing up the stack prior to this call.

Any ideas, notes from previous porting efforts, etc. appreciated.

Cheers,

Todd
 Reply with quote  
Post Tue Jan 06, 2015 3:22 am 
 View user's profile Send private message
digitall
ScummVM Developer


Joined: 02 Aug 2012
Posts: 828
 

ToddWalter: It is nice to get someone actually doing some good debugging...

The only assembly files present in the tree (outside of the platform specific backend code in backends/platform are:
https://github.com/scummvm/scummvm/blob/master/audio/rate_arm_asm.s : This is the ARM assembly optimised version of the audio rate conversion code.

and two similar files in the SCUMM engine:
https://github.com/scummvm/scummvm/blob/master/engines/scumm/gfxARM.s
https://github.com/scummvm/scummvm/blob/master/engines/scumm/proc3ARM.s

You should be able to modify the makefiles to use the normal (but slower) C versions of these modules and see if that removes the segfault / stack frame corruption.

There have been cases before where the ARM assembly have got out of sync with the associated C code, so this might be a similar issue.

 Reply with quote  
Post Tue Jan 06, 2015 11:29 pm 
 View user's profile Send private message
ToddWalter



Joined: 02 Jan 2015
Posts: 3
 

Yeah, I was being greedy trying to get it working with the ASM intact. I just hate giving up on a problem. I'll have to re-read Tonc's guide to ARM assembly again and try and suss out what I did wrong. Do you know if I alter a register that has a constant do I have to alter the offset constant to match the changed position? If so, I know what I screwed up! Embarassed

 Reply with quote  
Post Tue Jan 06, 2015 11:45 pm 
 View user's profile Send private message
ToddWalter



Joined: 02 Jan 2015
Posts: 3
 

Well, that works. Sound is a bit stuttery, but I expect that is due to the flash drive's access speed. Unfortunately, calling up the BBOS settings menu crashes the GUI. Oddly enough, the sound from the intro kept going so I had to reboot my BB to stop it. Now I need to figure out how to get the virtual keyboard to appear when summoned. For whatever reason RIM decided to leave off the symbol key and numbers so it's still a necessity.

 Reply with quote  
Post Wed Jan 07, 2015 12:24 am 
 View user's profile Send private message
  Display posts from previous:      
Reply to topic

Forum Jump:
 



Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

 

Powered by phpBB © 2001, 2006 phpBB Group
Forum design by ScummVM team, icons by raina
curved edge   curved edge