Main Menu
Main Page
Forums
New pages
Recent changes
Random page
Help

Glitches
Arbitrary code execution
Pokémon cloning
Pomeg glitch and Glitzer Popping
Tweaking and voiding
Glitches by generation
Other glitch categories

References/Resources
Databases
Disassembly projects
The Big HEX List
Interactive tools
Reference documents
Terminology

Affiliates
Legendary Star Blob 2 (Hakuda) (日本語/Japanese)
Pokémon Speedruns wiki (English)
PRAMA Initiative (Français/French)
MissingNo. Glitch City (Italiano/Italian)
Become an affiliate!

Technical
Site source code

Search Wiki

 

Search Forums

 

Author Topic: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion  (Read 123336 times)

0 Members and 1 Guest are viewing this topic.

camper

  • aka GlitcherRed, azum4roll
  • Member+
  • *
  • Offline Offline
  • Gender: Male
  • 975642dx║'r DExsfoF▓1 error.
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #285 on: April 12, 2014, 03:15:11 am »
2. It's hard to get the move in Yellow since we can't switch move orders after Transforming anymore.
Youtube
 

Guess where this is?

Evie the Bird Mother 🌸 ☽

  • Veteran Contributor
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #286 on: April 12, 2014, 07:00:37 am »
I have two questions:
1. Why does Missingno. crash your game in yellow? Does it suffer the same problem as PokeWTrainer?
2. Why can't you use the Cooltrainer♀ move to mutate Pokemon in Yellow?


1. Not exactly. The dimensions; A×D do not freeze the game, however its pointer 06 00 does/causes the walking characters effect (I don't know why though). If you fix its pointer you can have it never freeze on the opponent's side. Normally you may get a freeze when you encounter Yellow Missingno. and sometimes you'll not, kind of like you may get a freeze if you only fixed #205's dimensions and sometimes not.

Here are two Game Genie codes to fix Yellow Missingno. on the opponent's side (I don't know what I'm breaking):

00F-CDA-F72
40F-CEA-E6A

2. You actually can. But like camper said you can't use the Transform trick to get it on Yellow because you can't switch move orders after transforming on that version. You may have to trade a Ditto with the 0x00 move from Red/Blue to Yellow (and it is no longer CoolTrainer♀  typed on Yellow). Freezes and the glitch not happening are common, though. The Missingno. you get is hex:32, like in Red/Blue.
« Last Edit: April 12, 2014, 07:01:25 am by Torchickens »
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post. ^^
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Love, faith, hope are free. If all is lost friends save us.
Thanks fans for Torchic artwork. ♡ First image thanks Nyapon.

camper

  • aka GlitcherRed, azum4roll
  • Member+
  • *
  • Offline Offline
  • Gender: Male
  • 975642dx║'r DExsfoF▓1 error.
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #287 on: April 12, 2014, 08:58:30 am »
The Missingno. you get is hex:32, like in Red/Blue.
The Pokemon you get depends on the last position you opened the Party menu, Item menu or the PC, whether in or out of battle. Whether the glitch occurs is likely to be depended on the RAM.
Youtube
 

Guess where this is?

luckytyphlosion

  • Banned
  • *
  • Offline Offline
  • Gender: Male
  • JACK-flys are OP
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #288 on: April 12, 2014, 11:12:39 am »
The problem I get whenever I try the "---" move (X - x can learn it at level 11) is that no matter what happens, the game simply crashes. No matter where my position is, the game just immediately crashes. Another thing I noticed is that in Yellow, opening the Pokemon menu in battle gives a Horsea instead of Missingno.

And for Missingno., is there a way to encounter Missingno. without cheats and without it crashing? (Normal form missingno., not Kabutops/Aerodactyl/Ghost Missingno)

Evie the Bird Mother 🌸 ☽

  • Veteran Contributor
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #289 on: April 12, 2014, 11:35:51 am »
The Missingno. you get is hex:32, like in Red/Blue.
The Pokemon you get depends on the last position you opened the Party menu, Item menu or the PC, whether in or out of battle. Whether the glitch occurs is likely to be depended on the RAM.

Actually, while it's likely Yellow behaves in a similar way (I forgot about this video by TheZZAZZGlitch), you're very likely to just get a Missingno. or a Horsea by opening the menu in battle. I've tried different sprites and got the same result, with level 127 Horsea only appearing in Yellow if you mess up the graphics on the opponent's side (flip them) after sending certain glitch Pokémon into battle.

Edit: But an added note; you must view the glitch Pokémon's stats either in battle or outside of battle to flip the opponent's sprite.


The problem I get whenever I try the "---" move (X - x can learn it at level 11) is that no matter what happens, the game simply crashes. No matter where my position is, the game just immediately crashes. Another thing I noticed is that in Yellow, opening the Pokemon menu in battle gives a Horsea instead of Missingno.

And for Missingno., is there a way to encounter Missingno. without cheats and without it crashing? (Normal form missingno., not Kabutops/Aerodactyl/Ghost Missingno)

You're just unlucky. Keep trying. I did it in Diglett's Cave after opening the Pokémon menu in battle there.

Normal Missingno. may not freeze the game on the opponent's side in Yellow, but it's uncommon. When you exit, player sprites will walk across the screen.
« Last Edit: April 12, 2014, 12:03:19 pm by Torchickens »
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post. ^^
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Love, faith, hope are free. If all is lost friends save us.
Thanks fans for Torchic artwork. ♡ First image thanks Nyapon.

luckytyphlosion

  • Banned
  • *
  • Offline Offline
  • Gender: Male
  • JACK-flys are OP
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #290 on: April 12, 2014, 11:46:49 am »
You're just unlucky. Keep trying. I did it in Diglett's Cave after opening the Pokémon menu in battle there.
Opening the Pokemon menu guarentees Horsea 100% for me. It's just when I try to get Pokemon off of the screen tiles that it crashes. What makes it differ from Red/Blue than with Yellow?

Evie the Bird Mother 🌸 ☽

  • Veteran Contributor
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #291 on: April 12, 2014, 11:51:57 am »
You're just unlucky. Keep trying. I did it in Diglett's Cave after opening the Pokémon menu in battle there.
Opening the Pokemon menu guarentees Horsea 100% for me. It's just when I try to get Pokemon off of the screen tiles that it crashes. What makes it differ from Red/Blue than with Yellow?

Your opponent's sprite was probably flipped. Save and restart then try again to fix it, but don't check X-x's stats after you reload the game. Let me know if it works this time.

Missingno. sprites through the Pokémon menu in battle method:



Horsea sprites through the Pokémon menu in battle method:



Quote
Opening the Pokemon menu guarentees Horsea 100% for me. It's just when I try to get Pokemon off of the screen tiles that it crashes. What makes it differ from Red/Blue than with Yellow?

You can get Missingno. or Horsea through the Pokémon menu in battle in Diglett's Cave way in Red/Blue too. But yeah, I'm not sure. I'm having the game freeze in Yellow too by trying TheZZAZZGlitch's trick.
« Last Edit: April 12, 2014, 12:07:04 pm by Torchickens »
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post. ^^
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Love, faith, hope are free. If all is lost friends save us.
Thanks fans for Torchic artwork. ♡ First image thanks Nyapon.

luckytyphlosion

  • Banned
  • *
  • Offline Offline
  • Gender: Male
  • JACK-flys are OP
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #292 on: April 12, 2014, 12:05:58 pm »
I guess I didn't make my question clear enough :(.
What I meant to say is use the "---" move like you would is TheZZAZZGlitch's Catching rare/unavailable/glitch/over lv.100 Pokemon with the Cooltrainer move.
I made sure there was a bush tile in the correct position, yet my game crashed. Why does it work in Red/Blue, but not in Yellow?

Evie the Bird Mother 🌸 ☽

  • Veteran Contributor
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #293 on: April 12, 2014, 12:09:15 pm »
I guess I didn't make my question clear enough :(.
What I meant to say is use the "---" move like you would is TheZZAZZGlitch's Catching rare/unavailable/glitch/over lv.100 Pokemon with the Cooltrainer move.
I made sure there was a bush tile in the correct position, yet my game crashed. Why does it work in Red/Blue, but not in Yellow?

I'm not sure about that. Sorry for not answering your question.

Edit: Quote from TheZZAZZGlitch's Super Glitch thread:

Quote
- Sadly, all presented glitches (with exception of the first part of Harmless Super Glitch trick) do not work in Yellow. Newer versions handle battle screens a little bit differently, not allowing me to carry overworld screen data to a battle. However, the way of manipulating Super Glitch's written values remains the same. Maybe someone will find a workaround soon.

So it seems you can't carry overworld screen data into battles via start menu in Yellow.
« Last Edit: April 12, 2014, 12:18:13 pm by Torchickens »
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post. ^^
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Love, faith, hope are free. If all is lost friends save us.
Thanks fans for Torchic artwork. ♡ First image thanks Nyapon.

camper

  • aka GlitcherRed, azum4roll
  • Member+
  • *
  • Offline Offline
  • Gender: Male
  • 975642dx║'r DExsfoF▓1 error.
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #294 on: April 12, 2014, 12:31:55 pm »
Also you don't have to use the -- move at all, since it's the name of the move (cloaked by --) that matters, not the move itself.
Youtube
 

Guess where this is?

TheZZAZZGlitch

  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Unknown opcode fc at 801a
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #295 on: April 12, 2014, 02:01:36 pm »
Yep. The glitch mentioned above does not work in Yellow. In Yellow the buffered screen contents are updated after sending out a Pokemon in battle, overwriting any previous data. Not sure why the developers decided to change this behavior.

Quote
You may have to trade a Ditto with the 0x00 move from Red/Blue to Yellow (and it is no longer CoolTrainer♀  typed on Yellow).

This reminded me to show you something interesting: the type of the Cooltrainer move in Yellow changes depending on the opponent's sprite (more precisely, it's the lower left corner of the sprite that determines the name).



It takes its name from address $9292. The location is writeable, so it can be changed to make it say whatever I want, just like $C3's species name in Japanese Green; for example, the GAME-CRASHER-9000 type:

qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF

Evie the Bird Mother 🌸 ☽

  • Veteran Contributor
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #296 on: April 12, 2014, 02:17:22 pm »
Ha ha, great find! When I modify $9292 to your values though, although I can get it to sort of work 9s appear in between some characters. Emulation error?

✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post. ^^
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Love, faith, hope are free. If all is lost friends save us.
Thanks fans for Torchic artwork. ♡ First image thanks Nyapon.

SM

  • 14239
  • GCLF Member
  • Offline Offline
    • View Profile
    • Saver Mlog
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #297 on: April 13, 2014, 07:11:51 am »
does anyone know what is the cause of zzazz glitch?

Evie the Bird Mother 🌸 ☽

  • Veteran Contributor
  • *
  • Offline Offline
  • Gender: Female
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #298 on: April 13, 2014, 07:46:55 am »
does anyone know what is the cause of zzazz glitch?

Quote from: p4wn3r (via TASVideos)
To start a Trainer battle, the game needs to load a lot of data, such as the trainer sprite, his pokemon and the money he'll concede if defeated. When it loads the money is where things can get really ugly. For reasons that are beyond me, money is stored in a completely different manner, the game uses a data structure of three bytes and instead of converting the value to binary, it stores it in "human" representation. For example, $123456 would be stored as 0x123456 instead of 0x01E240, the proper conversion.

Trainer missingno.s of ID 251, 252, 254 and 255 point to location with invalid money data. When the game tries to perform arithmetic with these data in said structure, it goes nuts and starts overwriting huge portions of RAM. More specifically, for every block of three bytes, two of them will contain 0x9999 (the maximum amount of money a trainer could give). This pattern repeats itself many times through RAM. To see this better, I recommend pausing the video on the emulator after the ZZAZZ trainer is faced and set VBA's memory viewer to 0xD070.

So allegedly it's related to the winning money. That's why the game keeps writing 0x99. (which in decimal is 153). As p4wn3r said, money in the game is stored in 'human representation', so what you see in hexadecimal is what you get in decimal. I don't know the exact reasons why the game can't manage the winning money. It's likely to be 'base' in the formula Payout=Last Pokémon Level×Base that causes problems. Note only glitch Trainer classes cause the ZZAZZ glitch, but what p4wn3r didn't mention is that it's only specific glitch Trainer rosters that cause it; you can have a glitch Trainer class and be 'OK'. For example, it's less known that Trainer 256 (C8)'s roster 5 in Red can cause a more volatile version of the ZZAZZ glitch that corrupts your items and the overworld, but not roster 7.

Gia told me once via Youtube that p4wn3r did a disassembly of what happens during the ZZAZZ glitch, but I don't know if he published it anywhere.

Edit: HyperHacker thinks it's something different:

Quote from: HyperHacker (via Bulbapedia)
It's interesting that 153 = 0x99, as the game does use Binary-Coded Decimal for some values; for example your money ($999,999 = 99 99 99 rather than 0x0F423F). However I think this is a coincidence. From a technical standpoint, this glitch overwrites several areas of memory with two different patterns. Your Pokémon's stats all become 153, which (being 16-bit values) indicate the entire status block is overwritten with the byte pattern 0099. However your name becomes ZZxZZxZZxZZx (where x is unchanged), which indicates that block is overwritten with a different pattern: write two bytes of 99, then skip one.
Having played with the game code a fair bit, this seems familiar to me: I suspect it's actually the graphic decompression routine gone out of control due to the Pokémon having garbage graphic data. The graphic compression routines include commands such as "fill with 2-byte pattern" (0099 in this case) and "fill with byte, skipping every third." These exactly match the symptoms. Another hint is that it corrupts the player's trainer and Pokémon graphics - the first place an out-of-control graphic decompression routine is going to trash is the other graphics right nearby. HyperHacker 03:45, 16 December 2009 (UTC)
« Last Edit: April 13, 2014, 08:04:04 am by Torchickens »
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Here have some free flowers on every post. ^^
✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿✿
Love, faith, hope are free. If all is lost friends save us.
Thanks fans for Torchic artwork. ♡ First image thanks Nyapon.

TheZZAZZGlitch

  • Distinguished Member
  • *
  • Offline Offline
  • Gender: Male
  • Unknown opcode fc at 801a
    • View Profile
Re: Official 1st Gen (Red/Blue and Yellow) Glitch Discussion
« Reply #299 on: April 13, 2014, 09:44:28 am »
I tried to set some breakpoints in BGB and see what exactly is corrupting the memory. It looks like the source of the problem is a subroutine at $781D, rom bank 3.

It is not documented in IIMarckus's Pokemon Red disassembly, so its purpose remains a mystery. The subroutine is used in the ReadTrainer subroutine (at $39C53), which, well, reads trainer data.

Func_f81d: ; f81d (3:781d)
   call Load16BitRegisters
   and a
   ld b, c
.asm_f822
   ld a, [de]
   adc [hl]
   daa
   ld [de], a
   dec de
   dec hl
   dec c
   jr nz, .asm_f822
   jr nc, .asm_f835
   ld a, $99
   inc de
.asm_f830
   ld [de], a
   inc de

   dec b
   jr nz, .asm_f830
.asm_f835
   ret


The bold part in the code is what's responsible for writing the 99s all over the memory. At $D079 there seems to be a 3-byte buffer of some sort. The 'Func_f81d' subroutine is responsible for filling this buffer with data.
It seems like it is a yet another buffer overflow bug in Generation I.

EDIT 1: Further experimentation has shown that $D079 is indeed the location which holds the payout money of a trainer. But why exactly the subroutine freaks out and starts writing 99s everywhere?

EDIT 2: The subroutine seems to be used to multiply two BCD (binary coded decimal) numbers.
« Last Edit: April 13, 2014, 10:01:08 am by TheZZAZZGlitch »
qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF qÁF