Glitch City Laboratories Archives

Glitch City Laboratories closed on 1 September 2020 (announcement). This is an archived copy of a thread from Glitch City Laboratories Forums.

You can join Glitch City Research Institute to ask questions or discuss current developments.

You may also download the archive of this forum in .tar.gz, .sql.gz, or .sqlite.gz formats.

Generation III Glitch Discussion

Oh God What Have I Done (R/S Decamark 0x88A6) - Page 1

Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-11-29 13:57:26
EDIT: I see Torchickens used this on YouTube. I was only twelve when I wrote this lol.

So I was looking at a few gameshark codes and using every 4 digits as a decamark to examine. I used the rare candy cheat: 280EA266 88A62E5C. But, when I got to the third pair, 88A6, <–useless backstory

I typed in the code (83007D22 88A6) and got it normally and stuffs.

Then I did the following:

1. Looked at Treecko's summary, turned to second page. (Glitched 2nd type crashes the game)
2. Hit down to go to 88A6's summary page 2.
3. It halted for about 6 seconds, then resumed.
4. Exited out to PkMn menu.
5. Exited to main player menu.

[glow=red,2,300]My name was corrupted. So was my sprite and position.[/glow]

I will attach a picture of what this looks like.

Anyway I saved, just to test.

When I restarted, it said the file data was destroyed, but it was still there, able to continue like normal.

Can anybody get use out of this?

EDIT: [tt]these effects are the bestttttt[/tt]The save file doesn't work, so only do this save on an emulator with save states.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-11-29 14:10:45
[glow=green,2,300]SIGNIFICANT UPDATE[/glow]: The game gives you a glitched HM:

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: VaeporSage
Date: 2014-11-29 16:27:05
Neat. I'm thinking that if I hatch an 88A6 via Glitzer Popping in Emerald (which may or may not freeze the game) then trade it to Ruby, I could mess around with this on a real cartridge without hacking.

I just need to know the amount of, and the distribution of, the EVs to put on a Pokémon in order to corrupt it into an 88A6 Egg. :)

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-11-29 18:06:55
That would be 136 Attack EVs (88h) and 166 HP EVs (A6h).

Edit: Nice. I did what you did and replicated the effects. I mysteriously warped closer to Verdanturf Town from Route 117 and corrupted my name like you. I also enabled a 'walk through walls enabled' effect, but it went off when I went back to Verdanturf Town. I'll try and see if you can obtain an 88A6 on Emerald and trade it to Ruby some time, unless Vae beats me to it.

Maybe you can get an effect like this with an Emerald glitch Pokémon; which would mean you don't have to trade.

Edit 2: Got a freeze before my 88A6 Egg hatched unfortunately; a black screen came up before the hatching sequence.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-11-30 09:54:24
@torchickens

Emerald Decamarks freeze above somewhere around 0350… So I doubt it could be traded from work on emerald

maybe I'll try to find something like it, 88a5 and 88a7 don't do it

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-11-30 13:24:54
[glow=red,2,300]NEW UPDATE[/glow]: Decamark 0x2007 has an effect like this, but better.

The setup is the same as before, but with 2007 instead of 88A6.

1. Gives you 12288 of 8 different ????????'s
2. Gives you POKéDEX (doesn't work)
3. Gives you POKéNAV
4. Gives you $803518656, unlike 88A6 which makes you have $0
5. Gives you 13621:01

Edit: also gives you the 7th badge, 9999W 6207L in link battles!

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-22 16:40:57
I found a fun trick with your 0x2007 glitch. I hope it works universally for all save files; i.e. not determined by the memory.

1) Go to Evergrande City by the Pokémon Center or Pokémon League building.
2) Do the corruption glitch via 0x2007's summary.
3) Exit out and you will be surrounded by water.
4) Go one step up and you'll go in the building, but your sprite will become a doll! The walking animation seems to make the doll change.
5) Opening the Pokémon menu once will partially fix the sprite back to Brendan's (I'm not sure if it would partially fix it to May if you're playing as her). Opening it again will fix the sprite, until you walk out/in again.

[img]http://i1.minus.com/iWbjEIZhMeEZy.png[/img][img]http://i1.minus.com/iZakCaGXEyFuZ.png[/img][img]http://i6.minus.com/ibr6sdnzQVlKwG.png[/img]
[img]http://i5.minus.com/i27dKM0h1gEdF.png[/img][img]http://i5.minus.com/ib0n0U8PDKyfHN.png[/img][img]http://i4.minus.com/iuGQ2d5KaFxVL.png[/img]
[img]http://i3.minus.com/ibufHlGhns8dfV.png[/img][img]http://i3.minus.com/ivwhxgIRyWNA2.png[/img]

Wack0, is there a way to use your Hacking Suite mod to look for glitch Pokémon with long names in Emerald?

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-12-23 07:47:13
@torchickens

Actually, the 2000-2400 area looks good, a lot of them are long-named

Edit: I had also posted a video of a brown glitch screen a few days back. Check it:
https://m.youtube.com/watch?v=myiojde97Js


Edit2: Yes, I am supposed to be in school, but I felt sick in my stomach, so I am at hOme

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-23 09:03:59

@torchickens

Actually, the 2000-2400 area looks good, a lot of them are long-named


Ah really? Thanks.


Edit: I had also posted a video of a brown glitch screen a few days back. Check it:
https://m.youtube.com/watch?v=myiojde97Js


I've also got this, but I originally got a 'cleaner' one. I did the glitch here and then stepped right instead of up.

[img]http://i.minus.com/iO9kLWHQNm3nA.png[/img][img]http://i.minus.com/iEI8c8tM1xDbm.png[/img]

These glitch screens are certainly interesting. We have red (trainer corruption), magenta (from -; hex:019C in FireRed), brown (this) and light blue/green (hex:DEAD's summary after scrolling down). I wonder how many we can get? :D

Additionally, TheZZAZZGlitch got a blue screen from arbitrary code execution, so maybe he may know what can trigger them and how they work? I would personally like to know.


Edit2: Yes, I am supposed to be in school, but I felt sick in my stomach, so I am at hOme


I'm sure no one minds/don't worry it's not your fault that you're sick and it's almost Christmas anyway (surely you break up then?)

Edit:

0x2007's name is "[77]  [77][66] [70][65][76] [67][PO][66] [67][Ké][75]            [77]  [67][77]  [66][Ké] [67][PO][76] [PO][65][76]  [67][66][66][40][77][66][76][40][7C][77][66][77]
[77][77][70]M" according to Extended Generation III Suite and 0x88A6 is just… "[EF]m-ò;uï[31][74]zkz[EF]", but both names don't look like that for me. The program might unfortunately be bugged in that respect. I must also consider that it might not even be the name that does this at all, even though it seems likely it's a buffer overflow from its species name.

EF is an ">" according to this but I'll have to check if it does anything else.

Edit 2: When I used 88A6 corruption, I kept my 8 badges (maybe it changed to 7 last time, I'm not sure). With my corrupted name I went to the Pokémon League and threw a Poké Ball against Sidney's Mighteyena (note that I was given no money and no balls, so I had to sell stuff and buy a ball). After some cool corruption (including glitch tiles appearing in the message box, the battle background going mainly light blue, and the screen going mainly black) I was able to use the ball on Mighteyena as if it was a wild Pokémon and possibly catch it.  Additionally, the screen went more normal (but not fully) after Mighteyena used Crunch. This is not as 'good' as glitch move corruption, it takes much longer and we don't know how to do this without cheats yet (right?), but I think it's still cool.

Edit 3: Additionally, I got this "The HALL of FAME data is corrupt." message with 88A6. I knew about this before, however, we may be able to get it without cheats if we find a hatchable Emerald corruption Pokémon. You just have to wait a while for the game to load your overly long name from 88A6 when booting up the PC.

[img]http://i.minus.com/ibsT4bFYHfus1x.png[/img]

Edit 4: If you catch a new Pokémon with your glitched name, your OT may look blank, but viewing the summary of that Pokémon within a Trainer battle can turn it into a wild battle, even though the game doesn't pause/take any time scrolling the name.

I just thought of something where a 'long player name' may be better than a 'long move name' too. Perhaps you could turn Safari Zone battles into normal battles.

Edit 5: That Safari Zone thing didn't work. Corruption does occur, but the menus don't change and when I tried to throw a ball the game seemed to lock up. Note that I had to hack in a Pokéblock Case to do this; all my items were removed after the glitch and maybe all my stored items (I tried depositing it first but either the glitch removed it or I forgot to deposit). In theory, you could have it so you haven't received the Pokéblock Case yet, and then receive it after the corruption.

[img]http://i.minus.com/ibyWz5cxSwn8v8.png[/img]

Edit 6: This is a lot of edits! But I got a glitch Secret Base ornament called VV(…). Just viewing its name corrupted my name again, and gave me different start menu options. Sometimes its name causes a Glitch City like effect, but opening and closing a menu may make it less glitchy. One time, I got 'retire' and retired from a Safari Zone game I didn't even enter, and I was surfing on an invisible Pokémon when I returned to the Safari Zone building. This is crazy, I love it.

Using it placed an invisible object in the room and you could move out of bounds for the placing thing.

What's good about this is you may be able to do this name glitch with the access Pokémon beyond the sixth slot glitch without Glitzer Popping, as TheZZAZZGlitch demonstrated you can get glitch decorations.

[img]http://i.minus.com/ibszLAp4N7EqY8.png[/img][img]http://i.minus.com/ibvX4Edlt6fKr9.png[/img]
[img]http://i.minus.com/ibujimKw8JF1vX.png[/img][img]http://i.minus.com/iPpJI5zHGS8pO.png[/img]

(No screenshot of retiring from the non-existing Safari Zone game unfortunately as I couldn't replicate it).

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-23 12:14:56
Don't want to make even more edits, this is more easily quotable this way, so I'm going to add here that I replicated the 'retire' option and more! This was all caused by the Secret Base item's name:

The game corrupted my Secret Base items again, giving me the max of everything:

[img]http://i.minus.com/ibpV4c7rIVbnYa.png[/img]

They were mainly Pretty Desk in every category:

[img]http://i.minus.com/ieWSBKx0zrvcP.png[/img]

Choosing to Put Away made my character look like May and the game would freeze or reset if I moved:

[img]http://i.minus.com/iUMnks7fXbKL9.png[/img]

I am "trapped" in the Glitch City:

[img]http://i.minus.com/iTDfF2Iwos6wI.png[/img]

But I can retire from a Safari Zone game I haven't even started after a little screen corruption! :

[img]http://i.minus.com/ibjfrg55wpQ3gg.png[/img][img]http://i.minus.com/ilK6FpVYLDeXV.png[/img]
[img]http://i.minus.com/i3NhOJd3B1z3o.png[/img][img]http://i.minus.com/iblyYVcy17t6zv.png[/img]

At the Safari Zone entrance the Secret Base music is still playing.

[img]http://i.minus.com/ibyg6Q6kL5fj3A.png[/img]

Some other corrupted data after the Secret Base item corruption and 88A6:

"Who is this Rabumi" ( ) -

[img]http://i.minus.com/ibT9VO8Q5MN4V.png[/img][img]http://i.minus.com/iU5fAY5tZ7XYq.png[/img]

Broken Pokédex -

[img]http://i.minus.com/iboM1u1xeaUUpf.png[/img]

99999 battles in Trainer's Eyes:

[img]http://i.minus.com/i5XldXPuVXezu.png[/img]

Items (May's bag):

Many ???????? x5325:

[img]http://i.minus.com/iNjwxacV7U2bN.png[/img]

Many registered ???????? Key Items:

[img]http://i.minus.com/iMWgulIjzRZHh.png[/img]

Many "HM52916 Mega Punch" (lol). Can't use then, gives the unusable message :( :

[img]http://i.minus.com/i6aG7sC0LDUNg.png[/img]

Many No?2 glitch berries. They even seem to have their own glitch tag! But I couldn't back out from the tag:

[img]http://i.minus.com/ihZhuY45nJLUR.png[/img][img]http://i.minus.com/iS5LZ7sJ2s6LZ.png[/img]

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: VaeporSage
Date: 2014-12-23 12:32:47
It's probably unlikely that the VV(…) decoration exists in Emerald, unless its equivalent happens to work identically.

Either way, this is really showing lots of potential. All kinds of Decamarks and decorations will cause lots of other glitch effects. Before long, this could be the second glitchiest generation ever…

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-23 12:42:37

It's probably unlikely that the VV(…) decoration exists in Emerald, unless its equivalent happens to work identically.

Either way, this is really showing lots of potential. All kinds of Decamarks and decorations will cause lots of other glitch effects. Before long, this could be the second glitchiest generation ever…


I think when you consider how arbitrary some of these glitches are it already is the second glitchiest generation. If there were a greater variety of major 'natural' glitches (i.e. glitches that do not require other glitches) it would rival Generation I even more than it does now.

I am hesitant to say it would beat it because you'd expect that a later generation console would have more stable games, and we know that Generation III has protective measures like the Decamark sprites (though I don't know how important this is, you still get discoloured and flipped Decamark sprites and Spoink got a totally glitched sprite) and memory randomization (making hidden party glitches harder, though you still end up corrupting things). But surprisingly we have got things in Generation III which you'd think something a later console wouldn't handle and would cause a lock-up (or unexpected error message on a console like the Nintendo 3DS).

However, Generation IV has major glitches as well, like tweaking, sending out what is believed to be a 'hex:0000' with Generation IV Pomeg if you like, and in the Japanese versions, various things including Elite Four door glitch, broken escalator glitch (though I can't replicate this in my early Japanese Diamond copy), underground Sunyshore bridge glitch and who knows what else. It is at least the third glitchiest generation.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: VaeporSage
Date: 2014-12-23 12:48:35
At the moment, I would call Gen II more glitchy due to Bad Clones and Coin Case abuse to the point of well-developed arbitrary code execution. Once Gen III gets that far, it earns silver.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-23 13:36:31
Oh. Yep.

I agree access to powerful arbitrary code is really important, even though the requirements may take time, or resetting if you need certain TMs, or maybe item cloning (but quantities over 1 can possibly be avoided if you use the ld bc,$aabb (01 bb aa) operation).

TheZZAZZGlitch did Emerald arbitrary code execution without hacking to modify the save location to the Hall of Fame, however, it is TAS only because you need to know a checksum for the code.

I think Emerald ACE is also less accessible in the way that a value (which apparently determines memory locations) has to be 06, but on your save it may be an odd number, and since saving reduces it by 02 every time (or to 0D if it was 01), you may not be able to access 06. I've tried doing Generation III arbitrary code myself but haven't been able to. :(

Arbitrary code execution in Gold is much more accessbile (all you need is a Coin Case and certain Pokémon and a set up for somewhere else). Plus you may be able to write longer codes, I'm not sure. But you can certainly do more powerful things than what you can do in Emerald with Gold Coin Case arbitrary code, at least at the moment.

With the Coin Case you can still get cool effects without planned code, like glitch dimensions, glitchy coin counts, freezes, this chaotic glitch and I think tile corruption.

The bad clone glitch is important as well. If you're good at it, it opens up party Pokémon corruption, the Johto guard glitch, glitch Unown and the Trainer House glitch, werster's map distortion glitch (Crystal) and the Celebi glitch of course, without complex requirements.

Plus there is the duplicate key items glitch that you can get with arbitrary code from Generation I or theoretically the bad clone glitch when cloning Pokémon holding relevant key items, and you can use that to set the GS Ball inspected flag in Crystal or for different arbitrary code, like arbitrary code execution with TM33 in Crystal (but I find doing all that complicated, you know the details).

What generation has a better variety of 'natural' game glitches; glitches that you can do without another glitch? Generation II or Generation III? Well I've realized it isn't the number that matters for how glitchy a game may look, because the 'surf on land' glitch (JP Ruby) is not as major as the 'Dewford footprint glitch', for instance, but on the other hand if there were a lot 'minor' glitches that were easily noticeable together they would make the game look glitchy.

I like some Generation III glitches more than Generation II for their stereotypical 'glitchy' behaviour, like the names of glitch moves corrupting battles so that you can run/turn it into a double battle, etc. and exiting a battle after hidden party glitch and ending up in the middle of the water or in trees.

Sorry if my post is long. I hope it's OK.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Stackout
Date: 2014-12-23 15:07:54

0x2007's name is "[77]  [77][66] [70][65][76] [67][PO][66] [67][Ké][75]            [77]  [67][77]  [66][Ké] [67][PO][76] [PO][65][76]  [67][66][66][40][77][66][76][40][7C][77][66][77]
[77][77][70]M" according to Extended Generation III Suite and 0x88A6 is just… "[EF]m-ò;uï[31][74]zkz[EF]", but both names don't look like that for me. The program might unfortunately be bugged in that respect. I must also consider that it might not even be the name that does this at all, even though it seems likely it's a buffer overflow from its species name.


There is indeed a bug related to there, mainly because at the time I couldn't be bothered to (at least partially) emulate the GBA memory map, and so therefore if the name pointer is to beyond the end of the ROM it uses the text from (pointer % ROM size) or something like that. I need to fix that when I get time.