mirror of
https://github.com/hrydgard/ppsspp.git
synced 2026-04-24 21:56:10 +03:00
[GH-ISSUE #5046] Segmentation fault in Valkyria Chronicles 2 #2117
Labels
No labels
Atrac3+
Audio
CPU emulation
D3D11
D3D9 (removed)
Depth / Z
Feature Request
Font Atlas
GE emulation
Guardband / Range Culling
HLE/Kernel
I/O
Input/Controller
MP3
Multithreading
Needs hardware testing
Networking/adhoc/infrastructure
No Feedback / Outdated?
OpenGL
PGF / sceFont
PSMF / MPEG
Platform-specific (Android)
Platform-specific (Windows)
Platform-specific (iOS)
PowerVR GPU
SDL2
Saving issue
User Interface
Vulkan
arm64jit
armjit
armv6
x86jit
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/ppsspp#2117
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @i30817 on GitHub (Jan 7, 2014).
Original GitHub issue: https://github.com/hrydgard/ppsspp/issues/5046
I used gdb:
GNU gdb (GDB) 7.5.91.20130417-cvs-ubuntu
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
http://www.gnu.org/software/gdb/bugs/...
Reading symbols from /home/i30817/Documents/Netbeans_projects/ppsspp/PPSSPPSDL...done.
(gdb) continue
The program is not being run.
(gdb) run
Starting program: /home/i30817/Documents/Netbeans_projects/ppsspp/PPSSPPSDL
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffec762700 (LWP 28753)]
[Thread 0x7fffec762700 (LWP 28753) exited]
[New Thread 0x7fffec762700 (LWP 28754)]
OpenGL 2.0 or higher.
D: /home/i30817/Documents/Netbeans_projects/ppsspp/native/file/zip_read.cpp:302: D: Registered VFS for prefix : /home/i30817/Documents/Netbeans_projects/ppsspp/assets/
D: /home/i30817/Documents/Netbeans_projects/ppsspp/native/file/zip_read.cpp:302: D: Registered VFS for prefix : /home/i30817/Documents/Netbeans_projects/ppsspp/
D: /home/i30817/Documents/Netbeans_projects/ppsspp/native/file/zip_read.cpp:302: D: Registered VFS for prefix : /home/i30817/
[New Thread 0x7fffed53c700 (LWP 28755)]
Pixels: 960 x 544
Virtual pixels: 960 x 544
I: /home/i30817/Documents/Netbeans_projects/ppsspp/native/gfx_es2/gl_state.cpp:127: I: GPU Vendor : X.Org ; GL version str: 3.0 Mesa 9.1.7
I: /home/i30817/Documents/Netbeans_projects/ppsspp/native/gfx/texture.cpp:283: I: ZIM loaded: 1 levels
I: /home/i30817/Documents/Netbeans_projects/ppsspp/native/gfx/texture.cpp:314: I: Gen-binding texture
[New Thread 0x7fffebf61700 (LWP 28756)]
[New Thread 0x7fffeb760700 (LWP 28757)]
[New Thread 0x7fffe885f700 (LWP 28758)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffeb760700 (LWP 28757)]
0x0000000040259197 in ?? ()
(gdb) backtrace
#0 0x0000000040259197 in ?? ()
#1 0x0000000000001000 in ?? ()
#2 0x0000000000001000 in ?? ()
#3 0x00007ffff7bce740 in ?? ()
from /lib/x86_64-linux-gnu/libpthread.so.0
#4 0x00007ffff7ffd060 in ?? () from /lib64/ld-linux-x86-64.so.2
#5 0x0000000000000001 in ?? ()
#6 0x00007fffeb75fc90 in ?? ()
#7 0x0000000001f63370 in ?? ()
#8 0x00000000008092a3 in MIPSComp::Jit::RunLoopUntil(unsigned long long) ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
I tried the voodoo in this stackoverflow link first answer: http://stackoverflow.com/questions/9809810/gdb-corrupted-stack-frame-how-to-debug
(gdb) set $pc = (void *)$rsp
(gdb) set $rsp = $rsp + 8
(gdb) backtrace
#0 0x0000000000001000 in ?? ()
#1 0x0000000000001000 in ?? ()
#2 0x00007ffff7bce740 in ?? ()
from /lib/x86_64-linux-gnu/libpthread.so.0
#3 0x00007ffff7ffd060 in ?? () from /lib64/ld-linux-x86-64.so.2
#4 0x0000000000000001 in ?? ()
#5 0x00007fffeb75fc90 in ?? ()
#6 0x0000000001f63370 in ?? ()
#7 0x00000000008092a3 in MIPSComp::Jit::RunLoopUntil(unsigned long long) ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
But as you can see it didn't work. Maybe i will try valgrind too.
@i30817 commented on GitHub (Jan 7, 2014):
This is fairly repeatable on my end, but not so much that a savestate would guarantee crashing for you. Any suggestions for debugging and giving you info?
The function called is:
void Jit::RunLoopUntil(u64 globalticks)
{
((void (*)())asm_.enterCode)();
}
Which is pretty unhelpful i feel.
@unknownbrackets commented on GitHub (Jan 7, 2014):
This is a segfault in jit somewhere. A savestate before it could be helpful, savedata would be a lot better.
Seeing the assembly around the crash might help but I'm sure it's just a memory access so probably not much...
I also recommend trying:
-[Unknown]
@i30817 commented on GitHub (Jan 7, 2014):
Unfortunately, VC2 doesn't have a in-mission save.
By save state wrangling i managed to create one which will segfault within a second. i'm worried that it is already corrupted in the savestate and not a stateless bug, but the animations still play for a bit.
Fast memory disabling does indeed 'stop' it crashing. The log says:
20:53:133 Odin_Main W[SCEGE]: GLES/Framebuffer.cpp:805 FBO reusing depthbuffer, 00090000/00088000 and 00044000/00088000
20:53:133 Odin_Main W[SCEGE]: GLES/Framebuffer.cpp:799 FBO using existing buffer as depthbuffer, 00090000/00088000 and 00088000/00088000
20:53:133 Odin_Main I[SCEGE]: GLES/Framebuffer.cpp:785 Creating FBO for 001e6000 : 128 x 64 x 3
20:53:133 Odin_Main W[SCEGE]: GLES/Framebuffer.cpp:805 FBO reusing depthbuffer, 001e6000/00088000 and 00044000/00088000
20:53:133 Odin_Main W[SCEGE]: GLES/Framebuffer.cpp:799 FBO using existing buffer as depthbuffer, 001e6000/00088000 and 00088000/00088000
20:53:396 Odin_Main I[SCEGE]: GLES/Framebuffer.cpp:785 Creating FBO for 00000000 : 480 x 272 x 1
20:54:295 Odin_Main W[MM]: Core/MemMapFunctions.cpp:94 ReadFromHardware: Invalid address 24dd97ac
[the last warning continues forever when loading the savestate at slightly different adresses]
the savestate (just wait for the hang) https://drive.google.com/file/d/0BzxkBmaf1EiWcURrN2NCU1RDZE0/edit?usp=sharing
@i30817 commented on GitHub (Jan 7, 2014):
Eh, in wine 32 bits trying to load that gives me 'Error: After "MetaFileSystem", found 1701996868 (0x65726944) instead of save marker 66 (0x42). Aborting savestate load...'
Seems like savestates are not very compatible between platforms (wine 64 bits didn't even start ppsspp).
@unknownbrackets commented on GitHub (Jan 8, 2014):
Hmm. They used to be, must be a recent bug, darn...
-[Unknown]
@unknownbrackets commented on GitHub (Jan 8, 2014):
Hmm, unfortunately I don't have the Europe version to test the savestate...
For the savestate thing, are you sure that they are both exactly the same version of PPSSPP? Savestates are not backwards compatible.
-[Unknown]
@i30817 commented on GitHub (Jan 8, 2014):
No. I just used the last stable version at first. But later i tried git, it went down in flames too in wine 32 bits version (with a different error). Though maybe, that was just the segmentation fault manifesting. 64 bits kept not working on wine64
@unknownbrackets commented on GitHub (Feb 15, 2014):
Has this improved at all in the latest build? We've fixed some things this could be caused by for sure.
Also, I think I fixed some cross platform issues with savestates.
-[Unknown]
@i30817 commented on GitHub (Feb 16, 2014):
Nope. Last few lines of all debug log:
17:15:719 idle0 I[FileSys]: FileSystems/DirectoryFileSystem.cpp:814 Got VFS file info: size = 883164
17:15:719 idle0 I[FONT]: HLE/sceFont.cpp:526 Loading font flash0:/font/kr0.pgf (883164 bytes)
17:15:720 idle0 I[FileSys]: FileSystems/DirectoryFileSystem.cpp:806 Getting VFS file info flash0/font/kr0.pgf (/font/kr0.pgf)
17:15:720 idle0 I[FileSys]: FileSystems/DirectoryFileSystem.cpp:814 Got VFS file info: size = 883164
17:15:720 idle0 I[FileSys]: FileSystems/DirectoryFileSystem.cpp:843 VFSFileSystem::ReadFile 0000001d 0x417d420 883164
17:15:721 idle0 I[FONT]: Font/PGF.cpp:180 Reading 392 bytes of PGF header
17:15:730 idle0 I[COMMON]: Common/ChunkFile.h:607 ChunkReader: Done loading /home/i30817/.config/ppsspp/PSP/PPSSPP_STATE/ULES01417_1.00_1.ppst
17:15:736 CRI ADX Audi E[ME]: HLE/sceAtrac.cpp:621 WARNING: Remaining data in packet - we currently only decode one frame/packet
17:15:751 idle0 I[SCEGE]: GLES/Framebuffer.cpp:811 Creating FBO for 00044000 : 480 x 272 x 1
17:15:853 idle0 I[SCEGE]: GLES/Framebuffer.cpp:811 Creating FBO for 00088000 : 128 x 64 x 3
17:15:853 idle0 I[SCEGE]: GLES/Framebuffer.cpp:811 Creating FBO for 00090000 : 128 x 64 x 3
17:15:853 idle0 W[SCEGE]: GLES/Framebuffer.cpp:831 FBO reusing depthbuffer, 00090000/00088000 and 00044000/00088000
17:15:853 idle0 W[SCEGE]: GLES/Framebuffer.cpp:825 FBO using existing buffer as depthbuffer, 00090000/00088000 and 00088000/00088000
17:15:859 idle0 I[SCEGE]: GLES/Framebuffer.cpp:811 Creating FBO for 001e6000 : 128 x 64 x 3
17:15:859 idle0 W[SCEGE]: GLES/Framebuffer.cpp:831 FBO reusing depthbuffer, 001e6000/00088000 and 00044000/00088000
17:15:859 idle0 W[SCEGE]: GLES/Framebuffer.cpp:825 FBO using existing buffer as depthbuffer, 001e6000/00088000 and 00088000/00088000
17:16:117 idle0 I[SCEGE]: GLES/Framebuffer.cpp:811 Creating FBO for 00000000 : 480 x 272 x 1
Segmentation fault (core dumped)
Only one error as you can see. Haven't tried wine. As usual, disabling fast memory fixes this.
@unknownbrackets commented on GitHub (Feb 16, 2014):
Oh, okay. If you have fast memory disabled, it should log something like "invalid getpointer" or "invalid address". Seeing that part of the log would help.
Also, if you could savestate again with the latest version and upload that, I can try and see if it works in Windows now.
-[Unknown]
@i30817 commented on GitHub (Feb 16, 2014):
https://gist.github.com/i30817/9032649
It starts with that
CRI ADX Audi E[ME]: HLE/sceAtrac.cpp:621
for reference.
I will upload a new savestate to google drive soon.
@i30817 commented on GitHub (Feb 16, 2014):
Here: https://drive.google.com/file/d/0BzxkBmaf1EiWS3loX21BZlZtam8/edit?usp=sharing
@unknownbrackets commented on GitHub (Feb 16, 2014):
Just to be sure, if you set "PSPModel" to "PSP-1000" and make sure that hacks (such as the timer hack, locked cpu speed, and Read Framebuffers to Memory) are all disabled, this still happens, right?
-[Unknown]
@i30817 commented on GitHub (Feb 16, 2014):
Yeah. I tried software mode too.
@unknownbrackets commented on GitHub (Jan 19, 2015):
Does this still happen? If you disable fast memory, and disable "ignore illegal memory reads" (not sure the name of the setting currently, it's under Debug on Windows), does the log show anything interesting, or does it still hard crash?
If it does still hard crash, can you get a gdb trace with symbols at all?
-[Unknown]
@i30817 commented on GitHub (Jan 20, 2015):
The setting is
IgnoreBadMemAccess = False
on the config file ? (i'm not on windows)
@unknownbrackets commented on GitHub (Jan 20, 2015):
Correct. What that will do is make the emulation halt when a bad memory access occurs (fast mem must be off.) The PSP would crash in this situation so it's technically more correct.
Then the log will end with information about the bad access.
-[Unknown]
@i30817 commented on GitHub (Jan 20, 2015):
With those settings PPSSPP doesn't crash but still blackscreens and the game is stuck. The debug log doesn't show anything interesting i think:
With fast memory off and IgnoreBadMemAccess=True again
It doesn't crash in game, but... if you press ESC to the PPSSPP sdl menu and click Exit to menu it segfaults (with no different log).
With fast memory on and IgnoreBadMemAccess=True it cores dump right away as usual.
Git master as ususal
@i30817 commented on GitHub (Jan 20, 2015):
Some progress? The shutdown segfault from the 'Exit to menu' gave this backtrace in gdb
@unknownbrackets commented on GitHub (Jan 20, 2015):
Hmm. Maybe font related then? Pretty sure this game does use sceFont.
Does this happen even with official PSP fonts? Maybe we can try commenting out the sceKernel line that registers the sceFont functions.
-[Unknown]
@i30817 commented on GitHub (Jan 20, 2015):
the backtrace of the ingame segfault with fast memory off (with IgnoreBadMemAccess or not) is still useless,
@i30817 commented on GitHub (Jan 20, 2015):
Thing is, i am using the official fonts. If i delete them from the PPSSPP flash0 dir the savestate segfaults right away in __FontShutdown. Maybe i'm missing a few and the game freaks out, there was a warning about those. Or maybe the segfaults are for different things.
edit: yeah, i dont' have zh_gb.pgf font it's complaining about, let see.
edit2: isn't that the chinese font? Why would it crash on that on a EU game!?
@unknownbrackets commented on GitHub (Jan 20, 2015):
The reason the backtrace is useless is that it's in jit. You can try turning jit off but it will probably still not mean much since it will be from interp most likely...
zh_gb.pgf isn't a real font that should be there, don't worry about that.
What if you comment out this line?
github.com/hrydgard/ppsspp@0a8e6c2a06/Core/HLE/sceFont.cpp (L1389)This will prevent sceFont from running at all, but it will also break savestates. Hmm.
I wonder if it's some struct alignment issue affecting only Linux. This hmm:
github.com/hrydgard/ppsspp@0a8e6c2a06/Core/Font/PGF.h (L131)What if you put
__attribute__(packed)or whatever it is on each of those structs?-[Unknown]
@i30817 commented on GitHub (Jan 20, 2015):
what in every single attribute of the all the structs in that file? Or just the last?
@i30817 commented on GitHub (Jan 20, 2015):
oh wait, the syntax is after struct not before, let me try it
@i30817 commented on GitHub (Jan 20, 2015):
Didn't help the Exit to menu crash (or the others).
@i30817 commented on GitHub (Jan 20, 2015):
doh, i should have just compiled with Debug for line numbers, wait a moment for that backtraceable segfault
@i30817 commented on GitHub (Jan 20, 2015):
well, debug compiling breaks very spectacularly so no line numbers.
https://gist.github.com/i30817/c192f0175e65bcd6d30c
@Bigpet commented on GitHub (Jan 20, 2015):
@i30817 just comment out this one line: https://github.com/hrydgard/ppsspp/blob/master/ext/xbrz/xbrz.cpp#L621 I doubt it will matter to your issue
@i30817 commented on GitHub (Jan 20, 2015):
thanks
@unknownbrackets commented on GitHub (Mar 4, 2019):
Does this still happen?
-[Unknown]
@unknownbrackets commented on GitHub (Jan 1, 2020):
This issue is being closed because it hasn't been updated with feedback.
It's hard to tell when fixes in PPSSPP might fix other games, and sometimes certain settings or cheats may cause bugs that can't be fixed.
If you have more information or can confirm it still happens in the latest git builds, please reply to this issue and it'll be reopened. If you have a new issue with the same game, just create a new issue instead.
-[Unknown]