API tools faq
paste
Advertisement
luckytyphlosion

connection copier

luckytyphlosion
Oct 22nd, 2016
364
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.46 KB | None | 0 0
raw download clone embed print report
  1. krazyd4n - 09/14/2016
  2. so enemymonunmodifiedspecial is 1604 bytes after the start of overworld map(edited)
  3. good news, you can set the t-fly poke byte without crashing the game
  4. luck i b&phlosion - 09/14/2016
  5. wtf are you trying to do
  6. krazyd4n - 09/14/2016
  7. looking at ways of setting the t-fly poke
  8. luck i b&phlosion - 09/14/2016
  9. lol
  10. invalid map width kek
  11. krazyd4n - 09/14/2016
  12. pls send help
  13.  
  14. stringflow - 09/14/2016
  15. nice electrode
  16. krazyd4n - 09/14/2016
  17. I assume something i did to get myself to that point is against the rules
  18. Ab&²mart - 09/14/2016
  19. I don't even know what mon that backsprite is
  20. zubat? it's so light
  21. stringflow - 09/14/2016
  22. yea
  23. gifvex - 09/14/2016
  24. where is route 1 curscript?
  25. krazyd4n - 09/14/2016
  26. it doesn't appear to have one
  27. all my pokemon are zubats
  28. gifvex - 09/14/2016
  29. do you know what causes the crash?
  30. krazyd4n - 09/14/2016
  31. the TM29 crash?
  32. gifvex - 09/14/2016
  33. on map load
  34. krazyd4n - 09/14/2016
  35. probably overwrote MapID or script pointer
  36. gifvex - 09/14/2016
  37. i didnt go that far lol
  38. krazyd4n - 09/14/2016
  39. i used a TM29 x255 when i crashed
  40. gifvex - 09/14/2016
  41. i give up for now
  42. krazyd4n - 09/14/2016
  43. you can definitely set t-flies with this
  44. gifvex - 09/14/2016
  45. my script tells me which value gets put in unmodifiedspecial given a map, height, and width, but i keep crashing on load for all the ones i've tried
  46. krazyd4n - 09/14/2016
  47. lots of them do crash
  48. I've had 2/5 crash, 2/5 give no poke, 1/5 give a missingno.(edited)
  49. this probably has some use
  50. but there's a lot of different combinations of map/height/width
  51. not to mention only a small window between corrupting wEnemyMonUnmodifiedSpecial
  52. and something that we probably shouldn't corrupt
  53. gifvex - 09/14/2016
  54. concept
  55. if south connection data is always put at the bottom of overworldmap
  56. we edit the south connection block source to target data in rom(edited)
  57. set map area big enough to load south connection over unmodifiedspecial
  58. krazyd4n - 09/14/2016
  59. does it actually place blocks from the connected maps at the edge of the map
  60. I've never seen anything but bushes to the north of route 11
  61. gifvex - 09/14/2016
  62. route 11 doesn't have north connection
  63. krazyd4n - 09/14/2016
  64. you can give it one
  65. gifvex - 09/14/2016
  66. wait
  67. it doesnt put them at the bottom, it puts them at an address defined in the connection
  68. WTF we have a data copier in underflow(edited)
  69. we can set source address and target address, then S+Q to copy
  70. krazyd4n - 09/14/2016
  71. lol
  72. this game is so broken
  73. gifvex - 09/14/2016
  74. and we can control the size of the copy
  75. I CLONED BULBASAUR
  76. krazyd4n - 09/14/2016
  77. wut
  78. why would we want 2
  79. gifvex - 09/14/2016
  80. idfk but it worked
  81. sort of
  82. krazyd4n - 09/14/2016
  83. we don't even want the one we get
  84. gifvex - 09/14/2016
  85. 02 6B D1 97 D1 0F 0F 23 0A BD C8
  86. is my north connection
  87. krazyd4n - 09/14/2016
  88. is this even allowed, since it could be used to modify pokedex flags
  89. gifvex - 09/14/2016
  90. copied from D16B to D197, 15 bytes * 3 every 15 bytes
  91. luck i b&phlosion - 09/14/2016
  92. lol
  93. is the destination constant @gifvex
  94. gifvex - 09/14/2016
  95. you control it
  96. luck i b&phlosion - 09/14/2016
  97. then it's b&
  98. gifvex - 09/14/2016
  99. why?
  100. luck i b&phlosion - 09/14/2016
  101. arbitrary RAM modification
  102. glitches that allow you to write at any address of memory are b&
  103. gifvex - 09/14/2016
  104. ah
  105. luck i b&phlosion - 09/14/2016
  106. so how does this work
  107. piapwns - 09/14/2016
  108. neat.
  109. tehhammershow - 09/14/2016
  110. What is the difference between arbitrary code execution and arbitrary RAM modification
  111. luck i b&phlosion - 09/14/2016
  112. running code vs hard gameshark
  113. as opposed to a soft gameshark
  114.  
  115. well it's semi-hard
  116. because the byte written doesn't have to be controllable
  117. tehhammershow - 09/14/2016
  118. I shouldnt have come here
  119. gifvex - 09/14/2016
  120. map connections are
  121. 1 byte destination map
  122. 2 bytes pointer to connection blocks
  123. 2 bytes pointer to overworldmap address to copy to
  124. 1 byte length of strip
  125. 1 byte connected map width
  126. some other stuff
  127. so you set the "pointer to connection blocks" to "pointer to data you want to copy"
  128. and "pointer to overworldmap address to copy to" to "pointer to where you want the data to go"
  129. krazyd4n - 09/14/2016
  130. that explains roaming TMs
  131. luck i b&phlosion - 09/14/2016
  132. it's not a direct copy though
  133. gifvex - 09/14/2016
  134. and change the strip length, connected width, and your own width to make the data copy cleanly
  135. luck i b&phlosion - 09/14/2016
  136. ah
  137. so what do you want to set the strip length and connected width to
  138. gifvex - 09/14/2016
  139. and map width (map you're on) would be the above - 6?(edited)
  140. luck i b&phlosion - 09/14/2016
  141. set cur map width to 0 for a clean copy huh(edited)
  142. gifvex - 09/14/2016
  143. cur map value is irrelevant
  144. luck i b&phlosion - 09/14/2016
  145. fixed
  146. connected map width and cur map width should be 0
  147. gifvex - 09/14/2016
  148. and strip length would be data length
  149. luck i b&phlosion - 09/14/2016
  150. that could lead to an overflow though
  151. gifvex - 09/14/2016
  152. where?
  153. luck i b&phlosion - 09/14/2016
  154. wOverworldMap
  155. because 0 = 256
  156. oh wait don't set to 0
  157. krazyd4n - 09/14/2016
  158. just have height be a low value then
  159. luck i b&phlosion - 09/14/2016
  160. or wait
  161. gifvex - 09/14/2016
  162. strip length X, connected width 0, curmap width 250
  163. luck i b&phlosion - 09/14/2016
  164. set ConnectionStripWidth to the same value as ConnectedMapWidth(edited)
  165. the same with wCurMapWidth
  166. gifvex - 09/14/2016
  167. do what i said http://i.imgur.com/VgUQ5cE.png
  168.  
  169. piapwns - 09/14/2016
  170. neat.
  171. luck i b&phlosion - 09/14/2016
  172. see your widths are the same
  173. wait wCurMapWidth - 6
  174. gifvex - 09/14/2016
  175. the parameters i posted are correct for clean copy
  176. luck i b&phlosion - 09/14/2016
  177. ok
  178. gifvex - 09/14/2016
  179. you have to remember it does it 3 times and offsets each by their widths
  180. luck i b&phlosion - 09/14/2016
  181. ok so you can achieve w/o s+q by setting bit 7 of wCurMapTileset and using 10F(edited)
  182. bit 7 of wCurMapTileset is some sort of flag to not completely load the map data
  183. gifvex - 09/14/2016
  184. [AABB] = pointer to source data
  185. [CCDD] = pointer to target
  186. [EE] = number of bytes to copy
  187.  
  188. memory
  189. $D369 = $F0 (EDITOR NOTE: THIS SHOULD ACTUALLY BE $FA)
  190. $D371 = non-$FF
  191. $D372 = [BB]
  192. $D373 = [AA]
  193. $D374 = [DD]
  194. $D375 = [CC]
  195. $D376 = [EE]
  196. $D377 = $00
  197. then S+Q or do whatever lucky said to perform copy
  198. luck i b&phlosion - 09/14/2016
  199. this is still b& for 151
  200. anyway 10F jumps here: https://github.com/pret/pokered/blob/master/home/overworld.asm#L601
  201. GitHub
  202. pret/pokered
  203. pokered - disassembly of Pokémon Red/Blue
  204.  
  205. krazyd4n - 09/14/2016
  206. so anytime i save and quit after modifying some of those bytes
  207. that's ARM and b&?(edited)
  208. unless [EE] is set to 0 i guess
  209. luck i b&phlosion - 09/14/2016
  210. if you modify AA or BB
  211. krazyd4n - 09/14/2016
  212. then (probably) every 151 run done in the last few months is invalid
  213. luck i b&phlosion - 09/14/2016
  214. lel
  215. this is why 151 is misc
  216. what a meme though, we had a hard gameshark in item underflow and we didn't even realize it
  217. piapwns - 09/14/2016
  218. so could we use this copy for RBA to set all gym's to just insta give badge? Kappa
  219. luck i b&phlosion - 09/14/2016
  220. RBA still uses the "lucky glitched category global rules" or w/e
  221. krazyd4n - 09/14/2016
  222. IVG is b&
  223. luck i b&phlosion - 09/14/2016
  224. no ACE, ARM, AJPM, ASM
  225. piapwns - 09/14/2016
  226. FeelsBadMan
  227. gifvex - 09/14/2016
  228. it was being discussed here but moved to glitched for some reason
  229. luck i b&phlosion - 09/14/2016
  230. @Dabomstew @gifvex on a side note, what do you think of exploring the potential of invalid map data pointers + s+q
  231. gifvex - 09/14/2016
  232. is map data reloaded during s+q?
  233. krazyd4n - 09/14/2016
  234. Changing map data pointer then s+q messes up the map
  235. luck i b&phlosion - 09/14/2016
  236. yeah
  237. you can control the source this way
  238. so if you change the source to wram...
  239.  
  240. gifvex - 09/14/2016
  241. pokered says wMapDataPtr is the tile map pointer
  242. luck i b&phlosion - 09/14/2016
  243. yes
  244. well it's block data
  245. gifvex - 09/14/2016
  246. oh
  247. i knew it as block pointer
  248. luck i b&phlosion - 09/14/2016
  249. but yes you could potentially chain LGs this way
  250. gifvex - 09/14/2016
  251. yes
  252. luck i b&phlosion - 09/14/2016
  253. did I break 151 again
  254. krazyd4n - 09/14/2016
  255. Not really
  256. luck i b&phlosion - 09/14/2016
  257. see what we need is a rule that says "no directly modifying pointers to point to wram"
  258. krazyd4n - 09/14/2016
  259. We have similar stuff to what you're suggesting already
  260. luck i b&phlosion - 09/14/2016
  261. lel
  262. like what
  263. krazyd4n - 09/14/2016
  264. Watch the forest segment of a recent run
  265. luck i b&phlosion - 09/14/2016
  266. lol this is basically like changing the TLP to wram except you don't touch the TLP
  267. so I guess it would be b&
  268. Dabomstew - 09/14/2016
  269. lol
  270. gifvex - 09/14/2016
  271. but changing tlp is allowed, just not to wram
  272. luck i b&phlosion - 09/14/2016
  273. that wasn't explicitly a thing
  274. just ban changing directly changing pointers to wram
  275. gifvex - 09/14/2016
  276. thats probably simplest
  277. krazyd4n - 09/14/2016
  278. Except the parts they're supposed to point to
  279. gifvex - 09/14/2016
  280. 1) for connection copier, can we change source to be somewhere else in rom, and dest to be somewhere else in overworldmap?
  281. 2) for mapdata, can we change to be somewhere else in rom?(edited)
  282. how would that be different to changing tlp to somewhere in rom?
  283. krazyd4n - 09/14/2016
  284. Also, what is/isn't allowed with wOverworldMap overflow?
  285. luck i b&phlosion - 09/14/2016
  286. idk
  287. gifvex - 09/14/2016
  288. i don't want to think about 151's ruleset anymore so here's a manip idea
  289. if vertical steps and horizontal steps delay random by differing numbers of cycles, if you need to take 5 steps up and 5 steps left, will the RNG state at the end of the 10 steps always be the same, regardless of which order you take the steps in?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!