Emulator Issues #10132
openBreakpoints crash game after stepping
0%
Description
Game Name?
Super Smash Bros. Brawl
Game ID? (right click the game in the game list, properties, info tab)
RSBE01
MD5 Hash? (right click the game in the game list, properties, info tab, MD5 Hash: Compute)
[Put MD5 Hash here]
What's the problem? Describe what went wrong.
Placing breakpoints in the debugger and trying to step after the breakpoint is hit causes the game to crash. More specifically after hitting step, the game jumps to "ExternalInterruptHandler" (name from function maps), then crashes after running through it. This makes debugging Brawl pretty much impossible in Dolphin 5.0. This is a huge issue for me in particular as a Dev for Brawl Minus since we use Dolphin as an integral part of our development process.
The ExternalInterruptHandler function is located at 801dd644 in Dolphin 5.0-321, in the current version however it seems that it's located at 0x500. Pressing play after it steps into this function almost alwyas immediatly crashes the game (unknown opcode at 0)
In an almost 1 year old duplicate issue, Phire mentioned It's PR 3800 that caused the problem.
What steps will reproduce the problem?
Placing breakpoints in Brawl and stepping after the breakpoint is hit.
Which versions of Dolphin did you test on? Does using an older version of Dolphin solve your issue? If yes, which versions of Dolphin used to work?
Tested on 5.0-2684 and 5.0-532. The last version to work was Dolphin 4.0-9247
What are your PC specifications? (CPU, GPU, Operating System, more)
Intel Core i3 2120
AMD Radeon HD 6670
Windows 7
Is there any other relevant information? (e.g. logs, screenshots,
configuration files)
I've attached a detailed Function map i created myself from sifting through the raw maps on the Korean Brawl disc and ported to NTSC that can be loaded into Dolphin.
Files
Updated by sammi-husky almost 8 years ago
sammi-husky wrote:
Which versions of Dolphin did you test on? Does using an older version of Dolphin solve your issue? If yes, which versions of Dolphin used to work?
Tested on 5.0-2684 and 5.0-532. The last version to work was Dolphin 4.0-9247
Whoops, i meant the last version to work should be Dolphin 4.0-9240
Updated by JMC4789 almost 8 years ago
- Assignee set to phire
Maybe phire can explain. Do you know what you actually wanted the title to be? I can fix that.
Updated by sammi-husky almost 8 years ago
JMC4789 wrote:
Maybe phire can explain. Do you know what you actually wanted the title to be? I can fix that.
Ah, yes thank you. I was going to title it "Breakpoints crash game after stepping" or something of the like.
Updated by JosJuice almost 8 years ago
- Subject changed from [Short description of your bug here (~10 words)] to Breakpoints crash game after stepping
Updated by aldelaro5 almost 8 years ago
Can I know a particular function/address in the game you know a breakpoint there would cause this issue?
I am trying to reproduce it and to do that, I need to know a place where hitting the breakpoint is a problem. I ask this because if I try to breakpoint shortly after boot, I don't encounter this issue, but this might be because not much is going right after boot.
Updated by sammi-husky almost 8 years ago
aldelaro5 wrote:
Can I know a particular function/address in the game you know a breakpoint there would cause this issue?
I am trying to reproduce it and to do that, I need to know a place where hitting the breakpoint is a problem. I ask this because if I try to breakpoint shortly after boot, I don't encounter this issue, but this might be because not much is going right after boot.
Easiest one to do would probably be placing a breakpoint at 0x810c7c4c before selecting Mario in training mode. Soon as he's selected the breakpoint will be hit.
Updated by sepalani over 7 years ago
I can't reproduce the crash with Dolphin 5.0-3303. The breakpoint (0x810c7c4c) in training mode is hit when I selected Mario but I didn't have a crash.
PC value is set to 0x500 when an External Interrupt Exception is raised, so that's normal. Furthermore, after stepping out (after hitting the rfi instruction) the PC will be set to 0x801dd644 which is the ExternalInterruptHandler you're looking for. However, I assume the game didn't like it because I was sent to PPCHalt later on. No crashes, but an infinite loop that prevent me to do anything else instead.
Not to mention, the breakpoint won't be hit twice once Mario has been selected (it seems?). I was able to raise that exception but that was quite situational and the other times it didn't happen. I can't reproduce it if I do a save state before triggering the bug. Sometimes, I'd to select Mario twice in order to trigger the breakpoint so it seemed that the module wasn't loaded completely at that time (since the PPC code was different). It tends to happen more often to me right at the begin but not after idling and doing random stuff on the character roster for a while before selecting Mario.
Updated by sepalani over 7 years ago
I highly suspect this issue to impact other games, like MH3 where I've similar troubles and get sent to PPCHalt after a breakpoint hit. I'll detail what I've learnt so far concerning brawl case, though.
The exception is set in the PPC state during CoreTiming::Advance()
call. Furthermore, that happens during an event callback, more specifically: evt.type->callback(evt.userdata, g_global_timer - evt.time);
, the evt.type name is "SetTokenFinish". The function called is SetTokenFinish_OnMainThread(0, cycles_late)
where userdata
is zero and cycles_late
is a small value. It changes each time but still stay small (I've seen it between 0x00000000000006d1 and 0x0000000000002af5, so far). Delaying the breakpoint by placing it further down doesn't fix the issue and the exception is still triggered. The code changing the PPC state is the following: ProcessorInterface::SetInterrupt(INT_CAUSE_PE_TOKEN, s_signal_token_interrupt && m_Control.PETokenEnable);
.
When the issue isn't triggered, for instance while using a savestate for me, there are no events to process, so there is no callback and no exceptions are set in the PPC state.
However, when the issue happens, the game processes that exception and later on enters in the Relocate
function. The thing is, when it exits the function the PC is set to zero. That raises another exception that leads to the PPCHalt function but just before that prints a bunch of debug messages via OSReport such as Attempted to fetch instruction from invalid address 0x0 (read from SRR0)
.
Updated by sepalani over 7 years ago
@sammi-husky
Does the PR #5274 fix the issue?
Updated by sammi-husky over 7 years ago
sepalani wrote:
@sammi-husky
Does the PR #5274 fix the issue?
Right, this problem was initially present in both Vanilla brawl and games run through Gecko OS or anything using it's codehandler, but this PR does fix it in vBrawl.
Games run through Gecko still seem to crash instantly when stepping after a breakpoint however, where they didn't back in 4.0-9240
Updated by leoetlino about 7 years ago
- Status changed from New to Fix pending
- Assignee deleted (
phire)
Updated by leoetlino about 7 years ago
- Has duplicate Emulator Issues #10071: Pausing and stepping in debug mode often crashes the game added
Updated by leoetlino about 7 years ago
- Has duplicate Emulator Issues #10595: Rapidly pausing and unpausing Dolphin.exe -d causes invalid reads or freezes added