Glitch City Laboratories Archives

Glitch City Laboratories closed on 1 September 2020 (announcement). This is an archived copy of a thread from Glitch City Laboratories Forums.

You can join Glitch City Research Institute to ask questions or discuss current developments.

You may also download the archive of this forum in .tar.gz, .sql.gz, or .sqlite.gz formats.

Generation III Glitch Discussion

Oh God What Have I Done (R/S Decamark 0x88A6) - Page 2

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-23 15:26:55
OK, thanks for your reply! I think the species names from the ROM needs revising as well, I'm afraid to say, because G3ES says 0x2FD's species name is "DOOM DESIRE", when in actuality it's "NCE".

Edit: Emerald 0x033F is called BOOST. Maybe that's the true end of the list, or near it.
Edit 2: I found a glitch symbols name non-freezing Decamark with Attack EV:03 HP EV: 73 (hex:0349), but its name has various characters superimposed on each other and you get a freeze on the summary, second page or not. I'll keep searching. I also tried viewing its name in the Battle Dome contestants screen, I got no freeze but no corruption either.

Edit 3: No luck yet, I've got to 3 Attack 108 HP (0x036C). Not that far away from BOOST, but it may be that this superimposing thing prevents the glitch from working. I talked to a news reporter in Slateport's Pokémon Fan Club for a few of these Pokémon and she said the original names, but it may not have been long enough for corruption. If you want to test this quickly, get SEASOR the Horsea and maybe DOTS the Seedot (has to be the in-game trade Pokémon), edit its HP and Attack EVs with A-Save, put it in the first position and modify address 020244EF to 40 with memory viewer, then use the quick egg hatch code.

I tried 0xC7A3 (HP 131 Attack 199). I used a random number generator for the HP and Attack values. It gave a murky green screen when scrolling up to page 2 of its status. New glitch screen. :P
[img]http://i.minus.com/ibymkl1KBXU5MP.png[/img]

Oh, I'm not actually sure why I tried such a late index number, because its name may be taken from memory and not the ROM if it's that late.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Stackout
Date: 2014-12-24 08:49:40
Regarding the bug in G3EH, I just used IDA and the no$gba debugger (which I found somewhere on the internet) to find out how the game ACTUALLY gets the Pokémon name.

It basically does
strcpy(pokemon->name,&PokemonNames[NAME_LENGTH * PokemonIndexNumber]);

In other words, the start of the name is actually the greatest valid name length (11) multiplied by the index number, rather than how I was getting it, which was using the bytes directly after the previous terminator.

I've modified G3EH to do the same thing, I'm just testing it out right now.

edit: …oh it HAS to make the load time higher doesn't it

edit: and I'm finding decamarks that could potentially have really long names here. Someone try R/S 0xA53D, if my calculations are correct its name is 188,288 bytes long..

edit: I've modified it such, that if the name is over 100 bytes long, it just shows the hex identifier and the length of the name, instead of the full name. Because it's very likely you'd get out of memory otherwise, and also it would take 30 minutes to load a ROM. Now it takes maybe 1-2 minutes, and most of that is the dialog being rendered.

[img]http://i.imgur.com/ef7mRy7.png[/img]

I'll upload the latest version asap.

edit: Released the latest update.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-12-24 14:43:39
0xA53D crashes

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-24 16:05:21
Wack0, you're a genius.  ;) With your tool, I found Emerald hex:1337 has a name length of 17523, and you should be able to get it with Glitzer Popping because I hatched one. Even though the 'normal' method (view the second page of a summary and scroll up) doesn't work, talking to a news reporter in Slateport's Pokémon Fan Club and having her say the glitch Pokémon's name does. Only problem is you can't escape, like in my NPC text corruption's mass corruption effect. Your Pokémon are turned into Bad Eggs so even if Teleport would work you can't use it, and maybe the game would freeze anyway.

I will have to try a shorter name.

Edit: 0x15B1 (length 10549) corrupts the Pokémon (gave me three Bad Eggs, one that seemed to be a 0x000 Decamark Bad Egg, and set the party counter to three)  but not the items or overworld data it seems. It corrupted my party Pokémon sprites too. I wonder if it's possible to corrupt these addresses TheZZAZZGlitch mentioned ~$2028070 - Secret base decorations ~$2025F80 - Items in bag ~$2025EF0 - Boxed items, and make it so you can escape (note though those addresses aren't constant according to TheZZAZZ). Since personality value is 020244EC, it's not that far away.
Edit 2: 0x1552 (length 11594) is another party Pokémon corrupter.
Edit 3: Lol, check out 0x146F (length 14080) - this one seems to be just right. It corrupts your name and items but lets you move. Secret Base items I don't know, but it corrupts your name so you may be able to get glitch Secret Base items with that method of corruption, possibly including long name ones. You can do beyond slot six corruption outside of battle. You can get it in Emerald with 20 Attack EVs, 111 HP EVs.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Spoink
Date: 2014-12-24 20:01:57
I realized something: Decamarks are terrible. With all the restrictions like the blue glitch screen and the freeze encounters, most freeze anyway. I'll post statistics soon, but why are all these restrictions exist?

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2014-12-24 22:35:55
Who knows. It may be something like the Decamark's ability, something to do with its sprite? Something else like a bad Pokédex flag? Sorry, I unfortunately don't know much about the inner workings of Generation III.

I am going to take a break from looking for long name Decamarks that allow glitch decorations, because with the hidden party glitch we may be able to get a long name glitch decoration anyway even though the items you can get are limited. I have achieved what I wanted to do other than that.

I tried a length that corrupted the key items (other than 0x1337's 17523; a shorter one than that), indicating it was closer to corrupting Secret Base items or maybe did, but this glitch Pokémon's name messed up my position on the overworld trapping me/making a freeze if I moved. It didn't seem that far away from 14080 (maybe a 16K something length? I'm not sure) Perhaps I just haven't checked well enough for a "Goldilocks" length, which would not corrupt your position but would give you glitch Secret Base items. I could try to get "Retire" to come up in the menu to escape from the Pokémon Fan Club too, assuming that would even work.

I don't know exactly why I'm searching for a way to get a Secret Base long name glitch item with this, however, it may allow more glitch items than through direct hidden party corruption. You can only get bit 0 and 2 (+05), bit 6 (+40) or bits 0, 2 and 6 (+45) (through double corruption) on Secret Base items with just the hidden party glitch in theory, but with a Decamark, you may get more results you can't get otherwise, and different types of them may give different decorations.

By the way, I said that one of these corruptions allowed outside of battle hidden party glitch. I think I may have been mistaken because scrolling up may not have done anything.

I haven't been able to use the PC with all my corruptions so far. The game would freeze after my name was displayed and it was booted up. Additionally, with one Decamark's corruption Pokémon Centers would break the start menu or the PC, or make the game freeze after you step on an escalator or leave.

Last note, 0x1412 (length 15114) is good in the way it leaves your sprite/battle sprite to Brendan, letting you fight. However, I noticed no long player name battle corruption (i.e. Trainer battle into a wild battle, etc.) after trying to use a Fluffy Tail in a Trainer battle and getting my long name to come up in Dad's advice. But in the Safari Zone the game acted as if I was in a non-Safari battle, with Girafarig attacking the player.

I need to go to bed and enjoy Christmas with my family. May be taking a break from Glitch City and Youtube, so see you later.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Stackout
Date: 2014-12-25 11:59:59
When I get time I'll probably look further into Gen III.

I for one am interested in memory corruption caused by long names: I assume it strcpy()s directly into an 11-byte buffer.

No$GBA debugger and IDA 6.5 with ARM Hex-Rays (found online if you look hard enough) can help. I may have to start work on Gen III ida databases.

Who knows, we may be able to get a fully decompiled Gen III src with enough work thanks to ARM Hex-Rays.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2015-01-02 16:10:40
I got to play as a corrupted version of the Mendel Palace sumo without cheats! Decamark 0x146D. It was for a few bicycle sprites. Your non-bicycle walking sprites are the diving sprites, and if you open and close the Pokémon menu your sprite starts going up and down (as if you were diving?). I think this is pretty cool.

[img]http://i1.minus.com/imcsxkVjV7DCj.png[/img]

[img]http://i1.minus.com/ibebOR5F2JFzoi.png[/img]

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: sunriseespeon
Date: 2015-01-02 17:23:49

I got to play as a corrupted version of the Mendel Palace sumo without cheats! Decamark 0x146D. It was for a few bicycle sprites. Your non-bicycle walking sprites are the diving sprites, and if you open and close the Pokémon menu your sprite starts going up and down (as if you were diving?). I think this is pretty cool.
-snip-


Bwahaha! That's really funny to me for some reason… must resist laughing.
I may have to try this out myself.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2015-01-03 15:00:03
I forgot to say I did this on Emerald, but this glitch is pretty entertaining :), but you mess up your game if you save because of your extremely long name making many things a pain, all your party Pokémon being replaced with Bad Eggs or hex:0000 Decamarks, and the inability to use the PC without the game freezing. But I don't know what would happen if you got a gift Pokémon.

Perhaps you can catch a new Pokémon, but the glitch will mess up your battle sprite, and the battle sprite may freeze the game. The one time I tried to catch a new Pokémon with a non-freezing sprite the battle turned into a Trainer battle so I couldn't catch it.

A few Decamarks give random sprites. I got Kyogre and Red a couple of times. Another two times I got a regular fat guy and a twin, and it was funny seeing them run at Bicycle speed.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: sunriseespeon
Date: 2015-01-05 09:54:46

I forgot to say I did this on Emerald, but this glitch is pretty entertaining :), but you mess up your game if you save because of your extremely long name making many things a pain, all your party Pokémon being replaced with Bad Eggs or hex:0000 Decamarks, and the inability to use the PC without the game freezing. But I don't know what would happen if you got a gift Pokémon.

Perhaps you can catch a new Pokémon, but the glitch will mess up your battle sprite, and the battle sprite may freeze the game. The one time I tried to catch a new Pokémon with a non-freezing sprite the battle turned into a Trainer battle so I couldn't catch it.

A few Decamarks give random sprites. I got Kyogre and Red a couple of times. Another two times I got a regular fat guy and a twin, and it was funny seeing them run at Bicycle speed.

I use emulators.

And I'm rather aware of the effects (when browsing the main thread, I downloaded the "ZZAZZ" Ruby that Pawny posted.) It was pretty hilarious.

I did try to get it to work, but I failed. I'll try again later when I'm not half asleep.

Re: Oh God What Have I Done (R/S Decamark 0x88A6)

Posted by: Torchickens
Date: 2015-01-05 11:08:30
Oh I heard of that, but I never tried out Pawny's save. Thanks for reminding me. I like how using the Bicycle on her save gives you a sumo with the right palette that is properly animated/has the correct sumo sprites for each direction you face/step you take for lack of a better way to put it. I haven't got that yet.

Pawny said she did it using a #000 Decamark, and possibly (though this isn't clear) after switching Bad Eggs.



I did try to get it to work, but I failed. I'll try again later when I'm not half asleep.



Did you have trouble getting the Egg? That's normal. I still think it's sad how you have to be really lucky to corrupt Seasor into an EVs->species Egg. Maybe some day there will be a RNG abuse method to get it every time.

If you use memory viewer, then you can put Seasor at the top of the party and change 020244EF to 40 to corrupt it in this way. If you like, here is my save with a hatched 0x1460 (it's not the 0x146F constant effect one, but this one is random).

I also uploaded a video.