April 29, 2017, 09:25:51 am
0 Members and 1 Guest are viewing this topic.
ld a,41ld e,20ld b,eld c,ald (bc),aadd 20ld b,ald a,(bc)inc hlldi (hl),aret
ld a,??ld e,90ld b,exor ald c,ainc hlld a,(bc)ldi (hl),aret
ld a,00ld e,f1ld b,einc linc axor aadc a,58ld c,ald a,(bc)ldi (hl),aret
I planned to do this for a long time. In Gen I, we have a lot of glitches that exploit certain obscure details of the GB hardware or rely on undefined behavior, yet it still isn't exactly clear what behavior is exhibited by certain emulators and the real console. Thankfully, we have an easy way to execute any code we want with 8F. It's a good opportunity to test if everything works exactly as we think it works. I welcome everyone with working 8F setups on VC/console/mobile emulators/other devices to run the following 8F scripts and see if we have 100% accuracy for our glitching purposes.If my request gets some interest, this table will be filled with data regarding the most important systems.Also let me know if someone thinks of another relevant test to add.PlatformUnknownOpcodesInvalidBanksVRAMAccessEchoRAMInvalidStop??????The tests themselves:UnknownOpcodesSelf-explanatory. This is intended to test whether the target system ignores invalid opcodes, or crashes/halts when they are executed. This behavior could potentially affect any glitches that execute data as code (invalid sound banks, invalid item/move effect pointers).8F(Any)TM27 x201Code: [Select]opcode_e3retIf the game continues running after executing the script - PASSIf the system brings up an error message or the game hangs or crashes - FAILInvalidBanksThis checks how the system handles switching to non-existent ROM banks. This determines the behavior of glitches that cause invalid bank switches - most commonly invalid sound banks or invalid predefined commands.8F(Any)Lemonade x65Repel x32X Speed x79Ultra Ball x198Fire Stone x71Moon Stone x35Water Stone x201Code: [Select]ld a,41ld e,20ld b,eld c,ald (bc),aadd 20ld b,ald a,(bc)inc hlldi (hl),aretThe third item's quantity changes to 124 - PASS.Third item's quantity changes to something other than 124, like 255 or 0 - FAIL.Remember to reset item 3's quantity if you want to repeat the test.VRAMAccessVRAM data can only be read or written during V-Blank, H-Blank, or when the LCD screen is turned off. Otherwise, the write operation will be ignored, and all read operations will return FF. This test checks this behavior. Emulation of VRAM inaccessibility is essential for correct behavior of a lot of popular glitches, including Cooltrainer, Super Glitch, Brock Through Walls and any other glitches that attempt to "search through the entire address space".8F(Any)Lemonade xAnyRepel x144X Speed x175PP Up x35Moon Stone x34TM01 xAnyCode: [Select]ld a,??ld e,90ld b,exor ald c,ainc hlld a,(bc)ldi (hl),aretRun the script multiple times in a row and observe the quantity of the third item.If it changes seemingly randomly between 255 and any other value - PASSIf it never becomes 255, even after trying multiple times - FAILEchoRAMBecause of how GB's address line works, RAM addresses $C000~$DDFF are mirrored at $E000~$FDFF. This repeated section of memory is called the echo RAM. Because this feature was hardly used by anyone, several emulators don't support it. This test is intended to verify whether echo RAM is emulated correctly. Emulation of this feature changes the behavior of glitches that cause extensive memory corruption, like Pokemon beyond the sixth slot, or Dokokashira Door Glitch. Also, Coin Case arbitrary code execution won't work without echo RAM emulation.8F(Any)Lemonade xAnyRepel x241X Speed x44Fresh Water x175TM06 x88PP Up x10Water Stone x201Code: [Select]ld a,00ld e,f1ld b,einc linc axor aadc a,58ld c,ald a,(bc)ldi (hl),aretRun the script and check the quantity of item 3.If it changes to the code of the first letter in the player's name - PASSIf it doesn't change, or changes to a wrong value, like FF or 00 - FAILInvalidStopThis is to test how the system reacts to invalid STOP opcodes. This behavior could affect some of the non-ACE Coin Case glitches, along with all glitches that execute data as code (invalid sound banks, invalid item/move effect pointers)8F(Any)Full Restore x??TM01 xAnyCode: [Select]stop ??retStart with an arbitrary amount of Full Restores.Run the 8F script. If the game crashes/halts whenever the script is executed - PASSIf not, try running the script with a different amount of Full Restores and repeat the process.If after several tries the game is still running - FAIL.
8FItem to dupe x1 <-- And I MEAN x1 !Poké Ball x43Revive x4TM01x (any)OR(...)Revive x201
8FNugget x255 (It was there at the time, meh)Full Restore x3 (in case the opcode is 1 byte long in this emulation)TM01 x01Stuff
8FRevive x4 (shouldn't matter)Full Restore x1TM27 x201Nugget x255Water Stone x201
stopld bc, $C9E4ld sp, $22FFret
stop (absorbs the 01)ret(doesn't matter)
I originally didn't know undefined opcodes actually hang the CPU, I expected something similar to the behavior of 6502, where invalid opcodes actually do something - sometimes useful, sometimes not.Therefore, I will now consider the test to be passed if the game doesn't keep running after executing an invalid instruction, since that's the behavior on real hardware.
8FSuper Ball x?6Lemonade x254Repel x241X Speed x44Fresh Water x175TM06 x93PP Up x10Water Stone x201Stuff
Poké Ball x243Full Restore x255Super Ball x251TM01 x(any)Code :inc bdistopinc bceiret
Page created in 0.134 seconds with 18 queries.