Glitch City Laboratories Archives

Glitch City Laboratories closed on 1 September 2020 (announcement). This is an archived copy of a thread from Glitch City Laboratories Forums.

You can join Glitch City Research Institute to ask questions or discuss current developments.

You may also download the archive of this forum in .tar.gz, .sql.gz, or .sqlite.gz formats.

Generation II Glitch Discussion

Pokémon Gold/Silver Virtual Console glitch confirmation - Page 1

Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Torchickens
Date: 2017-09-21 09:41:42
Pokémon Gold and Silver come out for 3DS Virtual Console on September 22, and as of now in Japan, Australia and New Zealand are already available to download.

Discuss glitches here.

Does the Coin Case glitch work? I'm waiting until the game comes out in Europe and will try it if the answer hasn't been found before.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: forsyz
Date: 2017-09-21 10:04:21
yes it does i tested it coincase and cloning do work. when you press print or try to print your pokemon team with that guy in that house it doesn't let you use yes. mystery gift also does work to.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Torchickens
Date: 2017-09-21 10:18:58

yes it does i tested it coincase and cloning do work. when you press print or try to print your pokemon team with that guy in that house it doesn't let you use yes. mystery gift also does work to.


Awesome. Thanks for testing it on VC! Did you test just the Glitch Dimension? Hopefully arbitrary code execution works as well.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: SatoMew
Date: 2017-09-21 10:33:16
Hopefully the patch files will be made available soon :)

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Stackout
Date: 2017-09-21 12:06:53
Here are the patches: https://a.pomf.cat/ojjism.7z

Interestingly there are patch files for Crystal included, meaning that a Crystal VC release may still happen (or perhaps they abandoned it after realising they'd need to do something about the GB Mobile Adaptor in the Japanese version).

As with R/B, the patch files include comments with some IDA output and some actual src:


;0x29e97
;  call ir_main
; ld d,a ; IR_STAT
; xor a




;  _IRcomm_end  0x2a1b9
; ld hl,ir_read_buf                |      21 50 c7 
; ld de,ir_read_buf_stk            |      11 00 c8
; ld bc,15                        |
; call block_move                  |
;                                  |


;3e 3f 21 92 51 cf cd df 65 00   
; ------->
; BCALL G_BANK0b,set_send_data2
; call read_buf_clr
;


Interesting that the "official" bankswitched call macro takes a bank as well as function address. I guess the official GB/C compiler and linker are inferior to rgbds and doesn't have an inbuilt feature to get the bank number that a symbol is in.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: SatoMew
Date: 2017-09-21 13:17:36
Thanks, Wack0!

Seems like the patches target Japanese Gold and Silver 1.1 and English Crystal 1.1.

The first patch in [tt]CGBBXTJ0.534.patch[/tt] (Japanese Crystal) concerns the Mobile Adapter GB:


[MAcheck]
Mode = 1
Address = 0x16C000
Fixcode = 0xC9


The relevant function in the English version disassembly.

The original value of address [tt]16C000[/tt] is [tt]F0[/tt]. This disables the Mobile System GB boot screen but does not seem to affect the availability of the Mobile System GB features in save files on which it has already been unlocked.

The string "MURIYARI" also appears as a comment immediately before some link-related modifications. I initially thought it was a staff member's name (full list) but the word refers to doing something against someone's will so I wonder what exactly is the meaning here.

Jynx's color was also changed in Japanese versions since only Western Gold, Silver, and Crystal had censored the design back in 2000 and 2001. Korean Gold and Silver originally use the Japanese sprites and I'm not seeing Jynx mentioned on the Korean patches (the Japanese patches clearly state it directly).

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Háčky
Date: 2017-09-21 13:18:49
;0004e433h: A5 01 00 00 FF 00 FF 00 FF 00 FF 00 FF 00 FF 00 ; ?........
;0004e443h: FF 00 FF 00 FF 00 FF 00 FF 10 00 00 FF 00 FF 00 ; .........
                                                                                                                           
;                                                                                                                         
;00023a9fh: C0 01 00 00 FF 00 FF 00 FF 00 FF 00 FF 10 00 00 ; ?.........                                             
;00023aafh: FF 01 00 00 0A 10 00 00 0A 01 00 00 FF 00 FF 00 ; .............                                             
;                                                                                                                         
;change to below                                                                                                           
;                                                                                                                         
;00023a9fh: FF 00 E0 01 00 00 FF 00 FF 10 00 00 FF 01 00 00 ; .?.........                                             
;00023aafh: 0A 10 00 00 0A 01 00 FF FF 00 FF 00 FF 00 FF 00 ; ...........                                             
;                                                                                                                         
                                                                                                                           
                                                                                                                           
[teaching movie]                                                                                                           
Mode = 1                                                                                                                   
Address = 0x4e433                                                                                                       
Fixcode = a32:FF 00 E0 01 00 00 FF 00 FF 10 00 00 FF 01 00 00 0A 10 00 00 0A 01 00 FF FF 00 FF 00 FF 00 FF 00             


As SatoMew pointed out to me once, theres a minor issue in Japanese Crystal (but not Gold and Silver, I thought?) with an unusually long delay during the Dudes catching tutorial. This patch is applied in all Japanese versions; $2ea9f is the address in Gold and Silver while $4e433 is the Crystal equivalent. I never found out what caused the delay, so I dont know if this fixes it.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Torchickens
Date: 2017-09-21 13:25:41
SatoMew, would you mind releasing a mirror of the patches on a website like Mega please, as I can't access Wack0's link for some reason. Thanks!

I'll also mirror the patch notes here:
https://sites.google.com/site/torchickens2/pokemon-file-comparions


The string "MURIYARI" also appears as a comment immediately before some link-related modifications. I initially thought it was a staff member's name (full list) but the word refers to doing something against someone's will so I wonder what exactly is the meaning here.


Perhaps it's related to link code where the VC forces something to happen. According to the JWPce dictionary this also means "forcibly".

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Stackout
Date: 2017-09-21 13:32:26
Here's a mirror: https://cdn.discordapp.com/attachments/229019211366793216/360481979357200394/GSCpatches.7z

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Torchickens
Date: 2017-09-21 13:33:54

Here's a mirror: https://cdn.discordapp.com/attachments/229019211366793216/360481979357200394/GSCpatches.7z


Thanks Wack0!  :D I've just uploaded it on to my Google Sites as well.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: SatoMew
Date: 2017-09-21 13:35:47

As SatoMew pointed out to me once, theres a minor issue in Japanese Crystal (but not Gold and Silver, I thought?) with an unusually long delay during the Dudes catching tutorial. This patch is applied in all Japanese versions; $2ea9f is the address in Gold and Silver while $4e433 is the Crystal equivalent. I never found out what caused the delay, so I dont know if this fixes it.


Japanese Crystal only iirc, will test this later! :)


SatoMew, would you mind releasing a mirror of the patches on a website like Mega please, as I can't access Wack0's link for some reason. Thanks!


I was getting malware warnings as well. Here's another mirror: https://tknk.io/947X

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Torchickens
Date: 2017-09-21 13:53:30

;—–111111111111111144444444444444—-0xc902 no …………..Mem Write: pc32 = 0xcc46a addr = 0xc902 value = 0xd                             
;                                                                                                                                               
;PC:51-4461=FA 000CC461  LY:006 AF:0080 BC:E401 DE:0001 HL:C900 SP:DFAB                                                                         
;PC:51-4464=FE 000CC464  LY:006 AF:0080 BC:E401 DE:0001 HL:C900 SP:DFAB                                                                         
;PC:51-4466=D0 000CC466  LY:006 AF:0070 BC:E401 DE:0001 HL:C900 SP:DFAB                                                                         
;PC:51-4467=CD 000CC467  LY:006 AF:0070 BC:E401 DE:0001 HL:C900 SP:DFAB —–  happend only once while the explosive animation begin.           
;000cc471h: FA 19 CA FE                                   

; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf7e value = 0x8f
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf7f value = 0x91
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf80 value = 0x84
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf81 value = 0x92
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf82 value = 0x84
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf83 value = 0x8d
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf84 value = 0x93
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf85 value = 0x50


DMGAAUP0 seems to be one of the English Golds. Interestingly CF7E-CF85 is a string buffer and this appears to be to do with the string "PRESENT" (8F 91 84 92 84 8D 93 50).

The only Present oddities I know are the Present damage glitch and this little text glitch:

[img]https://i.imgur.com/ExSjsZc.png[/img]

Edit: But also, it seems you can use Present when the foe is at full HP and not get the above overlapping message (this happens during the explosive animation as well).

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Háčky
Date: 2017-09-21 14:01:12


;—–111111111111111144444444444444—-0xc902 no …………..Mem Write: pc32 = 0xcc46a addr = 0xc902 value = 0xd                             
;                                                                                                                                               
;PC:51-4461=FA 000CC461  LY:006 AF:0080 BC:E401 DE:0001 HL:C900 SP:DFAB                                                                         
;PC:51-4464=FE 000CC464  LY:006 AF:0080 BC:E401 DE:0001 HL:C900 SP:DFAB                                                                         
;PC:51-4466=D0 000CC466  LY:006 AF:0070 BC:E401 DE:0001 HL:C900 SP:DFAB                                                                         
;PC:51-4467=CD 000CC467  LY:006 AF:0070 BC:E401 DE:0001 HL:C900 SP:DFAB —–  happend only once while the explosive animation begin.           
;000cc471h: FA 19 CA FE                                   

; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf7e value = 0x8f
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf7f value = 0x91
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf80 value = 0x84
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf81 value = 0x92
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf82 value = 0x84
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf83 value = 0x8d
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf84 value = 0x93
; ******0xcccccccccffffffff8***********—————  Mem Write: pc32 = 0x3180 addr = 0xcf85 value = 0x50


DMGAAUP0 seems to be one of the English Golds. Interestingly CF7E-CF85 is a string buffer and this appears to be to do with the string "PRESENT" (8F 91 84 92 84 8D 93 50).

The only Present oddities I know are the Present damage glitch and this little text glitch:

[img]https://i.imgur.com/ExSjsZc.png[/img]

Thats for blurring/dimming the move animation, which includes rapid flashing. I dont see any indication of either glitch being fixed.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: Torchickens
Date: 2017-09-21 14:06:02
Right. OK, thanks.

Re: Pokémon Gold/Silver Virtual Console glitch confirmation

Posted by: SatoMew
Date: 2017-09-21 14:43:36

Japanese Crystal only iirc, will test this later! :)


I still get a delay but something did change in the tutorial: you now manually close it instead of waiting for the game to do it (input from the A button is ignored), which fixes the delay, but the initial part remains intact so it still has the issue. I assume they did the same thing for Gold and Silver.