It’s possible to use Agent on Android.
The functionality already seems to be there; I just need to figure out how to set it all up. Getting Agent to work on Android would be an absolute game-changer in making immersing with visual novels more accessible.
For rooted devices, I can install frida-server and connect to it with Agent.
Non-rooted devices need more complicated techniques:
- Repackaging the game’s APK with frida-gadget
- Using VirtualApp like modded VirtualXposed to load frida-gadget with the APK
A common point in root and non-root methods involve setting up frida-server either directly or through frida-gadget. Which one should I go with first? Doing some research on the non-root methods revealed projects that haven’t been updated in over 4 years, funky situations with forks, adware, convoluted repackaging methods, and more. Since I’m already being overloaded with enough information, I decided to go with the root method since it seemed simpler.
I also have to keep in mind that libYuzu.js relies on the emulator using dynarmic, while Yuzu on Android has the option of using either dynarmic or NCE (Native Code Execution). The different backends could prove troublesome in hooking the emulator, but that’s a problem for a later time.
I’ll start with PPSSPP.
_ZN8Dynarmic7Backend5Arm6415A32AddressSpace21RegisterNewBasicBlockERKNS_2IR5BlockERKNS1_16EmittedBlockInfoE
_ZNK8Dynarmic7Backend5Arm648RegAlloc16AllocateRegisterERKNSt6__ndk15arrayINS1_11HostLocInfoELm32EEERKNS3_6vectorIiNS3_9allocatorIiEEEE
_ZN8Dynarmic7Backend5Arm648RegAlloc16DefineAsRegisterEPNS_2IR4InstEN6oaknut3RegE
This one encountered error when attaching script hook
_ZN8Dynarmic7Backend5Arm6415A64AddressSpace21RegisterNewBasicBlockERKNS_2IR5BlockERKNS1_16EmittedBlockInfoE
Error: unable to intercept function at 0x77e3e0c770; please file a bug
at value (frida/runtime/core.js:419)
at e (/agent.js)
at jitAttach (C:\StarryShiliu\Software\Agent\data\scripts\libYuzu.js:89)
at onEnter (C:\StarryShiliu\Software\Agent\data\scripts\libYuzu.js:68)
This one encountered error when attaching script hook _ZN8Dynarmic7Backend5Arm649EmitArm64ERN6oaknut13CodeGeneratorENS_2IR5BlockERKNS1_10EmitConfigERNS1_14FastmemManagerE
Location descriptors
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term2IfENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term10PopRSBHintENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6423EmitBlockLinkRelocationERN6oaknut13CodeGeneratorERNS1_11EmitContextERKNS_2IR18LocationDescriptorENS1_19BlockRelocationTypeE
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term9InterpretENS7_18LocationDescriptorEb
Error without entering game _ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term16ReturnToDispatchENS7_18LocationDescriptorEb
Error: unable to intercept function at 0x77cdac095c
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term9LinkBlockENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term13LinkBlockFastENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term10PopRSBHintENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextEN5boost7variantINS_2IR4Term7InvalidEJNSA_9InterpretENSA_16ReturnToDispatchENSA_9LinkBlockENSA_13LinkBlockFastENSA_10PopRSBHintENSA_16FastDispatchHintENS7_17recursive_wrapperINSA_2IfEEENSI_INSA_8CheckBitEEENSI_INSA_9CheckHaltEEEEEENS9_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term8CheckBitENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term9CheckHaltENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term9InterpretENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term16ReturnToDispatchENS7_18LocationDescriptorEb
Error: unable to intercept function at 0x77cf6c6e18
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term9LinkBlockENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term13LinkBlockFastENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term16FastDispatchHintENS7_18LocationDescriptorEb
Error: unable to intercept function at 0x77ceab52f4
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term2IfENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextEN5boost7variantINS_2IR4Term7InvalidEJNSA_9InterpretENSA_16ReturnToDispatchENSA_9LinkBlockENSA_13LinkBlockFastENSA_10PopRSBHintENSA_16FastDispatchHintENS7_17recursive_wrapperINSA_2IfEEENSI_INSA_8CheckBitEEENSI_INSA_9CheckHaltEEEEEENS9_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term8CheckBitENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA64TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term9CheckHaltENS7_18LocationDescriptorEb
_ZN8Dynarmic7Backend5Arm6415EmitA32TerminalERN6oaknut13CodeGeneratorERNS1_11EmitContextENS_2IR4Term16FastDispatchHintENS7_18LocationDescriptorEb
Error: unable to intercept function at 0x77d76cdf18; please file a bug
Causes game to be stuck loading indefinitely _ZN8Dynarmic7Backend5Arm6412AddressSpace9GetOrEmitENS_2IR18LocationDescriptorE