Vicarious Visions: Music does not play (some routines need to be loaded into RAM)

[loveemu]

• Game: Spider-Man 3 etc. (see below, all games are developed by Vicarious Visions)

Music does not play. Foobar2000 will skip the song when played (i.e. silence).

Technical Background

The Vicarious Visions game runs the division function implemented for ARM on IWRAM, but Gaxtapper skips the original memory transfer procedure and calls GAX, so the code reaches an uninitialized memory address and crashes. The function to be called is as follows.

j__udivdi3: @ 8000254
    MOVS            R3, #0
    MOV             R12, R3
    LDR             R2, =0x3000C98
    BX              R2

__udivdi3_arm: @ 87F9F80 -> 3000C98
    RSBS            R2, R1, R0,LSR#31
    SBCCS           R0, R0, R1,LSL#31
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#30
    SBCCS           R0, R0, R1,LSL#30
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#29
    SBCCS           R0, R0, R1,LSL#29
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#28
    SBCCS           R0, R0, R1,LSL#28
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#27
    SBCCS           R0, R0, R1,LSL#27
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#26
    SBCCS           R0, R0, R1,LSL#26
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#25
    SBCCS           R0, R0, R1,LSL#25
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#24
    SBCCS           R0, R0, R1,LSL#24
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#23
    SBCCS           R0, R0, R1,LSL#23
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#22
    SBCCS           R0, R0, R1,LSL#22
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#21
    SBCCS           R0, R0, R1,LSL#21
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#20
    SBCCS           R0, R0, R1,LSL#20
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#19
    SBCCS           R0, R0, R1,LSL#19
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#18
    SBCCS           R0, R0, R1,LSL#18
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#17
    SBCCS           R0, R0, R1,LSL#17
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#16
    SBCCS           R0, R0, R1,LSL#16
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#15
    SBCCS           R0, R0, R1,LSL#15
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#14
    SBCCS           R0, R0, R1,LSL#14
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#13
    SBCCS           R0, R0, R1,LSL#13
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#12
    SBCCS           R0, R0, R1,LSL#12
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#11
    SBCCS           R0, R0, R1,LSL#11
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#10
    SBCCS           R0, R0, R1,LSL#10
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#9
    SBCCS           R0, R0, R1,LSL#9
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#8
    SBCCS           R0, R0, R1,LSL#8
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#7
    SBCCS           R0, R0, R1,LSL#7
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#6
    SBCCS           R0, R0, R1,LSL#6
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#5
    SBCCS           R0, R0, R1,LSL#5
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#4
    SBCCS           R0, R0, R1,LSL#4
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#3
    SBCCS           R0, R0, R1,LSL#3
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#2
    SBCCS           R0, R0, R1,LSL#2
    ADC             R3, R3, R3
    RSBS            R2, R1, R0,LSR#1
    SBCCS           R0, R0, R1,LSL#1
    ADC             R3, R3, R3
    RSBS            R2, R1, R0
    SBCCS           R0, R0, R1
    ADC             R3, R3, R3
    MOV             R1, R0
    MOV             R0, R3
    MOVS            R12, R12,LSL#1
    RSBCS           R0, R0, #0
    RSBMI           R1, R1, #0
    BX              LR

The __udivdi3 function for THUMB, which is often used in other games, resides at 0x8041AE8. However, this function also calls 0x8000254, so changing the trampoline jump destination to 0x8041AE8 will not work.

Any Solution?

Semi-manual ripping...? 🤔

Even if it is difficult to fix the problem automatically, it would be easier to diagnose the problem if it could be detected.

Games that have this problem

• Finding Nemo
• Shark Tale
• Madagascar
• Spider-Man 3
• Shrek The Third
• Over the Hedge
• Tony Hawk's American Sk8land
• Ultimate Spider-Man
• X-Men 2 - Wolverines Revenge
• Jet Grind Radio
• Disney's Extreme Skate Adventure
• Disney's Lion King
• Tony Hawk's Underground
• Spongebob Squarepants: Battle for Bikini Bottom
• Disney's Brother Bear
• Crash Nitro Kart
• Shrek 2
• Crash Bandicoot Purple: Ripto's Rampage and Spyro Orange - The Cortex Conspiracy
• Tony Hawk's Underground 2
• That's So Raven
• Shrek 2 Beg for Mercy
• Codename - Kids Next Door - Operation S.O.D.A.
• Batman Begins
• Madagascar: Operation Penguin

[loveemu]

Closing the issue, as there are no plans to work on this. Reopen it if you want to write something.