Add Zelda MM ucode from GLideN64

[fzurita]

I'm getting this crash being reported on rare occasions. Here is the backtrace:

#00 pc 0006ce58  /libmupen64plus-video-glide64mk2.so: Routine uc1_branch_z() at ./mupen64plus-video-glide64mk2/src/Glide64/ucode01.h:159
#01 pc 000616bc  /libmupen64plus-video-glide64mk2.so (ProcessDList+5900): Routine ProcessDList at ./mupen64plus-video-glide64mk2/src/Glide64/rdp.cpp:796
#02 pc 00005a04  /libmupen64plus-rsp-hle.so: Routine forward_gfx_task at ./mupen64plus-rsp-hle/src/hle.c:172
#03 pc 0000aed8  /libmupen64plus-rsp-hle.so (DoRspCycles+16): Routine DoRspCycles at ./mupen64plus-rsp-hle/src/plugin.c:182
#04 pc 000c94d0  /libmupen64plus-core.so: Routine do_SP_Task at ./mupen64plus-core/src\device/rsp/rsp_core.c:269
#05 pc 000c92a4  /libmupen64plus-core.so: Routine update_sp_status at ./mupen64plus-core/src\device/rsp/rsp_core.c:144 (discriminator 1)

It seems like we arr accessing past the array here:

  if( fabs(rdp.vtx[vtx].z) <= (rdp.cmd1/*&0xFFFF*/) )

In the line above, the max index is this:

  wxUint32 vtx = (rdp.cmd0 & 0xFFF) >> 1;

And if I did my math right, that's a maximum value of 2047. Unfortunately, the rdp.vtx array only has enough allocated for 256 elements. I went ahead and made the maximum size allow for 2048 elements.

Unfortunately, nobody has told me which game this happens on. The alternate solution would be to make the mask be 0x1FE instead of 0xFFF, which may have been the intention.

[bsmiles32]

Additional info:

• The command "branch_z" to be used in some variants of F3DEX ucode (Zeldas, Mario Kart, Star Fox, Conker Bad fur Day, ...)
• Rice and GlideN64 seems also to use the 0xfff mask for F3DEX ucodes: https://github.com/mupen64plus/mupen64plus-video-rice/blob/master/src/RSP_GBI1.h#L165 https://github.com/gonetz/GLideN64/blob/master/src/F3DEX.cpp#L45 except for Majora's Mask where it uses 0xff: https://github.com/gonetz/GLideN64/blob/master/src/F3DEX2MM.cpp#L10

so I guess that you encountered the crash in Zelda Majora's Mask and that a proper fix would mean doing something like https://github.com/gonetz/GLideN64/commit/43d281e5bdd433a2bd25464254115d31afc6a6c9

[bsmiles32]

... and https://github.com/gonetz/GLideN64/commit/9e8b32fc8928531b5d17eeec1a10ddaefd2af009

[fzurita]

Good call about looking at the other plugins... I should had thought of that. I'll try to backport that ucode from GLideN64 to Glide64.

[fzurita]

Ok, done. @Gillou68310 Can you double check this? I tested Zelda OOT and Zelda MM, it didn't crash or anything, but I don't know what expected behavior is with the ucode change.