Golden Sun Hacking Community
December 16, 2017, 08:41:30 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
  Home   Forum   DC Wiki Help Search Calendar Downloads Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: Tret OOB Weirdness  (Read 7294 times)
0 Members and 1 Guest are viewing this topic.

Regular Member
**

Coins: 2
Offline Offline

Posts: 135

« on: January 22, 2015, 03:50:50 PM »

Using the retreat glitch you can get out of bounds in a number of locations in the game. Generally speaking, the game is reasonably well behaved aside from various junk data lying around. There is one particular out of bounds (OOB) area which does not behave well - you may guess from the topic title that it is tret. Unlike other dungeons, tret has certain areas which will soft lock the game if you walk to them and even a location which will crash the game if you walk there. We in the speedrunning community have no idea why the game is crashing or soft locking, and we strongly suspect there are some other things at play here. I was watching the memory as I moved through tret and it constantly seems like Isaac was running near doors because of how the memory was changing.

I'm including a goodie-pack so that you can mess around with this yourself and hopefully help us understand exactly what the hell is going on here.

1) Here are a bunch of save files while I am out of bounds in Tret: the save states work with VBA-RR v24, there is also a battery file if those fail: https://www.dropbox.com/s/07j7r0ju1z5r4pb/tret%20oob.rar?dl=0
2) Here is a nifty lua script to help explore out of bounds
Code:
local AD1 = 0x0200053a --Isaac Cur PP
local AD1Value = 5
local AD2 = 0x0200047a -- Step Counter
local AD2Value = 1

while true do
memory.writeword(AD1, AD1Value)
memory.writebyte(AD2, AD2Value)

gui.text(0,00,"Area: " .. memory.readword(0x02000400))
gui.text(0,10,"Door: " .. memory.readword(0x02000402))


gui.text(40,00,"Actual: " .. memory.readword(0x02000408))
gui.text(40,10,"Actual: " .. memory.readword(0x0200040A))

gui.text(0,20,"X: " .. memory.readdword(0x02030ec4)/1000000)
gui.text(0,30,"Y: " .. memory.readdword(0x02030ecc)/1000000)
gui.text(0,40,"Z: " .. memory.readdword(0x02030ec8)/1000000)

    vba.frameadvance();
end
And here are some codes to lock the camera on isaac (but it's really not that useful)
Code:
02030DB8:00000000
02030DBC:00000000
02030DC0:7FFFFFFF
02030DC4:7FFFFFFF
(Incidentally, if you know how to make these codes lock when the X/Y coordinates underflow to 4298 that'd be fantastic!)
3) In tret here are some "bad" locations (X,Y):
- (4283,4241) = game crashes and reset
- (4292,4242) = game crashes, no reset (tries to access door 32 from that area)
4) In the 0x02000410-0x02000420 range of the memory you'll notice that there are some changes as you wander around. e.g. load up the battery file and just hold up and see how it changes. This reminds me of what happens when Isaac walks past a door .. what is going on here?
Logged
View Profile
Luna_blade
The last member of the Luna clan
Luna Clan

Great Member
*

Coins: 0
Offline Offline

I am: Timeless. As in, i don't have much free time.
Posts: 533

« Reply #1 on: January 22, 2015, 04:30:47 PM »

Highly interesting.

I'm no expert but does it matter that there are two cutscenes in trets room?
Logged

++++++++++[>+++++++>++++++++++>+++>+<<<<-]>++.>+.+++++++..+++.>++.<<+++++++++++++++.>.+++.------.--------.>+.>.
View Profile

Regular Member
**

Coins: 2
Offline Offline

Posts: 135

« Reply #2 on: January 22, 2015, 04:57:57 PM »

Highly interesting.

I'm no expert but does it matter that there are two cutscenes in trets room?
I'm not 100% sure, but I don't think so. Tret's "room" is connected to the entire interior, so you're able to trigger the tret fight by wandering out of bounds in the right direction. The second cutscene has no overworld/in dungeon trigger (as far as I'm aware) and that only plays after you defeat tret.

The doors I've been able to trigger (32 and 22 but I didn't record the coordinates for a 22 door, there's a few 32 doors) correspond to falling down certain breakable leaves.
Logged
View Profile
Fox
Fox McCloud, the Hacking Doctor
Mercury Clan

Prodigy
*

Coins: 28
Offline Offline

I am: certainly not a Gallant!
Clan Position: Head Gallant
Posts: 2394

« Reply #3 on: January 23, 2015, 12:19:11 AM »

Quote
4) In the 0x02000410-0x02000420 range of the memory you'll notice that there are some changes as you wander around. e.g. load up the battery file and just hold up and see how it changes. This reminds me of what happens when Isaac walks past a door .. what is going on here?
Same stuff +0x20 on GS2.. so..

Quote from: From my page: http://gsdata.wikia.com/wiki/RAM_Map
02000420 = Map and door number (Different in battle)
02000424 = Sanctum map and door number
02000428 = Current map and door number
0200042C = Area?
0200042E = Map and door number when you win or flee a battle. FFFF to use current map and door number instead.
02000432 = Map and door number when you lose a battle. FFFF to use sanctum map and door number instead.
02000436 = Battle Background
0200043A = Graphic Map Index. (For file index table on map/pal/tilesets; see 0802F380)
0200043C = X
02000440 = Z
02000444 = Y
02000448 = Direction

I wonder if this helps any?
Logged

Golden Sun Docs: Broken Seal - The Lost Age - Dark Dawn | Mario Sports Docs: Mario Golf & Mario Tennis | Misc. Docs
Refer to Yoshi's Lighthouse for any M&L hacking needs...
Did you know? In English, you are suppose to capitalize the languages. (e.g. English is a proper noun.) Subjects like math, science, history can be left lower-cased unless they are a title. (Kind of like how you can say either "my mom" or "Mom" in "I went with (X) to the store.", except that I don't think languages are ever lower-cased in English.) In Spanish, both subjects and languages are left lower-cased. (I put this here because I've noticed people make this mistake quite often. And am curious if they know about this, and whether they use their way because they believe this grammar usage should have never been a thing?

Remember kids! In getting a job, it's not about what you know, it's about WHO you know! So start making friends with the people that work where you want to work. :) (Friend of a friend and volunteering count too, so keep that in mind.)[/si
View Profile

Regular Member
**

Coins: 2
Offline Offline

Posts: 135

« Reply #4 on: January 23, 2015, 04:15:20 AM »

Quote
4) In the 0x02000410-0x02000420 range of the memory you'll notice that there are some changes as you wander around. e.g. load up the battery file and just hold up and see how it changes. This reminds me of what happens when Isaac walks past a door .. what is going on here?
Same stuff +0x20 on GS2.. so..

Quote from: From my page: http://gsdata.wikia.com/wiki/RAM_Map
02000420 = Map and door number (Different in battle)
02000424 = Sanctum map and door number
02000428 = Current map and door number
0200042C = Area?
0200042E = Map and door number when you win or flee a battle. FFFF to use current map and door number instead.
02000432 = Map and door number when you lose a battle. FFFF to use sanctum map and door number instead.
02000436 = Battle Background
0200043A = Graphic Map Index. (For file index table on map/pal/tilesets; see 0802F380)
0200043C = X
02000440 = Z
02000444 = Y
02000448 = Direction

I wonder if this helps any?
Not quite, theres no XZY coordinate that I can see for GS1 in this range and those addresses that you list would correspond to the mystery area. I'll post some images to help illustrate what is going on.

1) http://i.imgur.com/Fp9oMX1.png Just moving straight up from where the battery file puts you gives you a change in these two addresses only
2) http://i.imgur.com/8Xh99qd.png moving around a bit you start to see changes in these addresses
3) http://i.imgur.com/Jb6wbWu.png more changes in the same addresses!
4) http://i.imgur.com/1nIpcCM.jpg If you try to enter a door anywhere, the same addresses change (interestingly, I only ever see C and 4 walking towards/away from doors in that last changing byte from my limited testing I just did)
5) If you walk around tret a lot more you can actually get this to happen


At this place the 11 has cropped up in the 02000448 range
Logged
View Profile
Fox
Fox McCloud, the Hacking Doctor
Mercury Clan

Prodigy
*

Coins: 28
Offline Offline

I am: certainly not a Gallant!
Clan Position: Head Gallant
Posts: 2394

« Reply #5 on: January 23, 2015, 04:30:05 AM »

Quote
theres no XZY coordinate that I can see for GS1 in this range and those addresses that you list would correspond to the mystery area. I'll post some images to help illustrate what is going on.
I think it's the player coordinates, and that it ocasionally gets placed here.... (Like the "Return coords"? I guess?)
-Editing it during battle will have your camera be at another location when you get out of battle... I tested this on the world map, got the snowy tileset, and the camera moved toward Isaac.
-Perhaps it is also read when you continue from a save file, but I haven't checked this. (Only 02000000-02002FEF get saved, which doesn't include the addresses at 02030ec4+...)
So yeah, your images still make it look like the player position/direction. @4: C000 is for facing north. (Since 0000 is facing east.) ; The X, Z, and Y is 32-bit; and direction is 16-bit.

Anyway, that isn't the only thing copied to this save game area... as GS2 copies NPC data to 02001004+ as well.... (But during saving, if I remember correctly?) Which makes it obvious that there is support for 32 sprite objects. (And maybe more for unsaveable ones?)
« Last Edit: January 23, 2015, 05:47:43 AM by Fox » Logged

Golden Sun Docs: Broken Seal - The Lost Age - Dark Dawn | Mario Sports Docs: Mario Golf & Mario Tennis | Misc. Docs
Refer to Yoshi's Lighthouse for any M&L hacking needs...
Did you know? In English, you are suppose to capitalize the languages. (e.g. English is a proper noun.) Subjects like math, science, history can be left lower-cased unless they are a title. (Kind of like how you can say either "my mom" or "Mom" in "I went with (X) to the store.", except that I don't think languages are ever lower-cased in English.) In Spanish, both subjects and languages are left lower-cased. (I put this here because I've noticed people make this mistake quite often. And am curious if they know about this, and whether they use their way because they believe this grammar usage should have never been a thing?

Remember kids! In getting a job, it's not about what you know, it's about WHO you know! So start making friends with the people that work where you want to work. :) (Friend of a friend and volunteering count too, so keep that in mind.)[/si
View Profile

Regular Member
**

Coins: 2
Offline Offline

Posts: 135

« Reply #6 on: January 23, 2015, 05:58:59 AM »

Ah yes, the 4000/C000 thing is definitely Isaac's direction. Looks like if you're approaching a transition screen the game records Isaac's direction when transitioning to maintain that after the transition. Although, some transitions fix Isaac's direction (e.g. world map doors) and that data gets overwritten.

Looks like other highlighted areas are related to the position of the camera. I tested it in a dungeon (because sometimes world map/dungeons behave differently) and got the camera to lock somewhere else. I'm guessing that near transition zones like doors there is an area around them which takes control of the camera as you move through the area, as opposed to locking the camera on Isaac. That way you can control the camera movement as Isaac goes through a door (which is slightly irregular).

I bet that camera lock in tret is to do with the number of breakable leaves in the dungeon.
Logged
View Profile
Pages: [1]   Go Up
  Print  
 
Jump to:  

Cbox
Today at 05:19:46 AM
Majora: Perfect. Thank you!
Today at 04:45:37 AM
Atrius: Also, you can put use [nobbc][/nobbc] to show bbcode without it being parsed.
Today at 04:22:03 AM
Atrius: The bbcode wasn't designed to handle "https://youtu.be/" links.  It should be fixed now.
Today at 01:06:01 AM
Majora: Read that sometimes SMF doesn't like YouTube's https links, seems to have the same issue with http as well
Today at 01:04:59 AM
Majora: Sorry lol, didn't realize it would embed the player into the chat. At least that works! tl;dr: embedded YouTube videos fail to appear in forum posts
Today at 01:04:07 AM
Majora: Just noticed this, not sure if it's already been mentioned but it looks like the forum is breaking embedded YouTube links in posts using BBCode [youtube][/youtube] tags
December 13, 2017, 09:19:38 PM
Fox: Okay, so that Summon Night games adds the fram number to the seed, before generating another seed via mul/add....  (GS1-GS3 never adds the fram number.) ... So um, that makes sense! ;  Summon Night:  ((seed + frame) * 0x343FD + 0x269E3C) >> 0x10 ; Which is also on the list here: https://en.wikipedia.org/wiki/Linear_congruential_generator
December 12, 2017, 11:10:45 PM
Fox: Yes, and there could be contests. Maybe ones where 1st/2nd/3rd place get a cash reward, but eh. Dunno.... Kind of thinking about making a topic about how people got their job, and what was their experience. (e.g. Did they use references of people already working in the job, and various other things.)
December 09, 2017, 04:24:14 AM
Majora: Import old forum posts for reference, perhaps take posts containing important info like documentation away from the old stickied forum post model and make them into their own pages on a site with an in-built search bar. Might help with SEO, too. If nothing else, perhaps whipping them into PDFs and hosting them via Scribd? The possibilities are boundless when it comes to restructuring a site
December 09, 2017, 04:20:02 AM
Majora: Just a nice idea to have even if it doesn't come to fruition. Updating, modernizing, always a good idea. Could probably do something pretty nifty using a good Wordpress theme
December 09, 2017, 04:15:45 AM
Majora: Would be kind of neat to do something like that for GSHC. Could change it up a bit to show all tweets/instagram posts/facebook posts/golden sun subreddit posts all in one sidebar. It would be cool in that it gives the site it's on (and the topic in general) appear more lively and active, which is a plus
December 09, 2017, 04:14:19 AM
Majora: That does sound interesting. One cool thing I've seen some sites use is a sort of unique take on a sidebar option that acts like a social media integration (like, "See GSHC's latest Tweets"). It displays activity from a variety of related sites, such as Reddit, Twitter, Instagram, etc.
December 09, 2017, 12:58:53 AM
Fox: And the way it'd work via code is not that all users would instantly get nicknames the minute you register... but rather, the moment you view a name if it doesn't have a nickname, it gets one. (My Thoughts.)
December 09, 2017, 12:53:55 AM
Fox: (I was thinking that it would be "Name (Nickname)" ... The nickname is what you first known the user as, and you can change that yourself... and the Name is what the user wants to be called... Something like that.
December 09, 2017, 12:47:56 AM
Fox: So like... for starters, one idea I had was to make it so anyone can name anyone... much like how it works on Skype, and you (the namer) would be the only one to see it, and such...
December 09, 2017, 12:45:02 AM
Fox: Would need to be carefully thought out and tested, though.
December 09, 2017, 12:43:02 AM
Fox: I'm thinking I could make it so that name changes can happen whenever... (Without any limit)... Since I believe there's a way to do it with minimum confusion. (I think.) Hmm....
December 09, 2017, 12:31:36 AM
Fox: (I mean an offline version... at least initially.)
December 09, 2017, 12:25:01 AM
Fox: Now that I have thought about it a bit more, would I be right to assume that GSHC would be one of the most interesting websites to administrate, or no? It's sad to see not much going on with it. == I almost want to make a concept website at some point. :D Anyway, how is everyone doing today?
December 06, 2017, 12:12:59 AM
Fox: Like... Start using Github or something... Do like how many of those other projects such as Citra (WIP 3DS Emulator) does. Etc.

Affiliates
Temple of Kraden Golden Sunrise
Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.075 seconds with 22 queries.