Main Menu
Main Page
Forums
Recent changes
Random page
Help

Databases
GlitchDex
AttackDex
ItemDex

Major Glitches
Trainer escape glitch
Old man trick
Celebi trick
Select glitches (Japan)
SRAM glitch
CoolTrainer♀ corruption
LOL glitch
Rival LOL glitch
Super Glitch
ZZAZZ glitch
Pomeg corruption glitch (Glitzer Popping)
Tweaking
Elite Four door glitch (Japan)
Pokémon merge glitch
Pokémon cloning
Time Capsule exploit
Arbitrary code execution
Coin Case glitch
More

Other Glitch Categories
Glitches by generation
Glitches between two generations
Japan-only/language specific glitches
Music glitches
Natural glitches
Non-core series glitches
Non-Pokémon glitches
Officially acknowledged glitches
Recurring glitches
Dead glitches

References
Pokémon GameShark codes
The Big HEX List
GB programming
Curiosities
Debugging features
Easter eggs
Error traps
Glitch areas
Glitch myths
Non-glitch exploits
Placeholder texts
Pokémon glitch terminology
Unused content and prerelease information

Useful Tools
8F Helper
GBz80 to Items
Old man trick name generator
PATH (Prama's Advanced Tweaking Heaven)
Save file editors
Special stat/Pokémon converter
Trainer escape Trainer Pokémon finder

Affiliates
Legendary Star Blob 2 (Hakuda)
Pokémon Speedruns wiki
PRAMA Initiative
Become an affiliate!

Search Wiki

 

Search Forums

 

Author Topic: simple WRITE command  (Read 587 times)

0 Members and 1 Guest are viewing this topic.

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
simple WRITE command
« on: March 09, 2017, 09:23:53 am »
Hey,

after figuring out, how to read the german Yellow version, I'm starting to think about coding.

Please note: All addresses are for the german Yellow version. Basically its 0x(address of english Yellow version) + 5 or 0x(adress of english Red/Blue version) + 4
All Items -> Codes are taken from: http://glitchcity.info/wiki/The_Big_HEX_List

I know, that 0xD17B and 0xD17C store the two Bytes of the TID of the first Pokémon in the party.
Let's assume, the Box is correctly setup, such that using ws m will cause the the sp to point at the third item in the bag.
Wouldn't writing a single Byte in RAM possible with:
Code: [Select]
Lemonade x89        // ld a, 89
TM34 x209
.(player)₽ ぅ A Aぇ₽   // combined with line 2: ld D17B, a
TM01 xany              // ret
Shouldn't this code write '89' @D17B?

And I know that ".(player)₽ ぅ A Aぇ₽" can't be bought in the market, but with this code:
Quote
Code: [Select]
ws# #m#
Item you want to change x any
Burn heal x 43
Ice heal x 43
Revive x 201
from this thread https://www.reddit.com/r/pokemon/comments/5q8zlg/getting_gen_1_mew_in_yellow_guide_does_not_work/
we should be able to have a Max Elixer and keep increasing it's ID until it's ".(player)₽ ぅ A Aぇ₽".

Also:
I'm not sure, what the code exactly does:
Burn heal x43
Ice heal x43
Revive x201
should mean
inc c 43
dec c 43
dec (hl) 201
What is the purpose of the 43 and 201? And why is there no TM01 for return the sp?
EDIT: The 201 (which is C9 in hex) is obviously the ret statement!

Thank you,
PanCave
« Last Edit: March 09, 2017, 09:57:02 am by PanCave »

Krys3000

  • The frenchie
  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Head admin of the PRAMA Initiative
    • View Profile
    • PRAMA Initiative - Main french pokemon glitch website
Re: simple WRITE command
« Reply #1 on: March 09, 2017, 10:06:21 am »
Hello,
I did not check your opcodes, but everything is to be considered an instruction: both the item and its quantity are two different values.

You have three items, that means 6 hex values. In the case of 1-byte instructions, that would give 6 instructions. Here, 43 refers to the opcode with a hex value of 2B (dec:43) and 201 is of course, as you figured out, hex:C9, a ret instruction :)
« Last Edit: March 09, 2017, 10:07:24 am by Krys3000 »

Anna Says Hi

  • GCLF Member
  • Offline Offline
  • Too bad! The trade was cancelled.
    • View Profile
Re: simple WRITE command
« Reply #2 on: March 10, 2017, 06:09:43 pm »
And I know that ".(player)₽ ぅ A Aぇ₽" can't be bought in the market, but with this code:
Quote
Code: [Select]
ws# #m#
Item you want to change x any
Burn heal x 43
Ice heal x 43
Revive x 201
from this thread https://www.reddit.com/r/pokemon/comments/5q8zlg/getting_gen_1_mew_in_yellow_guide_does_not_work/
we should be able to have a Max Elixer and keep increasing it's ID until it's ".(player)₽ ぅ A Aぇ₽".

Also:
I'm not sure, what the code exactly does:
Burn heal x43
Ice heal x43
Revive x201
should mean
inc c 43
dec c 43
dec (hl) 201
What is the purpose of the 43 and 201? And why is there no TM01 for return the sp?
EDIT: The 201 (which is C9 in hex) is obviously the ret statement!

Thank you,
PanCave

That item code is designed to work with 8F, but coincidentally works with ws m. The reason is that after the ws m bootstrap is run, HL contains D321, which is the address containing the index of the third item in the pack. Then the bootstrap jumps to the address contained in HL. Since we want to get HL to contain D31F (second pack item's index number), we decrement L twice with opcode 0x2B (43 in decimal). However, item 2B is a key item, and thus we cannot obtain more than one of it which prevents a 2-line setup. So the code actually works like this:
Code: [Select]
(HL contains D321 in Yellow, D322 in Red/Blue)
inc C
dec L
dec C
dec L
inc (HL)
ret

On Red/Blue where item 3 is D322, there are several different ways to get HL to contain item 2's address. One of them is to reset bit 1 of L, which can be done with TM03 x141. (RES 1, L) Another way is to use X Accuracy x31 (x32 in Red/Blue), which is ld L, 1Fh(20h in Red/Blue). However, since a different amount of X Accuracy is used for the item duplication code, it's more efficient to use the TM03 setup in Red/Blue.
« Last Edit: March 11, 2017, 02:37:24 pm by Anna Says Hi »

ISSOtm

  • The French Lord of Laziness (and a huge The Legend Of Zelda fan)
  • Wiki Contributor
  • *
  • Offline Offline
  • Gender: Male
  • Pewter City (B)rocks !
    • View Profile
    • My Little Website
Re: simple WRITE command
« Reply #3 on: March 12, 2017, 07:07:08 am »
@PanCave :
If you want to do some compiling, I recommend you take a look the online compiler I wrote. All I need to add now is reversing item codes and fix a few lingering bugs.
(Shameless self-promotion is shameless)

Now I need to correct you on something vital : sp is the stack pointer (a registry that points to the top of the stack). You're mistaking it for pc, the program counter (a registry that holds a pointer to the byte being currently interpreted).
Also, the GB's stack is a Full, Ascending stack, ie sp is incremented as you push data, and sp points to the current entry.

Now, about your question.
Both items and quantities translate to bytes, which are then interpreted as instructions. So that's why Anna Says Hi's decompilation is correct.

Hope it helped !
"THOU SHALL NOT PASS !!"  RIVAL's effect, Gandalf.

Proudly glitching Pokémon Red and Yellow on a Black & White GB, Pocket GB, GB Color, GBA SP and new 3DS.

My Twitter (beware, I'm French)
My YouTube (same warning)

Here is an online tool to build 8F setups : GBz80 to Items !

They see me layzin', they ha-tin'...
Heavy contributor of the global augmentation of entropy (my room's is too damn high !)

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: simple WRITE command
« Reply #4 on: March 14, 2017, 08:44:30 am »
Thank you both! You helped me a lot!

I think i missed something on my journey for writing arbitrary code... What is hl,c,l,...? Or are there references for these registers?

How would a simple write command look like in pokemon yellow german?
Such that I could jump to any address (using items or quantities) and write a value (again via item or quantity) to that specific byte?

ISSOtm

  • The French Lord of Laziness (and a huge The Legend Of Zelda fan)
  • Wiki Contributor
  • *
  • Offline Offline
  • Gender: Male
  • Pewter City (B)rocks !
    • View Profile
    • My Little Website
Re: simple WRITE command
« Reply #5 on: March 14, 2017, 02:34:09 pm »
I think i missed something on my journey for writing arbitrary code... What is hl,c,l,...? Or are there references for these registers?
http://glitchcity.info/wiki/GB Programming is your friend.

How would a simple write command look like in pokemon yellow german?
Such that I could jump to any address (using items or quantities) and write a value (again via item or quantity) to that specific byte?
Use this setup. Just adapt the memory destination :)
"THOU SHALL NOT PASS !!"  RIVAL's effect, Gandalf.

Proudly glitching Pokémon Red and Yellow on a Black & White GB, Pocket GB, GB Color, GBA SP and new 3DS.

My Twitter (beware, I'm French)
My YouTube (same warning)

Here is an online tool to build 8F setups : GBz80 to Items !

They see me layzin', they ha-tin'...
Heavy contributor of the global augmentation of entropy (my room's is too damn high !)

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: simple WRITE command
« Reply #6 on: March 14, 2017, 03:26:23 pm »
Wow, perfect answer! Thank you very much!

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: simple WRITE command
« Reply #7 on: March 14, 2017, 08:19:47 pm »
okay one final question:
To set everything up for the "write-a-single-byte"-command (which I sucessfully tested), I need 5 items with a quantity > 99:
Code: [Select]
- Any Item xAny
- ws m
- lemonade x170      59 XX = value
- X-Accuracy x139         7B YY = low-Byte of address
- Carbos x209         D1 ZZ = high-Byte of address
- Pokeball x119
- Fresh Water x201
Obviously I could encounter Missigno. multiple times, but i know that there is a code for decreasing the quantity of the second item by 1.

According to this link: https://youtu.be/jR5rov2e6PU?t=299 for english yellow the setup should lool like this:
Code: [Select]
-ws m
-item to decrease x1
-burn heal x43
-ice heal x53
-revive x201
This decompiles to:
Code: [Select]
inc c
dec hl
dec c
dec (hl)
dec (hl)
ret
Of course, this does not work in yellow version german. But I thought I simply had to increment hl four time instead of decrementing it once, in order to get to the correct address:
Code: [Select]
inc a
inc hl
dec a
inc hl
inc c
inc hl
dec c
inc hl
dec (hl)
dec (hl)
ret
Code: [Select]
Fresh Water  x35 (hex:23)
Soda Pop  x35 (hex:23)
Burn Heal  x35 (hex:23)
Ice Heal  x35 (hex:23)
Revive  x53 (hex:35)
TM01  x[Any qty]
I tested this code and i does not work :/
What am I doing wrong?

ISSOtm

  • The French Lord of Laziness (and a huge The Legend Of Zelda fan)
  • Wiki Contributor
  • *
  • Offline Offline
  • Gender: Male
  • Pewter City (B)rocks !
    • View Profile
    • My Little Website
Re: simple WRITE command
« Reply #8 on: March 15, 2017, 01:31:23 am »
The English setup will work for German versions because of the way 8F bootstrapping works.
The most common way of doing so is to set hl to point to the entry point (ie, the third item in the bag) and then "jp [hl]".
That's why, on all versions, hl points to the third item in the bag, period.
Doing a "dec hl" will ALWAYS make hl point to the quantity of the second item in the bag.
Also remove the "Ice Heal x53". It's unnecessary, because quantities x00 aren't cleared from the bag (you're never supposed to have any) and when tossing, you can toss as if it were x256 (eg, tossing 1 at this point yields "Item x255" due to underflow.)
« Last Edit: March 15, 2017, 01:34:11 am by ISSOtm »
"THOU SHALL NOT PASS !!"  RIVAL's effect, Gandalf.

Proudly glitching Pokémon Red and Yellow on a Black & White GB, Pocket GB, GB Color, GBA SP and new 3DS.

My Twitter (beware, I'm French)
My YouTube (same warning)

Here is an online tool to build 8F setups : GBz80 to Items !

They see me layzin', they ha-tin'...
Heavy contributor of the global augmentation of entropy (my room's is too damn high !)

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: simple WRITE command
« Reply #9 on: March 15, 2017, 06:28:12 am »
Hm, that's strange...
I made a screenshot:

Code: [Select]
ws m
Rare Candy x1
Burn Heal x43
Revive x201
But when I use ws m, nothing happens.

My box setup is according to this page's first post("Yet another update"):
http://forums.glitchcity.info/index.php?topic=6638.45
The Box setup works 100%, as I'm able to perform the memory writing you showed me.

What am i doing wrong?

ISSOtm

  • The French Lord of Laziness (and a huge The Legend Of Zelda fan)
  • Wiki Contributor
  • *
  • Offline Offline
  • Gender: Male
  • Pewter City (B)rocks !
    • View Profile
    • My Little Website
Re: simple WRITE command
« Reply #10 on: March 15, 2017, 10:01:26 am »
Save and attach your save here.
"THOU SHALL NOT PASS !!"  RIVAL's effect, Gandalf.

Proudly glitching Pokémon Red and Yellow on a Black & White GB, Pocket GB, GB Color, GBA SP and new 3DS.

My Twitter (beware, I'm French)
My YouTube (same warning)

Here is an online tool to build 8F setups : GBz80 to Items !

They see me layzin', they ha-tin'...
Heavy contributor of the global augmentation of entropy (my room's is too damn high !)

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: simple WRITE command
« Reply #11 on: March 15, 2017, 04:40:51 pm »
I set everything up and saved.

ISSOtm

  • The French Lord of Laziness (and a huge The Legend Of Zelda fan)
  • Wiki Contributor
  • *
  • Offline Offline
  • Gender: Male
  • Pewter City (B)rocks !
    • View Profile
    • My Little Website
Re: simple WRITE command
« Reply #12 on: March 16, 2017, 06:23:05 am »
Okay, you did wrong on two things :
1. Your ws m setup is incorrect. It jumps to $D31A, but it should jump to $D326.
Solution : Replace Sichlor with Kadabra
2. Your item setup is incorrect. The setup you had on the screenshot is good, but the one on your save file is bad.
Solution : put that Sonderbonbon (or Carbon, on the svae you uploaded) back.

I tested it, and it works.
~ Panda
"THOU SHALL NOT PASS !!"  RIVAL's effect, Gandalf.

Proudly glitching Pokémon Red and Yellow on a Black & White GB, Pocket GB, GB Color, GBA SP and new 3DS.

My Twitter (beware, I'm French)
My YouTube (same warning)

Here is an online tool to build 8F setups : GBz80 to Items !

They see me layzin', they ha-tin'...
Heavy contributor of the global augmentation of entropy (my room's is too damn high !)

PanCave

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: simple WRITE command
« Reply #13 on: March 16, 2017, 07:05:20 pm »
Thank you very much! Know i got everything i need to know!

I'm planning to write a detailed guide on how to prepare a glitch Mew for Pokébank in english and non-english version yellow.

ISSOtm

  • The French Lord of Laziness (and a huge The Legend Of Zelda fan)
  • Wiki Contributor
  • *
  • Offline Offline
  • Gender: Male
  • Pewter City (B)rocks !
    • View Profile
    • My Little Website
Re: simple WRITE command
« Reply #14 on: March 17, 2017, 08:41:43 am »
I suggest you post it here before you publish it, we could correct stuff and add precisions, warnings etc.
You don't have to, though !
"THOU SHALL NOT PASS !!"  RIVAL's effect, Gandalf.

Proudly glitching Pokémon Red and Yellow on a Black & White GB, Pocket GB, GB Color, GBA SP and new 3DS.

My Twitter (beware, I'm French)
My YouTube (same warning)

Here is an online tool to build 8F setups : GBz80 to Items !

They see me layzin', they ha-tin'...
Heavy contributor of the global augmentation of entropy (my room's is too damn high !)