[Raspberry Pi 5] 4KB Page Memory Incompatible with 16KB Page Memory

[retropieuser]

Raspberry Pi 5's kernel is built with 16kb rather than with 4kb page memory. Because of this while you can compile mupen64plus you cannot run it as you will always get a crash as the Pi can't handle the 4kb memory.

This is similar to the issue here with flycast:- https://github.com/flyinghead/flycast/issues/1288

Can anyone point to me where the page memory is specified by mupen64plus please? As have found manually setting it to 16kb fixes the issues for flycast.

[richard42]

Which dynarec are you using? I'm sure they have different code for allocating executable pages.

Richard

On 11/8/23 19:09, retropieuser wrote:

Raspberry Pi 5's kernel is built with 16kb rather than with 4kb page memory. Because of this while you can compile mupen64plus you cannot run it as you will always get a crash as the Pi can't handle the 4kb memory.

This is similar to the issue here with flycast:- flyinghead/flycast#1288 https://github.com/flyinghead/flycast/issues/1288

Can anyone point to me where the page memory is specified by mupen64plus please? As have found manually setting it to 16kb fixes the issues for flycast.

— Reply to this email directly, view it on GitHub https://github.com/mupen64plus/mupen64plus-core/issues/1047, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPQSH3O3CHR3ZO2EQ4ZK7TYDRCNNAVCNFSM6AAAAAA7D3ZE22VHI2DSMVQWIX3LMV43ASLTON2WKOZRHE4DINZTG4ZDGNQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

[retropieuser]

# Use Pure Interpreter if 0, Cached Interpreter if 1, or Dynamic Recompiler if 2 or more R4300Emulator = 2 Should I attempt Pure or Cached? Will that make any difference?

[richard42]

I realized after I sent my earlier email, that since you're on the raspberry pi, it is an ARM CPU so you must be using the new dynarec. The old one is only x86.

You can choose Pure or Cached interpreter here and they shouldn't have the 4k page size problem, but they will also be much more CPU-intensive since they won't be using the dynarec.

Richard

On 11/8/23 19:40, retropieuser wrote:

|# Use Pure Interpreter if 0, Cached Interpreter if 1, or Dynamic Recompiler if 2 or more R4300Emulator = 2| Should I attempt Pure or Cached? Will that make any difference?

— Reply to this email directly, view it on GitHub https://github.com/mupen64plus/mupen64plus-core/issues/1047#issuecomment-1803113942, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPQSHZZTGEV6CHIUM4HAWLYDRGBTAVCNFSM6AAAAAA7D3ZE22VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMBTGEYTGOJUGI. You are receiving this because you commented.Message ID: @.***>

[retropieuser]

Thanks Richard, I tested changing to pure and cached interpreter and can load mupen64plus now thanks. Perhaps it is very CPU intensive but the games do seem to work.

There's no way to use the dynarec in 16kb by changing the way it builds? Or that wouldn't optimise the emulator on pi5 anyway?

[richard42]

Using the dynamic recompiler instead of the pure/cached interpreter should improve speed and/or reduce CPU usage. But after looking through the code of the new dynarec, I don't think the page size should affect this software. It just allocates a big 32 megabyte buffer to store the executable recompiled code and runs everything from within that big block. It doesn't do anything with page-sized memory blocks, so I don't understand why the 16k page size of the RPi5 would cause problems. Additionally, Mupen64Plus has recently been tested to work on Apple Silicon M1/M2 chips, and from what I've read, these also use 16k pages.

[retropieuser]

That's true regarding the Silicon Mac machines, but they have their own workaround that's mentioned here that explains why it affects Linux aarch64 but not OSX:- https://github.com/AsahiLinux/docs/wiki/Broken-Software

Perhaps it's not the page memory that's causing the failure then if the memory in it isn't 16k

[richard42]

that link was informative. it seems these 16k page systems have problems when the executable sections are not aligned. I'm pretty sure that we don't have any makefile gcc/clang options to force 4k sections, but maybe there's some option is needed to set the alignment to 16k. Can you send me the terminal dump from when you run the mupen64plus front-end and it crashes, and also an archive of the entire build directory with the libraries and executable? I don't have a raspberry pi 5 to make builds.

[retropieuser]

Hi there this was the error you get, doesn't really tell you much:-

`pi@raspberrypi:~ $ /opt/retropie/emulators/mupen64plus/bin/mupen64plus mupen64plus-video-GLideN64 "/home/pi/RetroPie/roms/n64/007 - GoldenEye (USA).n64"

---

| \/ | _ / / | || | | | | _ | |\/| | | | | ' \ / \ ' | ' | || || |) | | | | / |
| | | | || | |) | _/ | | | () | _| /| | || _ \
|| ||_,| ./ _|| ||_/ || || ||_,_|__/
|| https://mupen64plus.org/
Mupen64Plus Console User-Interface Version 2.5.9

UI-Console: attached to core library 'Mupen64Plus Core' version 2.5.9 UI-Console: Includes support for Dynamic Recompiler. Core: Couldn't open configuration file '/home/pi/.config/mupen64plus/mupen64plus.cfg'. Using defaults. Core Warning: No version number in 'Core' config section. Setting defaults. Core Warning: No version number in 'CoreEvents' config section. Setting defaults. Core: Using full mem base Core Error: Unable to open rom database file '(null)'. UI-Console Warning: No version number in 'UI-Console' config section. Setting defaults. UI-Console Warning: unrecognized command-line parameter 'mupen64plus-video-GLideN64' Core: Goodname: GOLDENEYE (unknown rom) Core: Name: GOLDENEYE
Core: MD5: 70C525880240C1E838B8B1BE35666C3B Core: CRC: DCBC50D1 09FD1AA3 Core: Imagetype: .v64 (byteswapped) Core: Rom size: 12582912 bytes (or 12 Mb or 96 Megabits) Core: Version: 1447 Core: Manufacturer: Nintendo Core: Country: USA UI-Console Status: Cheat codes disabled. UI-Console: using Video plugin: 'GLideN64 rev.7dc5b9f' v2.0.0 Audio Warning: No version number in 'Audio-SDL' config section. Setting defaults. UI-Console: using Audio plugin: 'Mupen64Plus SDL Audio Plugin' v2.5.9 Input Warning: Missing or incompatible config section 'Input-SDL-Control1'. Clearing. Input Warning: Missing or incompatible config section 'Input-SDL-Control2'. Clearing. Input Warning: Missing or incompatible config section 'Input-SDL-Control3'. Clearing. Input Warning: Missing or incompatible config section 'Input-SDL-Control4'. Clearing. Input Error: Couldn't find config file 'InputAutoCfg.ini' Input Error: Couldn't find config file 'InputAutoCfg.ini' Input Warning: missing 'plugged' parameter from config section AutoConfig0. Setting to 1 (true). Input Warning: missing config key 'DPad R' for controller 1 button 0 Input Warning: missing config key 'DPad L' for controller 1 button 1 Input Warning: missing config key 'DPad D' for controller 1 button 2 Input Warning: missing config key 'DPad U' for controller 1 button 3 Input Warning: missing config key 'Start' for controller 1 button 4 Input Warning: missing config key 'Z Trig' for controller 1 button 5 Input Warning: missing config key 'B Button' for controller 1 button 6 Input Warning: missing config key 'A Button' for controller 1 button 7 Input Warning: missing config key 'C Button R' for controller 1 button 8 Input Warning: missing config key 'C Button L' for controller 1 button 9 Input Warning: missing config key 'C Button D' for controller 1 button 10 Input Warning: missing config key 'C Button U' for controller 1 button 11 Input Warning: missing config key 'R Trig' for controller 1 button 12 Input Warning: missing config key 'L Trig' for controller 1 button 13 Input Warning: missing config key 'Mempak switch' for controller 1 button 14 Input Warning: missing config key 'Rumblepak switch' for controller 1 button 15 Input Warning: missing config key 'X Axis' for controller 1 axis 0 Input Warning: missing config key 'Y Axis' for controller 1 axis 1 UI-Console: using Input plugin: 'Mupen64Plus SDL Input Plugin' v2.5.9 RSP Warning: No version number in 'Rsp-HLE' config section. Setting defaults. UI-Console: using RSP plugin: 'Hacktarux/Azimer High-Level Emulation RSP Plugin' v2.5.9 Core Warning: Input plugin does not contain VRU support. Core: input plugin did not specify a render callback; there will be no on screen display by the input plugin. Input: 1 SDL joysticks were found. Input Error: Couldn't find config file 'InputAutoCfg.ini' Input Error: No auto-config found for joystick named '8BitDo M30 gamepad' in InputAutoConfig.ini Input: N64 Controller #1: Forcing default keyboard configuration Input Error: Couldn't find config file 'InputAutoCfg.ini' Input Warning: missing 'plugged' parameter from config section AutoConfig0. Setting to 1 (true). Input Warning: missing config key 'DPad R' for controller 1 button 0 Input Warning: missing config key 'DPad L' for controller 1 button 1 Input Warning: missing config key 'DPad D' for controller 1 button 2 Input Warning: missing config key 'DPad U' for controller 1 button 3 Input Warning: missing config key 'Start' for controller 1 button 4 Input Warning: missing config key 'Z Trig' for controller 1 button 5 Input Warning: missing config key 'B Button' for controller 1 button 6 Input Warning: missing config key 'A Button' for controller 1 button 7 Input Warning: missing config key 'C Button R' for controller 1 button 8 Input Warning: missing config key 'C Button L' for controller 1 button 9 Input Warning: missing config key 'C Button D' for controller 1 button 10 Input Warning: missing config key 'C Button U' for controller 1 button 11 Input Warning: missing config key 'R Trig' for controller 1 button 12 Input Warning: missing config key 'L Trig' for controller 1 button 13 Input Warning: missing config key 'Mempak switch' for controller 1 button 14 Input Warning: missing config key 'Rumblepak switch' for controller 1 button 15 Input Warning: missing config key 'X Axis' for controller 1 axis 0 Input Warning: missing config key 'Y Axis' for controller 1 axis 1 Input: 1 controller(s) found, 1 plugged in and usable in the emulator Input Warning: Joystick #1 doesn't support rumble effect Input Warning: Joystick #2 doesn't support rumble effect Input Warning: Joystick #3 doesn't support rumble effect Input Warning: Joystick #4 doesn't support rumble effect Input: Mupen64Plus SDL Input Plugin version 2.5.9 initialized. RSP: RSP Fallback disabled ! Core: Using video capture backend: dummy Core: Game controller 0 (Standard controller) has a Memory pak plugged in Core: Game controller 1 (Standard controller) has a Memory pak plugged in Core: Game controller 2 (Standard controller) has a Memory pak plugged in Core: Game controller 3 (Standard controller) has a Memory pak plugged in Core: Using CIC type X102 Core: Setting video mode: 640x480 WARNING: v3d support for hw version 71 is neither a complete nor a conformant OpenGL implementation. Testing use only. Audio: Using resampler speex Audio: Initializing SDL audio subsystem... Input Warning: Joystick #1 doesn't support rumble effect Input Warning: Joystick #2 doesn't support rumble effect Input Warning: Joystick #3 doesn't support rumble effect Input Warning: Joystick #4 doesn't support rumble effect Core: Initializing 4 RDRAM modules for a total of 8 MB Core: Starting R4300 emulator: Dynamic Recompiler Core: Init new dynarec Segmentation fault`

[richard42]

Well the problem cannot be the section alignment issue discussed in your AsahiLinux link, because everything loads and runs if you use the cached/pure interpreter. So it must have something to do with the dynarec, but I think there's not enough information here to really understand the cause. I don't think it has anything to do with the 16kb page alignment, because the executable memory which the new dynarec allocates to store the JIT-recompiled code is allocated in a single big block which is aligned to a 64kb boundary. Perhaps there is some other difference with the CPU in the raspberry pi 5 which is causing this crash. In order to debug this, we need to run it in the debugger and see exactly where it crashed. Can you install "gdb" on your system and run a few simple commands? You just need to start it up and take a back trace when it crashes, like this:

gdb --args  /opt/retropie/emulators/mupen64plus/bin/mupen64plus "/home/pi/RetroPie/roms/n64/007 - GoldenEye (USA).n64"
run
<control will return after it crashes>
bt

Then post here the stack trace that you get from the "bt" command. It would also be nice to see the output of the "disassemble" command to see exactly which instruction caused the crash.

[retropieuser]

Hi Richard, here you are:-

`(gdb) run Starting program: /opt/retropie/emulators/mupen64plus/bin/mupen64plus /home/pi/RetroPie/roms/n64/007\ -\ GoldenEye\ (USA).n64 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".

---

| \/ | _ / / | || | | | | _ | |\/| | | | | ' \ / \ ' | ' | || || |) | | | | / |
| | | | || | |) | _/ | | | () | _| /| | || _ \
|| ||_,| ./ _|| ||_/ || || ||_,_|__/
|| https://mupen64plus.org/
Mupen64Plus Console User-Interface Version 2.5.9

UI-Console: attached to core library 'Mupen64Plus Core' version 2.5.9 UI-Console: Includes support for Dynamic Recompiler. Core: Using full mem base Core Error: Unable to open rom database file '(null)'. [New Thread 0x7fffd394b180 (LWP 1217)] Core: Goodname: GOLDENEYE (unknown rom) Core: Name: GOLDENEYE
Core: MD5: 70C525880240C1E838B8B1BE35666C3B Core: CRC: DCBC50D1 09FD1AA3 Core: Imagetype: .v64 (byteswapped) Core: Rom size: 12582912 bytes (or 12 Mb or 96 Megabits) Core: Version: 1447 Core: Manufacturer: Nintendo Core: Country: USA UI-Console Status: Cheat codes disabled. UI-Console: using Video plugin: 'GLideN64 rev.7dc5b9f' v2.0.0 UI-Console: using Audio plugin: 'Mupen64Plus SDL Audio Plugin' v2.5.9 Input Error: Couldn't find config file 'InputAutoCfg.ini' Input Warning: missing 'plugged' parameter from config section AutoConfig0. Setting to 1 (true). Input Warning: missing config key 'DPad R' for controller 1 button 0 Input Warning: missing config key 'DPad L' for controller 1 button 1 Input Warning: missing config key 'DPad D' for controller 1 button 2 Input Warning: missing config key 'DPad U' for controller 1 button 3 Input Warning: missing config key 'Start' for controller 1 button 4 Input Warning: missing config key 'Z Trig' for controller 1 button 5 Input Warning: missing config key 'B Button' for controller 1 button 6 Input Warning: missing config key 'A Button' for controller 1 button 7 Input Warning: missing config key 'C Button R' for controller 1 button 8 Input Warning: missing config key 'C Button L' for controller 1 button 9 Input Warning: missing config key 'C Button D' for controller 1 button 10 Input Warning: missing config key 'C Button U' for controller 1 button 11 Input Warning: missing config key 'R Trig' for controller 1 button 12 Input Warning: missing config key 'L Trig' for controller 1 button 13 Input Warning: missing config key 'Mempak switch' for controller 1 button 14 Input Warning: missing config key 'Rumblepak switch' for controller 1 button 15 Input Warning: missing config key 'X Axis' for controller 1 axis 0 Input Warning: missing config key 'Y Axis' for controller 1 axis 1 UI-Console: using Input plugin: 'Mupen64Plus SDL Input Plugin' v2.5.9 UI-Console: using RSP plugin: 'Hacktarux/Azimer High-Level Emulation RSP Plugin' v2.5.9 Core Warning: Input plugin does not contain VRU support. Core: input plugin did not specify a render callback; there will be no on screen display by the input plugin. Input: 0 SDL joysticks were found. Input: N64 Controller #1: Forcing default keyboard configuration Input Error: Couldn't find config file 'InputAutoCfg.ini' Input Warning: missing 'plugged' parameter from config section AutoConfig0. Setting to 1 (true). Input Warning: missing config key 'DPad R' for controller 1 button 0 Input Warning: missing config key 'DPad L' for controller 1 button 1 Input Warning: missing config key 'DPad D' for controller 1 button 2 Input Warning: missing config key 'DPad U' for controller 1 button 3 Input Warning: missing config key 'Start' for controller 1 button 4 Input Warning: missing config key 'Z Trig' for controller 1 button 5 Input Warning: missing config key 'B Button' for controller 1 button 6 Input Warning: missing config key 'A Button' for controller 1 button 7 Input Warning: missing config key 'C Button R' for controller 1 button 8 Input Warning: missing config key 'C Button L' for controller 1 button 9 Input Warning: missing config key 'C Button D' for controller 1 button 10 Input Warning: missing config key 'C Button U' for controller 1 button 11 Input Warning: missing config key 'R Trig' for controller 1 button 12 Input Warning: missing config key 'L Trig' for controller 1 button 13 Input Warning: missing config key 'Mempak switch' for controller 1 button 14 Input Warning: missing config key 'Rumblepak switch' for controller 1 button 15 Input Warning: missing config key 'X Axis' for controller 1 axis 0 Input Warning: missing config key 'Y Axis' for controller 1 axis 1 Input: 1 controller(s) found, 1 plugged in and usable in the emulator Input Warning: Joystick #1 doesn't support rumble effect Input Warning: Joystick #2 doesn't support rumble effect Input Warning: Joystick #3 doesn't support rumble effect Input Warning: Joystick #4 doesn't support rumble effect Input: Mupen64Plus SDL Input Plugin version 2.5.9 initialized. RSP: RSP Fallback disabled ! Core: Using video capture backend: dummy Core: Game controller 0 (Standard controller) has a Memory pak plugged in Core: Game controller 1 (Standard controller) has a Memory pak plugged in Core: Game controller 2 (Standard controller) has a Memory pak plugged in Core: Game controller 3 (Standard controller) has a Memory pak plugged in Core: Using CIC type X102 Core: Setting video mode: 640x480 WARNING: v3d support for hw version 71 is neither a complete nor a conformant OpenGL implementation. Testing use only. [New Thread 0x7fffc58ab180 (LWP 1218)] Audio: Using resampler speex [New Thread 0x7fffbe75f180 (LWP 1219)] [New Thread 0x7fffb98af180 (LWP 1220)] Audio: Initializing SDL audio subsystem... [New Thread 0x7fffb985f180 (LWP 1221)] Input Warning: Joystick #1 doesn't support rumble effect Input Warning: Joystick #2 doesn't support rumble effect Input Warning: Joystick #3 doesn't support rumble effect Input Warning: Joystick #4 doesn't support rumble effect Core: Initializing 4 RDRAM modules for a total of 8 MB Core: Starting R4300 emulator: Dynamic Recompiler Core: Init new dynarec

Thread 1 "mupen64plus" received signal SIGSEGV, Segmentation fault. 0x00007ffff43b5000 in ?? () from /opt/retropie/emulators/mupen64plus/lib/libmupen64plus.so.2 (gdb) bt

0 0x00007ffff43b5000 in ?? ()

from /opt/retropie/emulators/mupen64plus/lib/libmupen64plus.so.2 Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb) `

[Jj0YzL5nvJ]

Try defining export OPTFLAGS="-O2 -flto -pthread" before building ui-console and the core

[retropieuser]

I'm not 100% confident I built it all correctly as I use this script usually:- https://github.com/RetroPie/RetroPie-Setup/blob/master/scriptmodules/emulators/mupen64plus.sh

I edited lines 177 and added in the above, that should've built the ui-console differently right? Sorry I know that's not your script so am asking a bit much for to take a look. But anyway after my edits it all built but still only works only pure or cached interpeter

[Jj0YzL5nvJ]

Even better, use: CFLAGS="-pthread" ./mupen64plus.sh

You don't need to edit anything.

[richard42]

I think we need to look at the exact instruction which is causing the segfault. maybe the dynarec is writing out some opcode which is not supported by the ARM CPU on the pi5. Can you use the "disassemble" command to get an assembly listing of the instructions around the crash point?

Like in your previous example, where you got the error at this location:

0x00007ffff43b5000 in ?? ()

You would type:

disassemble 0x00007ffff43b4f80,+256

[benjamintmiller]

(gdb) bt

#0  0x00007fffe97fe000 in g_dev () at /opt/retropie/libretrocores/lr-mupen64plus-next/mupen64plus_next_libretro.so
#1  0x00007fffe3278ec0 in new_dyna_start ()
    at /opt/retropie/libretrocores/lr-mupen64plus-next/mupen64plus_next_libretro.so

(gdb) disassemble

Dump of assembler code for function g_dev:
   0x00007fffe8efd000 <+0>:     udf     #0
   0x00007fffe8efd004 <+4>:     udf     #0
   0x00007fffe8efd008 <+8>:     udf     #0

(eventually changes to this and goes on forever)

   0x00007fffe8efd0e0 <+224>:   .inst   0x01010101 ; undefined
   0x00007fffe8efd0e4 <+228>:   .inst   0x01010101 ; undefined
   0x00007fffe8efd0e8 <+232>:   .inst   0x01010101 ; undefined

(gdb) frame 1

#1  0x00007fffe3278ec0 in new_dyna_start ()
   from /opt/retropie/libretrocores/lr-mupen64plus-next/mupen64plus_next_libretro.so

(gdb) disassemble

Dump of assembler code for function new_dyna_start:
   0x00007fffe3278e78 <+0>:     adrp    x16, 0x7fffe8efd000 <g_dev>
   0x00007fffe3278e7c <+4>:     add     x16, x16, #0x0
   0x00007fffe3278e80 <+8>:     mov     x1, #0x2900000                  // #42991616
   0x00007fffe3278e84 <+12>:    movk    x1, #0x10a0
   0x00007fffe3278e88 <+16>:    add     x16, x16, x1
   0x00007fffe3278e8c <+20>:    adrp    x1, 0x7fffec984000 <ROM_HEADER>
   0x00007fffe3278e90 <+24>:    add     x1, x1, #0x508
   0x00007fffe3278e94 <+28>:    mov     w0, #0xa4000000                 // #-1543503872
   0x00007fffe3278e98 <+32>:    stp     x19, x20, [x16]
   0x00007fffe3278e9c <+36>:    stp     x21, x22, [x16, #16]
   0x00007fffe3278ea0 <+40>:    stp     x23, x24, [x16, #32]
   0x00007fffe3278ea4 <+44>:    stp     x25, x26, [x16, #48]
   0x00007fffe3278ea8 <+48>:    stp     x27, x28, [x16, #64]
   0x00007fffe3278eac <+52>:    stp     x29, x30, [x16, #80]
   0x00007fffe3278eb0 <+56>:    sub     x29, x16, #0xa0
   0x00007fffe3278eb4 <+60>:    ldr     x19, [x1]
   0x00007fffe3278eb8 <+64>:    add     w0, w0, #0x40
   0x00007fffe3278ebc <+68>:    bl      0x7fffe324bfd0 <new_recompile_block>
=> 0x00007fffe3278ec0 <+72>:    ldr     w20, [x29, #256]
   0x00007fffe3278ec4 <+76>:    br      x19
End of assembler dump.

(gdb) info registers

x0             0x0                 0
x1             0x7fffe9ffe000      140737119248384
x2             0xfffffffffffc0e3c  -258500
x3             0x2                 2
x4             0x7fffe97fee3c      140737110863420
x5             0x7fff8cca5528      140735555458344
x6             0x40                64
x7             0x7fffe3334000      140737005174784
x8             0x7fffe33340a8      140737005174952
x9             0x7fffe97fe000      140737110859776
x10            0x7fffe97fe000      140737110859776
x11            0xd0001de           218104286
x12            0x263101013c110101  2751981952114426113
x13            0x16110005          370212869
x14            0x8e1000043c10a430  -8210062102508821456
x15            0x263101013c110101  2751981952114426113
x16            0x7fffe33302e8      140737005159144
x17            0x7ffff5b4b440      140737315648576
x18            0x63d5e2c1          1674961601
x19            0x7fffe97fe000      140737110859776
x20            0x80005000          2147504128
x21            0x2                 2
x22            0x7fffe37d4b70      140737010027376
x23            0x7fffebffd000      140737152798720
x24            0x7fffe8efd0e0      140737101418720
x25            0x7fffec984260      140737162789472
x26            0x7fffe37d4cb8      140737010027704
x27            0x800000            8388608
x28            0x7fffec984234      140737162789428
x29            0x7fffeb7fe000      140737144414208
x30            0x7fffe3278ec0      140737004408512
sp             0x7fff957c3670      0x7fff957c3670
pc             0x7fffe3278ec0      0x7fffe3278ec0 <new_dyna_start+72>
cpsr           0x60001000          [ EL=0 BTYPE=0 SSBS C Z ]
fpsr           0x12                [ DZC IXC ]
fpcr           0x1000000           [ Len=0 Stride=0 RMode=0 FZ ]
tpidr          0x7fff957c6d00      0x7fff957c6d00
tpidr2         0x0                 0x0

relevant info proc mappings

      0x7fffe3040000     0x7fffe3320000   0x2e0000        0x0  r-xp   /opt/retropie/libretrocores/lr-mupen64plus-next/mupen64plus_next_libretro.so
      0x7fffe3320000     0x7fffe3330000    0x10000   0x2e0000  r--p   /opt/retropie/libretrocores/lr-mupen64plus-next/mupen64plus_next_libretro.so
      0x7fffe3330000     0x7fffe33c4000    0x94000   0x2f0000  rw-p   /opt/retropie/libretrocores/lr-mupen64plus-next/mupen64plus_next_libretro.so

[benjamintmiller]

Okay, it looks like the piles of undefined instructions do end at the memory address where the segfault happens:

   0x00007fffe97fdff0 <g_dev+9441264>:  udf     #0
   0x00007fffe97fdff4 <g_dev+9441268>:  udf     #0
   0x00007fffe97fdff8 <g_dev+9441272>:  udf     #0
   0x00007fffe97fdffc <g_dev+9441276>:  udf     #0
=> 0x00007fffe97fe000 <g_dev+9441280>:  mov     w0, #0x0                        // #0
   0x00007fffe97fe004 <g_dev+9441284>:  str     w0, [x29, #1464]
   0x00007fffe97fe008 <g_dev+9441288>:  str     w20, [x29, #256]
   0x00007fffe97fe00c <g_dev+9441292>:  str     x0, [x29]
   0x00007fffe97fe010 <g_dev+9441296>:  mov     w0, #0xd                        // #13
   0x00007fffe97fe014 <g_dev+9441300>:  mov     w1, #0x0                        // #0
   0x00007fffe97fe018 <g_dev+9441304>:  mov     w2, #0xa4000000                 // #-1543503872
   0x00007fffe97fe01c <g_dev+9441308>:  movk    w2, #0x40
   0x00007fffe97fe020 <g_dev+9441312>:  bl      0x7fffe322a7a4 <MTC0_new>
   0x00007fffe97fe024 <g_dev+9441316>:  ldr     x0, [x29]
   0x00007fffe97fe028 <g_dev+9441320>:  str     w0, [x29, #1464]
   0x00007fffe97fe02c <g_dev+9441324>:  str     w20, [x29, #256]
   0x00007fffe97fe030 <g_dev+9441328>:  str     x0, [x29]
   0x00007fffe97fe034 <g_dev+9441332>:  mov     w0, #0x9                        // #9
   0x00007fffe97fe038 <g_dev+9441336>:  mov     w1, #0x2                        // #2
   0x00007fffe97fe03c <g_dev+9441340>:  mov     w2, #0xa4000000                 // #-1543503872
   0x00007fffe97fe040 <g_dev+9441344>:  movk    w2, #0x44
   0x00007fffe97fe044 <g_dev+9441348>:  bl      0x7fffe322a7a4 <MTC0_new>
   0x00007fffe97fe048 <g_dev+9441352>:  ldr     x0, [x29]
   0x00007fffe97fe04c <g_dev+9441356>:  ldr     w30, [x29, #260]
   0x00007fffe97fe050 <g_dev+9441360>:  tst     w30, w30
   0x00007fffe97fe054 <g_dev+9441364>:  b.eq    0x7fffe97fe05c <g_dev+9441372>  // b.none
   0x00007fffe97fe058 <g_dev+9441368>:  b       0x7fffe3278e1c <do_interrupt>
   0x00007fffe97fe05c <g_dev+9441372>:  ldr     w20, [x29, #256]
   0x00007fffe97fe060 <g_dev+9441376>:  str     w0, [x29, #1464]
   0x00007fffe97fe064 <g_dev+9441380>:  str     w20, [x29, #256]
   0x00007fffe97fe068 <g_dev+9441384>:  str     x0, [x29]
   0x00007fffe97fe06c <g_dev+9441388>:  mov     w0, #0xb                        // #11
   0x00007fffe97fe070 <g_dev+9441392>:  mov     w1, #0x4                        // #4
   0x00007fffe97fe074 <g_dev+9441396>:  mov     w2, #0xa4000000                 // #-1543503872

[richard42]

Benjamin, this is good debugging info here, but I suspect that this is a different problem than the one originally reported by retropieuser. He was experiencing the crash with the mupen64plus console UI, while I see that you are a running retroarch/libretro, which is a fork of mupen64plus and a different code base.

In your case, we can see that the code branched to 0x7fffe324bfd0 (start of new_recompile_block()) but then somehow ended up crashing at 0x00007fffe97fe000, which is 100 megabytes away in the memory map. It's not clear how it got from that starting place all the way to the end.