Banjo-Tooie crash #170
Comments
|
I managed to reproduce it on arm64 but x86 does not have the issue, I'll investigate ;-) |
|
I'm in vacation for 3 weeks so I won't be very active |
|
OK, thanks! |
|
@fzurita I can't reproduce it anymore on arm64! |
|
That's a good point, I didn't try any other plugins, but the crash seems to be at the core. I'll check again. |
|
I just tried Angrylion and Glide64. Both crashed in the 32bit dynarec. |
|
Maybe you fixed it by accident? |
|
I didn't changed anything in the core that's weird |
|
I can try building your latest 64bit core and check if I get a crash there. It will have to wait until later tonight though. |
|
Could you test with latest GLiden64 version just to be sure |
|
And with interpreter ;-) |
|
Sure |
|
Interpreter doesn't crash with latest GLideN64 |
|
But new dynarec does? |
|
Yes |
|
Ok I guess I'll have to do the test on arm32 to be in the same conditions. Time to resurrect my RPi2! |
|
Ok now this is weird I built the latest version of mupen64plus-ae tested with both GlideN64 and Glide64 and it's not crashing |
|
It would be great if you can get me a savestate with the egg already thrown and crashing everytime you do a loadstate. |
|
Really, you can't reproduce it with the above steps and save state? |
|
I'll do that real quick. |
|
Here it is Load that save state and it should crash almost immediately. |
|
Ok I see what's happening here, you'll have to do the loadstate real quick after the core startup or it won't crash. I usually wait until the first logo screen and it's not crashing in this situation. This is because the block causing the assertion error is already recompiled as part of another block. |
|
Ok the crash happens because we are compiling junk! Speculative precompilation is disabled very early for this game (stop_after_jal=1) but if you do a loadstate before it has been detected, when recompiling block address 0x8037ecd0 the dynarec will try to recompile the code located after a JAL instruction which in this case is junk. |
|
Oh, nice. Is there any way to make that flag part of the save state? |
|
Whoops, fat finger in mobile. |
|
If we were to check all non-implemented instructions by checking to make sure it's one of the implemented ones, wouldn't that make that if statement very long? Is there a better way of doing that? |
|
|
Oh, gotcha. Sounds like that's an easy fix. The bigger question is if it's the right fix. |
|
It's unlikely to brake anything else, the real question is will this fix have an impact on performance. Maybe |
|
Ok I think you can provide a build to mupen64plus-ae testers with |
|
Ok |
|
That change fixes this issue? Edit: Missed your previous comment, yes it would. |
|
I tested that I don't really see any performance difference at all. I'll give the update to willing/unwilling testers and see what they think. So little time is spent in the core compared to the graphics that I doubt it will make much difference. |
|
Retroben tried it in his usual performance tests. He didn't see a difference in performance either. He did mention that this cheat code on DK64 freezes the name though. And that PJ64 works with it in interpreter mode. |
|
Hullo! ✋ |
|
Well actually I was talking about cheat codes that work with mupen's interpreter and don't work with new dynarec! |
Ok let's set stop_after_jal to 1 by default. I think this should be done with a core config parameter. |
|
I need to test Groggy again via GLideN64 to see if he crashes without legacy blending enabled. |
|
Ok, there is a problem with this. With |
|
For some reason @Ari64 also stops speculative precompilation after a SYSCALL. The problem is when a JAL is located just behind the SYSCALL you get a branch at end of block with no delay slot. Since SYSCALL doesn't have a delay slot I think we can safely end the block after the SYSCALL. |
|
Ok. I'm glad you are really good at finding these issues. |
|
Well actually issues triggering asserts are the easy ones. This one #174 is going to be harder ;-) |
|
Oh, yeah, that will be tough I'm sure. |
|
Oops,forgot to say it happily still doesn't crash on Groggy anymore using GLideN64 with non-legacy blending,maybe make that change only affect certain games,one being Banjo-Tooie obviously. Slightly off topic but,too bad performance is still sucky though,even at 640x480 at the most optimal and sacrificial settings on Conker,but at least the Buga's Knuts pixelated defeat scene is still smooth. |
|
With fragment shaders, the driver makes the decision about how many copies to use. Usually it will use as many as it can. With CUDA/OpenCL you have fine grained control about how many to use. |
|
This should be fixed with the pull request that I just merged from Gillou68310. fzurita, can you build the latest and test? |
|
Yes, I will test this tomorrow. |
|
It's fixed. |
mupen64plus/mupen64plus-core@5fa30ab * 5fa30ab Merge pull request #182 from Gillou68310/new_dynarec_fix |\ | * bbf2d25 new_dynarec: Dynamically allocate memory when copying original MIPS source code of a recompiled block. Previously this was done using a 2MB circular buffer. From my testing the new design usually use ~1MB Memory is freed when all dirty entry points of a recompiled block have been removed from the dirty list. The number of dirty entry points is stored in an additional word at the end of the dynamically allocated buffer and decremented every time a dirty entry point is removed from the dirty list. | * 987c21c new_dynarec: dynamic_linker/_ds and get_addr/_32 now always return clean addresses When jumping to a dirty address verify_code* is called in order to make sure the block is still valid. Or when selecting an address from the dirty list, we already now that the address is still valid because verify_dirty returns true. | * 540a1b8 new_dynarec: End block after SYSCALL when speculative precompilation disabled. SYSCALL doesn't have a delay slot, no need to have another instruction at the end of the block. | * dec5b7a new_dynarec: Disable speculative precompilation by default This fixes issue mupen64plus/mupen64plus-core#170 | * 447ee55 new_dynarec: Saturate left shift amount, in the range 0 to 63 | * ba06688 new_dynarec: Discard divide by zero MIPS does not have a divide by zero exception. This fixes issue mupen64plus/mupen64plus-core#179 | * fb023df new_dynarec: Fixed invalidate_block get_bounds returns physical address not virtual address | * 811a1da new_dynarec: Fixed trap writes to compiled pages * | 0d30e1b Merge pull request #180 from charlemagnelasse/master |\ \ | |/ |/| | * b0e1301 Remove unused Travis CI define __extern_always_inline | * 3666f1f Use Ubuntu Trusty as base system for Travis CI |/ * 2cffe8c Merge pull request #168 from TheFlagCourier/master |\ | * bff82e8 Update README | * f4bced5 Create README.md to replace README.txt |/ * 725ba74 Merge branch 'master' of https://github.com/mupen64plus/mupen64plus-core |\ | * e9e7772 change VS2013 project files to build with the XP-compatible vc120 toolset, so the resulting binaries will run on pre-vista machines * | 986c228 bugfix: if the video plugin requests a Core opengl context, then the SDL2 wrapper (used on systems building against SDL2) should not force a compatibility context right before creating the context |/
@Gillou68310
I'm seeing this crash reported on the ARM version of the new dynarec:
"oops, branch at end of block with no delay slot"
I'm seeing this happen in Banjo-Tooie. Here is a save state:
Banjo-Tooie-crash.zip
Face the big digging machine and throw an egg at it by holding Z and C-UP
This is happening in new_dynarec.c at line 8553.
The text was updated successfully, but these errors were encountered: