This is annoying indeed.

You can "fix" this if you enable "safe texture caching"-something in the OpenGL options.

However you wont be able to come far in MP1, i got many crashes at the Space Station.

Unfortunately, I can't get into the OpenGL options (it just doesn't seem to do anything).

I tried adding "SafeTextureCache = true" in a section "Settings" to Dolphin.ini, to
no avail.

Metroid prime one DOES work fine using revision 1449 with safe texture catch (in adv
options of graphics). Only works with openGL as far as i know.

Although metroid seems to fail with later revisions.

Strid3r

Related to issue 423. I trapped the error with gdb (SIGSEGV at 0x4114ff03d) and
dumped the JIT'ed code to a file. This is what I found:

(... rest of JIT code ...)
414ff02f:	8b 44 03 00          	mov    0x0(%rbx,%rax,1),%eax
414ff033:	f7 c0 fc 00 00 00    	test   $0xfc,%eax
414ff039:	75 07                	jne    0x414ff042
414ff03b:	0f c8                	bswap  %eax
414ff03d:	41 ff 64 c7 00       	jmpq   *0x0(%r15,%rax,8)
(... rest of JIT code ...)

I guess that bswap is supposed to be performed on %rax. Since I can't figure out
which part of the JIT is malfunctioning here, I'll post the disassembly of the whole
function (manually modified objdump output to be a bit shorter; objdump was invoked
as objdump -D -m i386 -M x86-64 -b binary --adjust-vma 0x414ff000
/tmp/metroid_crash.bin):

414ff000:	53                   	push   %rbx
414ff001:	55                   	push   %rbp
414ff002:	41 54                	push   %r12
414ff004:	41 55                	push   %r13
414ff006:	41 56                	push   %r14
414ff008:	41 57                	push   %r15
414ff00a:	41 57                	push   %r15
414ff00c:	48 bb 00 00 00 00 23 00 00 00	mov    $0x2300000000,%rbx
414ff016:	49 bf 50 c2 fc 00 00 00 00 00	mov    $0xfcc250,%r15
414ff020:	e8 ff ea f6 be       	callq  0x46db24
414ff025:	eb 02                	jmp    0x414ff029
414ff027:	76 50                	jbe    0x414ff079
414ff029:	8b 05 91 b1 32 bf    	mov    -0x40cd4e6f(%rip),%eax        # 0x82a1c0
414ff02f:	8b 44 03 00          	mov    0x0(%rbx,%rax,1),%eax
414ff033:	f7 c0 fc 00 00 00    	test   $0xfc,%eax
414ff039:	75 07                	jne    0x414ff042
414ff03b:	0f c8                	bswap  %eax
414ff03d:	41 ff 64 c7 00       	jmpq   *0x0(%r15,%rax,8)
414ff042:	8b 3d 78 b1 32 bf    	mov    -0x40cd4e88(%rip),%edi        # 0x82a1c0
414ff048:	e8 81 9d fb be       	callq  0x4b8dce
414ff04d:	eb da                	jmp    0x414ff029
414ff04f:	cc                   	int3   
414ff050:	8b 05 6a b1 32 bf    	mov    -0x40cd4e96(%rip),%eax        # 0x82a1c0
414ff056:	89 05 68 b1 32 bf    	mov    %eax,-0x40cd4e98(%rip)        # 0x82a1c4
414ff05c:	81 0d 76 b1 32 bf 40 00 00 00	orl    $0x40,-0x40cd4e8a(%rip)        #

0x82a1dc
414ff066: e8 8d f4 f9 be callq 0x49e4f8
414ff06b: 8b 05 53 b1 32 bf mov -0x40cd4ead(%rip),%eax # 0x82a1c4
414ff071: 89 05 49 b1 32 bf mov %eax,-0x40cd4eb7(%rip) # 0x82a1c0
414ff077: eb ae jmp 0x414ff027
414ff079: e8 a6 ea f6 be callq 0x46db24
414ff07e: f7 05 54 b1 32 bf ff ff ff ff testl $0xffffffff,-0x40cd4eac(%rip)

0x82a1dc¶

414ff088:	74 1d                	je     0x414ff0a7
414ff08a:	8b 05 30 b1 32 bf    	mov    -0x40cd4ed0(%rip),%eax        # 0x82a1c0
414ff090:	89 05 2e b1 32 bf    	mov    %eax,-0x40cd4ed2(%rip)        # 0x82a1c4
414ff096:	e8 5d f4 f9 be       	callq  0x49e4f8
414ff09b:	8b 05 23 b1 32 bf    	mov    -0x40cd4edd(%rip),%eax        # 0x82a1c4
414ff0a1:	89 05 19 b1 32 bf    	mov    %eax,-0x40cd4ee7(%rip)        # 0x82a1c0
414ff0a7:	f7 05 93 08 2b bf ff ff ff ff	testl  $0xffffffff,-0x40d4f76d(%rip)    

0x7af944¶

414ff0b1:	0f 84 69 ff ff ff    	je     0x414ff020
414ff0b7:	41 5f                	pop    %r15
414ff0b9:	41 5f                	pop    %r15
414ff0bb:	41 5e                	pop    %r14
414ff0bd:	41 5d                	pop    %r13
414ff0bf:	41 5c                	pop    %r12
414ff0c1:	5d                   	pop    %rbp
414ff0c2:	5b                   	pop    %rbx
414ff0c3:	c3                   	retq   
414ff0c4:	41 5f                	pop    %r15
414ff0c6:	41 5f                	pop    %r15
414ff0c8:	41 5e                	pop    %r14
414ff0ca:	41 5d                	pop    %r13
414ff0cc:	41 5c                	pop    %r12
414ff0ce:	5d                   	pop    %rbp
414ff0cf:	5b                   	pop    %rbx
414ff0d0:	c3                   	retq   

In short: I guess it's not a game issue, more of a JIT issue.

Found the generator: it crashes in code generated by AsmRoutineManager::Generate().
Using BSWAP on %rax only made things worse, but I'm now trying to find out the
register values.

The nature of the crashes seem pretty random though. Sometimes they're just hangs
(emulator thread is trying to create a MsgAlert from Memory:CheckDTLB, but got stuck
in the process... perhaps a dupe of issue 103), sometimes these segfaults.

Duplicate of issue 266. Enabling Safe Texture Cache did help for this particular type
of crashes.