PS Vita Retroarch crashes when loading a new rom with fuse

[16mpx]

For PS Vita, using Fuse core and loading a new rom without restarting Retroarch crashes the core and Retroarch.

[snoofly]

This isn’t a Vita specific issue, happens on Switch too, even with the 1.6.0 core update. IMO this should be the top priority bug to fix as to have to restart retroarch to load new content is very clunky.

[snoofly]

In order to assist with debugging this issue, I have attached the .psp2dmp and .elf files (both with .txt appended to allow upload) after reproducing the case.

These files are based on the https://github.com/libretro/fuse-libretro/tree/fix-vita branch build (65f1b61)

Thanks.

psp2core-1618830851-0x00003b33cd-fuse_libretro.self.psp2dmp.txt

retroarch_vita.elf.txt

[16mpx]

Even with (65f1b61), Vita build still crashes, issue was not resolved.

[snoofly]

Just to clarify in case there is confusion. 6F build fixes the first time load Rom issue on vita. That is fixed from my test build from source. The issue tracked here - of reloading content without restarting causing crash is platform generic (vita and switch at least) and still a bug with no eta. These uploads hope to identify the issue on the vita build.

[16mpx]

Thanks for the clarification. If it helps, I may upload a verbose log for the vita crash.

[tomconte]

Below the output of vita-parse-core for the psp2dmp file above... Looks like something goes wrong somewhere in settings_free().

=== THREADS ===
    RETROVITA
        ID: 0x40010003
        Stop reason: 0x30004 (Data abort exception)
        Status: 0x1 (Running)
        PC: 0x812ab28c (retroarch_vita.elf@1 + 0x23f28c => _free_r at ??:?)
    SceCommonDialogWorker
        ID: 0x400100c3
        Stop reason: 0x0 (No reason)
        Status: 0x8 (Waiting)
        PC: 0xe00093d4 (SceLibKernel@1 + 0x6304)

        ID: 0x400402c9
        Stop reason: 0x0 (No reason)
        Status: 0x8 (Waiting)
        PC: 0xe00093d4 (SceLibKernel@1 + 0x6304)

=== THREAD "RETROVITA" <0x40010003> CRASHED (Data abort exception) ===

DISASSEMBLY AROUND PC: 0x812ab28c (ARM):

8123f27c <_free_r+0x50>:
8123f27c:   4423        add r3, r4
8123f27e:   6894        ldr r4, [r2, #8]
8123f280:   f000 0001   and.w   r0, r0, #1
8123f284:   42bc        cmp r4, r7
8123f286:   d067        beq.n   8123f358 <_free_r+0x12c>
8123f288:   f8d2 e00c   ldr.w   lr, [r2, #12]
!!!         f8c4 e00c   str.w   lr, [r4, #12] !!!
8123f290:   f8ce 4008   str.w   r4, [lr, #8]
8123f294:   2800        cmp r0, #0
8123f296:   f000 8099   beq.w   8123f3cc <_free_r+0x1a0>
8123f29a:   Address 0x000000008123f29a is out of bounds.

REGISTERS:
    R0: 0x1
    R1: 0x8171b254
    R2: 0x81d4cef8
    R3: 0x34b8
    R4: 0x0
    R5: 0x81bd11f8
    R6: 0x408
    R7: 0x8171b25c
    R8: 0x817115cc
    R9: 0x1
    R10: 0x838c6200
    R11: 0x838ca450
    R12: 0x81d503b0
    SP: 0x816b6660
    PC: 0x812ab28c (retroarch_vita.elf@1 + 0x23f28c)
    LR: 0x0

STACK CONTENTS AROUND SP:
          0x816b6620: 0xffffffff
          0x816b6624: 0xffffffff
          0x816b6628: 0xffffffff
          0x816b662c: 0xffffffff
          0x816b6630: 0xffffffff
          0x816b6634: 0xffffffff
          0x816b6638: 0xffffffff
          0x816b663c: 0xffffffff
          0x816b6640: 0xffffffff
          0x816b6644: 0xffffffff
          0x816b6648: 0xffffffff
          0x816b664c: 0x81d4ff38
          0x816b6650: 0x81bd0d90 (retroarch_vita.elf@2 + 0x4d0d90)
          0x816b6654: 0x0
          0x816b6658: 0x0
          0x816b665c: 0x812ab23b (retroarch_vita.elf@1 + 0x23f23b => _free_r at ??:?)
    SP => 0x816b6660: 0x81712a78 (retroarch_vita.elf@2 + 0x12a78)
          0x816b6664: 0x81964eb8 (retroarch_vita.elf@2 + 0x264eb8)
          0x816b6668: 0x817125fc (retroarch_vita.elf@2 + 0x125fc)
          0x816b666c: 0x816b6714
          0x816b6670: 0x1
          0x816b6674: 0x811d1bbd (retroarch_vita.elf@1 + 0x165bbd => settings_free at ??:?)
          0x816b6678: 0x81964eb8 (retroarch_vita.elf@2 + 0x264eb8)
          0x816b667c: 0x811d1ef7 (retroarch_vita.elf@1 + 0x165ef7 => settings_copy_internal at ??:?)
          0x816b6680: 0x81712a74 (retroarch_vita.elf@2 + 0x12a74)
          0x816b6684: 0x811d5d35 (retroarch_vita.elf@1 + 0x169d35 => ui_libspectrum_error at ??:?)
          0x816b6688: 0x1
          0x816b668c: 0x811d2b5b (retroarch_vita.elf@1 + 0x166b5b => settings_init at ??:?)
          0x816b6690: 0x811d5d35 (retroarch_vita.elf@1 + 0x169d35 => ui_libspectrum_error at ??:?)
          0x816b6694: 0x8191d9c0 (retroarch_vita.elf@2 + 0x21d9c0)
          0x816b6698: 0x0
          0x816b669c: 0x811c3b15 (retroarch_vita.elf@1 + 0x157b15 => fuse_init_static at ??:?)
          0x816b66a0: 0xffffffff
          0x816b66a4: 0xffffffff
          0x816b66a8: 0xffffffff
          0x816b66ac: 0xffffffff
          0x816b66b0: 0xffffffff
          0x816b66b4: 0xffffffff
          0x816b66b8: 0xffffffff
          0x816b66bc: 0xffffffff

[snoofly]

This would be a great bug to fix. Not only does it affect fuse on vita, I see same behaviour for other cores on other systems, eg vice on switch. Mame on switch works fine though. I’m assuming based on that it is something borked in a few cores sharing similarly broken uninitialise code when unloading a rom.

[tomconte]

I have tried the latest stable RetroArch 1.9.4 on Switch, with the included libretro-fuse build, and it seems to me the problem has gone away? At least I was able to load a game, close it, and load a second one without a crash. This did not work with RA 1.9.3 on Switch...

[16mpx]

I have tried the latest stable RetroArch 1.9.4 on Switch, with the included libretro-fuse build, and it seems to me the problem has gone away? At least I was able to load a game, close it, and load a second one without a crash. This did not work with RA 1.9.3 on Switch...

You are absolutely right, issue is somehow fixed and thank you to remind me to check it.

Since the issue is solved, I am closing it with this comment.

[snoofly]

great to hear. will update later. thanks