Submission Text Full Submission Page

Introduction

Another pokesub from me, this time on the Coin Case TAS. This run is ~40 seconds faster than the previous TAS (accounting for the lack of a BIOS on the previous TAS).

Emulator used: Bizhawk 2.4.2

  • CGB in GBA is enabled for console verification.

Categories

  • Forgoes save data corruption
  • Executes arbitrary code
  • Heavy luck manipulation

About the run

Version Choice

Gold and Silver are mostly the same, the only relevant difference being that Silver’s title screen loads 2 frames slower. Silver was used in the previous TAS since the TID used was faster to manip on that version, however, this run manips a different TID, and Gold happens to be able to manipulate it faster.

Route

Most of the route pre-Coin Case is identical to my glitchless submission, with some differences:
  • TID is manipulated to be F8F7; D8F7 also works, but F8F7 was much faster to manipulate.
  • Time is set to the default time, we don’t have to catch a Wooper here, so no need to set it to morning.
  • The player is named “J”. Purely an artistic choice, there is no extra cost to naming the character J.
  • Cyndaquil’s DVs are manipulated to be F8AF, nothing too different really, still does the job.
  • Cyndaquil is named “B”. Again, another artistic choice, with no extra cost.
  • Bellsprout is caught on Route 31. We need a filler Pokemon for the Coin Case and Bellsprout is the best since we have to encounter it anyways. It is not nicknamed, as its name will only appear 2 times in the run.
  • The Egg’s DVs are manipulated to be 3887. This is important later on for the ACE bootstrap.
  • Burn strats are completely avoided. Turns out it was actually a bit slower to use burns to save turns (loses ~3 seconds overall).
    • Russel’s level 6 Geodude is now taken out with two 1/39 non-crit Embers.
    • The Koffing from the last Rocket grunt is now taken out with a 1/39 non-crit and a high roll non-crit Ember.
    • Rival 2’s Croconaw is now taken out by three 1/39 Tackle crits and one 1/39 Tackle non-crit.
  • Apparently, Amy & May's Ledyba can be KO'd by a Tackle crit, which saves a bit of time over Ember.
  • Tackle is swapped to the third slot on Rival 2. Tackle needs to be in the third slot for the ACE bootstrap to work, and switching moves in battle is a lot faster than out of battle.
  • Cut is taught to Bellsprout. Bellsprout has empty move slots, so it is fastest if we teach Cut to it.
  • Of course, since we’re just going to be glitching with the Coin Case, no need to catch Abra or get the bike, just go underground, defeat the 1 trainer in the way, then Coin Case away.

Coin Case Glitch Improvements

The Coin Case glitch setup is pretty much the same until we reach party data. The previous TAS used a ld hl,D900 and jp hl to jump to box names. This TAS instead uses a ld hl,F86C and rst 30 to jump to box names. rst 30 is really just a 1 byte call to 0030, which corresponds to:
ld l,a
pop de
jp hl
The egg’s DVs are manipulated to correspond to jr c,87 instruction, which will make a relative jump backwards to right before Quilava’s data (there are some other DVs that work too for this). Quilava’s species ID, which corresponds to a sbc h opcode, will be executed, and this will make a = B9. This will make the rst 30 jump to F8B9, which is a little before box names.
Since we jump to the beginning of box names, we don’t have to scroll downwards to boxes 7-8 like the previous TAS. This, however, raises an issue, as we cannot plant our joypad input in the box 1 terminator, due to character restrictions. We can however plant our input in box 2’s terminator, so we can simply split the program into 3 box names. This is still much faster than scrolling down to boxes 7-8, so it’s an improvement nonetheless. The program is written like this:
BytesInstructionComment
Box 1
fa a6 ffld a,(ffa6)Reads current joypad inputs into a
fe 50cp $50We don’t want the terminator executed, so we eat it with a cp
00 x4nop x4Slide down to box 2
Box 2
aaxor dd stores last joypad input: find out differences to current input
ea d0 f8ld (f8d0),aWrite difference; will be executed as opcode later in the next cycle
aaxor dRestore current joypad input value
f5push afCopy current joypad input from a...
d1pop de... to d (store it as last joypad input)
f1pop afRestore a and f from the previous cycle
(f8d0)(any)Execute opcode written earlier this cycle
Box 3
f5push afSave a and f for next cycle
b6or (hl)Clears carry flag, needed for the jump
d2 b9 f8jp nc, f8b9Loop back to right before Box 1; carry will never be set
The input payload can be found here. It’s fairly similar to MrWint’s payload, with a few improvements, namely putting our warp data next to the player’s coordinates, and using the game’s auto-input system to talk to Red, so we can simply let the game beat itself.

Nerd Stuff

I used the same lua in my Pokemon Silver TAS to make this TAS, it can be found here.
Also, for nerds, here is an encode using the lua:
I also used a bot to find the needed trainer ID, my bot (which is heavily based on the RTA TID bot) can be found here.

Console Verification

Tikevin was able to console verify this TAS, the stream for it can be found here.
As a note, since the run is just ~30 minutes, RTC almost never becomes an issue for console sync.
Also, for publication, please use the Libretro GBC palette, that palette is the best.

Memory: Judging
Memory: The execution in this run seems to be very good but there’s major problems with the goal.
The run mimics the glitchless run with some minor route deviations until it gets the coin case to end the game. You look at bellsprout, then at the coin case, and then you’re at red and the game is over. It’s not a visually exciting glitch by game end glitch standards, nor are there any sort of lesser glitches leading up to that one. When discussing the submission with others, I realized the glitch had left such little of an impression on me that I forgot what it looked like and had to rewatch it to remind myself. You might as well just watch like 30 minutes of the glitchless run go “ok I’m done” and then skip to the end of the video. This is the kind of glitch that would make better for a neat youtube video solely dedicated to it than part of a dedicated TAS. The audience reaction wasn’t really great either and the ratings on the published run are less than stellar.
Additionally it is conceptually similar to the save glitch branch. Ultimately both runs aim to use a glitch to directly trigger game end as quickly as possible. The difference between them is that the save glitch branch abuses a mid-save reset to beat the game much faster, whereas this one avoids mid-save resets and performs the coin case glitch (which is a form of Arbitrary Code Execution) a bit later into the game. While Coin Case Glitch is about 26 minutes longer, this is similar to Super Mario Bros. 3 where a much longer run was obsoleted by a much shorter one. The difference in runs here ultimately comes down to the precise “attack vector” to perform the game end glitch, which imo is not an especially compelling difference for a casual audience. One could argue about the legitimacy of mid-save resets, but TASVideos has allowed them for a long time. While the specific method of save glitch used in TASes is hard to verify as being possible, it is known that one can reach game end through save glitch even in real time play. Additionally, save glitches are possible on all versions of Gen 2, meaning that the faster strategy is not locked out of versions.
In my eyes this goal definition is quite flimsy. If the goal is no mid-save reset, what happens if a run that doesn’t use save glitches is faster than the save glitch branch? Would it obsolete both this run and the other? We also have never really made any distinction between mid-save reset and not before, especially when Arbitrary Code Execution enters the picture. If that’s not the goal, is the goal of this run to use specifically the coin case glitch? In that case, wouldn’t runs that use a similar game end glitch setup that isn’t the coin case be unable to obsolete this one?
It seems the Pokemon RTA community has actually came to a similar conclusion, only listing any% and any% glitchless as major categories, whereas no save corruption is only listed under category extensions.
For these reasons, I think allowing the previous Coin Case run to remain unobsoleted was a mistake, and we should correctly have it obsoleted by the save glitch branch. We may revisit this in the future if rules changes occur but for now...


TASVideoAgent
They/Them
Moderator
Joined: 8/3/2004
Posts: 15620
Location: 127.0.0.1
EZGames69
He/They
Publisher, Reviewer, Expert player (4467)
Joined: 5/29/2017
Posts: 2764
Where’s the encode for nerds? >:c
[14:15] <feos> WinDOES what DOSn't 12:33:44 PM <Mothrayas> "I got an oof with my game!" Mothrayas Today at 12:22: <Colin> thank you for supporting noble causes such as my feet MemoryTAS Today at 11:55 AM: you wouldn't know beauty if it slapped you in the face with a giant fish [Today at 4:51 PM] Mothrayas: although if you like your own tweets that's the online equivalent of sniffing your own farts and probably tells a lot about you as a person MemoryTAS Today at 7:01 PM: But I exert big staff energy honestly lol Samsara Today at 1:20 PM: wouldn't ACE in a real life TAS just stand for Actually Cease Existing
Alyosha
He/Him
Editor, Emulator Coder, Expert player (3826)
Joined: 11/30/2014
Posts: 2834
Location: US
Cool! Now with the silver run as well nearly all the gen 1 and 2 pokemon TASes will be console verified. Nice work!
Banned User
Joined: 4/1/2016
Posts: 295
Location: Cornelia Castle
Nice work, yes vote! Can't wait to see this and the the Red TASes published.
DJ Incendration Believe in Michael Girard and every speedrunner and TASer!
Banned User
Joined: 4/1/2016
Posts: 295
Location: Cornelia Castle
Why weren't the runs console verifyable before? Either way, nice work on all of the Gen 1/2 TASes. I can't wait until they're all submitted and published. Red SC/Gold Coin Case/Silver glitchless are submitted, but there's just one left maybe. Can't wait to see! (I'm saying that for everyone else.)
DJ Incendration Believe in Michael Girard and every speedrunner and TASer!
Emulator Coder, Judge, Experienced player (732)
Joined: 2/26/2020
Posts: 788
Location: California
DJ Incendration wrote:
Why weren't the runs console verifyable before? Either way, nice work on all of the Gen 1/2 TASes. I can't wait until they're all submitted and published. Red SC/Gold Coin Case/Silver glitchless are submitted, but there's just one left maybe. Can't wait to see! (I'm saying that for everyone else.)
The previous TAS was made in 2014. No emulator had accurate RNG until 2017 lol
Memory
She/Her
Site Admin, Skilled player (1558)
Joined: 3/20/2014
Posts: 1767
Location: Dumpster
Now that there's an encode, would people like to express their opinions? A little weird seeing a pokemon game with only 1 vote.
[16:36:31] <Mothrayas> I have to say this argument about robot drug usage is a lot more fun than whatever else we have been doing in the past two+ hours
[16:08:10] <BenLubar> a TAS is just the limit of a segmented speedrun as the segment length approaches zero
Emulator Coder, Judge, Experienced player (732)
Joined: 2/26/2020
Posts: 788
Location: California
Memory wrote:
Now that there's an encode, would people like to express their opinions? A little weird seeing a pokemon game with only 1 vote.
The encode has actually been there since submission.
Memory
She/Her
Site Admin, Skilled player (1558)
Joined: 3/20/2014
Posts: 1767
Location: Dumpster
CasualPokePlayer wrote:
Memory wrote:
Now that there's an encode, would people like to express their opinions? A little weird seeing a pokemon game with only 1 vote.
The encode has actually been there since submission.
...OK I just have no clue then.
[16:36:31] <Mothrayas> I have to say this argument about robot drug usage is a lot more fun than whatever else we have been doing in the past two+ hours
[16:08:10] <BenLubar> a TAS is just the limit of a segmented speedrun as the segment length approaches zero
EZGames69
He/They
Publisher, Reviewer, Expert player (4467)
Joined: 5/29/2017
Posts: 2764
I am wondering if this category was considered fastest completion at the time Mr. Wint submitted that run. I am not sure if it's entertaining enough to be it's own thing so I am not sure how I feel about it.
[14:15] <feos> WinDOES what DOSn't 12:33:44 PM <Mothrayas> "I got an oof with my game!" Mothrayas Today at 12:22: <Colin> thank you for supporting noble causes such as my feet MemoryTAS Today at 11:55 AM: you wouldn't know beauty if it slapped you in the face with a giant fish [Today at 4:51 PM] Mothrayas: although if you like your own tweets that's the online equivalent of sniffing your own farts and probably tells a lot about you as a person MemoryTAS Today at 7:01 PM: But I exert big staff energy honestly lol Samsara Today at 1:20 PM: wouldn't ACE in a real life TAS just stand for Actually Cease Existing
Emulator Coder, Judge, Experienced player (732)
Joined: 2/26/2020
Posts: 788
Location: California
EZGames69 wrote:
I am wondering if this category was considered fastest completion at the time Mr. Wint submitted that run. I am not sure if it's entertaining enough to be it's own thing so I am not sure how I feel about it.
At the time it was the fastest completion, although when save glitch stuff came around, Coin Case was separated from it. You could parallel this to RBY's game end glitch and save glitch, the former forgoing save corruption, which I somewhat highlighted with this part of the submission:
Forgoes save data corruption
Of course, save data corruption would easily be faster than this (either forgoing the Coin Case or combining save glitch with the Coin Case, the latter obviously being slower than the former but still faster than this submission, if that makes sense). In any case, I'm wondering why this isn't as entertaining as the previous movie, are party swaps or Slowpoke actually that entertaining to make a difference? Or is Toto somehow more entertaining? (which wouldn't make much sense when Cynda requires much more luck manipulation to work, which is somewhat noticeable imo)
TiKevin83
He/Him
Ambassador, Moderator, Site Developer, Player (155)
Joined: 3/17/2018
Posts: 358
Location: Holland, MI
I voted Yes due to enjoying the ending with the spray of inputs and then suddenly credits. The ending at least is entertaining in its own right. Separately I appreciate that this TAS was made verifiable and that it rounds out the optimization level of all Gen 1/2 TASes of save corruption/no save corruption/"glitchless". Gen 1/2 TASing is in an awesome state now.
Memory
She/Her
Site Admin, Skilled player (1558)
Joined: 3/20/2014
Posts: 1767
Location: Dumpster
Is the save glitch possible on gold/silver?
[16:36:31] <Mothrayas> I have to say this argument about robot drug usage is a lot more fun than whatever else we have been doing in the past two+ hours
[16:08:10] <BenLubar> a TAS is just the limit of a segmented speedrun as the segment length approaches zero
Emulator Coder, Judge, Experienced player (732)
Joined: 2/26/2020
Posts: 788
Location: California
Memory wrote:
Is the save glitch possible on gold/silver?
Well, there's literally a Gold movie in the save glitch obsoletion chain, although that was much slower due to much less knowledge at the time. If we're paying attention to my Crystal submission, the answer is yes, and no. It's fairly complicated, since the current save glitch movie abuses much more than save corruption. I'll go over the list of things it abuses. Save Corruption/Checksum Collision (the main part that makes it "save glitch"): Yes, they use identical saving systems and the checksum uses the same concept. Type D1 Map Corruption: Well, move 0x00 has type d0 in g/s technically, but still, I haven't seen a case where it actually corrupted the map. This is useless anyways because of the next glitch abused: Map 0xFF00 Corruption: Map 0xFF00 is NOT friendly in G/S, it will always result in a crash, unlike Crystal where it doesn't crash, but rather causes giga corruption (without crashing!) that ends up being helpful for setting up ACE. The actual ACE exploit: I'll be looking at gifvex's Crystal save glitch movie first for this. That movie used 0x1500 ACE. That ACE is exclusive to Crystal, and cannot be done in G/S. G/S does have somewhat of a parallel however, type d0 can cause ACE, but the entrypoint is like the Coin Case too, requiring at the very least 3 Pokemon. Now looking into my submission, it uses a wrong pocket TM to achieve ACE (specifically TM22), this ACE exploit is actually shared between all Gen 2 games with this exact TM... Well, it goes to wCurItem on all versions, which does end up getting slightly more complicated to create a bootstrap to the temp mail buffer (the simple dec h jp hl won't work here, not to mention we don't get nice corruption from map 0xFF00 so we would essentially have to create each item needed with bag structure manipulation). Which leads to the main issue with G/S, the location of the temp mail buffer leaves me no way to modify it to plant joypad inputs... yeah. Well, I do have a theoretical way to do so but it would end up doubling the size of the joypad payload just due to the fact that hl cannot be touched, and unsure on some specifics on it (which actually dictate on whether it's possible to do in the first place). Not to mention it would less entertaining since you don't get to see giga corruption or giga fucked bag, just a bunch of ? and tossing them, and very possible it might be slower than Crystal overall. tl;dr yes but it's likely slower than Crystal, and if not, it would be more boring than Crystal (both of which is why I don't want to pursue making such a movie). Now, to answer the opposite (just in case this is brought up), can a Crystal movie do the game end glitch (ie Coin Case's effective branch)? Yes! Well, not the Coin Case specifically, but it does have 1 glitch that can be done without save corruption: https://www.youtube.com/watch?v=W5-ITad-oec Well, it uses save shenanigans instead, which might fall under "save glitch" (it's not save corruption however). So possibly it's actually a no, but in any case Crystal will be slower than G/S if you forgo save corruption (and by contrast, G/S is likely slower than Crystal if you use save corruption). EDIT: In case another point wasn't clear, save glitch on G/S, while likely slower than Crystal, would definitely be faster than game end glitch (ie Coin Case). Of course, that leaves save glitch in a pickle since G/S would be likely be unable to actually have any movie published in that branch since Crystal would obsolete it. And now let's get into the main issue this goes into. The submission's feedback has been mostly positive, just not *overwelming* positive like you would see on most Pokemon movies. Say this means that this movie is not eligible for Moons (you could argue both ways imo, but let's look into this scenario). If it's not, then it would have to be rejected since the save glitch branch completes the game faster than the Coin Case branch. Then, I guess you into why this submission was not overwhelmingly positive. I haven't seen any actual specifics into why this is less entertaining than MrWint's movie. I believe it's more people do not care as much for Coin Case TASes nowadays (they were popping up in 2014, this is 2020). So, say this is the case, wouldn't that mean MrWint's Coin Case should be de-Mooned? If so, then it would be forced into the save glitch's obsoletion chain, due to Vault only having the fastest completion, and save glitch being faster than the Coin Case (I guess I semi-win this way since my Crystal save glitch submission obsoletes MrWint's Coin Case lol). Now say, regardless, it is accepted. I could argue this is still acceptable, as the feedback that was there was still fairly positive, and there have been several cases of movies being accepted to Moons by the virtue of obsoleting another Moon, despite minimal (but positive) feedback. I guess in this case, that leaves Crystal able to obsolete this chain if some faster game end glitch is discovered, but really, it would likely just stay as Coin Case, with G/S likely staying the faster version w/o save corruption. (yes I'm also aware that most of this was rambling :c)
TiKevin83
He/Him
Ambassador, Moderator, Site Developer, Player (155)
Joined: 3/17/2018
Posts: 358
Location: Holland, MI
I pushed the console verification to youtube for a more permanent reference https://youtu.be/5YjjL-cygXE
Samsara
She/They
Senior Judge, Site Admin, Expert player (2240)
Joined: 11/13/2006
Posts: 2822
Location: Northern California
CasualPokePlayer wrote:
And now let's get into the main issue this goes into. The submission's feedback has been mostly positive, just not *overwelming* positive like you would see on most Pokemon movies. Say this means that this movie is not eligible for Moons (you could argue both ways imo, but let's look into this scenario). If it's not, then it would have to be rejected since the save glitch branch completes the game faster than the Coin Case branch. Then, I guess you into why this submission was not overwhelmingly positive. I haven't seen any actual specifics into why this is less entertaining than MrWint's movie. I believe it's more people do not care as much for Coin Case TASes nowadays (they were popping up in 2014, this is 2020). So, say this is the case, wouldn't that mean MrWint's Coin Case should be de-Mooned? If so, then it would be forced into the save glitch's obsoletion chain, due to Vault only having the fastest completion, and save glitch being faster than the Coin Case (I guess I semi-win this way since my Crystal save glitch submission obsoletes MrWint's Coin Case lol).
The obsoletion chain for Gen2 ACE (pardon the generalization) is a bit wonky: The published CCG originally obsoleted Gold save glitch, but when Crystal save glitch came along, the obsoletion chain was reworked to keep CCG alive, and have Crystal save glitch obsolete Gold... So, technically, there are two opposite precedents revolving around the same category. Thaaaaaaaat's TASvideos!!! love u tasvideos <3 There have been a few notable non-Pokemon instances of faster, yet much less entertaining glitches directly obsoleting far more entertaining, but slower glitches. So, it could be a case where audience feedback on CCG doesn't matter at all because Crystal save glitch is going to obsolete it anyway just on the basis of being a faster game end glitch (since at one point we judged CCG as being able to obsolete save glitch)... But again, we already passed up the chance to do exactly that when the first Crystal save glitch run was submitted. It's a really weird (coin) case, I think. There's more precedence towards Crystal save glitch being the primary glitched run (CCG originally obsoleting the 54 minute save glitch run, plus the SMB3 and Chrono Trigger cases), and so I'm tempted to think that way by default, but the simple fact that CCG was intentionally kept alive and reclassified as a separate category to save glitch makes it difficult to be absolutely certain one way or the other. This really needs more feedback, especially with the Crystal improvement also on the workbench, as I don't think either run can be properly judged until we reach a definite conclusion.
TASvideos Admin and acting Senior Judge 💙 Currently unable to dedicate a lot of time to the site, taking care of family. Now infrequently posting on Bluesky
warmCabin wrote:
You shouldn't need a degree in computer science to get into this hobby.
Emulator Coder, Judge, Experienced player (732)
Joined: 2/26/2020
Posts: 788
Location: California
Samsara wrote:
the simple fact that CCG was intentionally kept alive and reclassified as a separate category to save glitch makes it difficult to be absolutely certain one way or the other.
As I've noted in my rant argument, this classification parallels Gen 1: game end glitch effectively being No Save Corruption (and paralleling Coin Case glitch) and Red's save glitch (well, "SRAM glitch") being a separate branch (which can be seen as a parallel to Crystal's save glitch). I suppose when you look at it in that perspective, this re-classification makes somewhat more sense.
Samsara wrote:
This really needs more feedback, especially with the Crystal improvement also on the workbench, as I don't think either run can be properly judged until we reach a definite conclusion.
Crystal is practically accepted, we're just waiting for 2.4.3/2.5 to roll around and for cycle counts to be actually used for timing on SubGBHawk movies :P
Sanqui
Any
Player (26)
Joined: 4/25/2011
Posts: 33
I'm happy to see a TAS that does the Coin Case route justice now. I don't want to sound dramatic but it's always disappointing to me when a save corruption route obsoletes NSC. Call it bias :)
ovo
Memory
She/Her
Site Admin, Skilled player (1558)
Joined: 3/20/2014
Posts: 1767
Location: Dumpster
Keep in mind, I'm not exactly sure the "No Save Corruption" movie we have now ([3901] GBC Pokémon: Yellow Version "game end glitch" by TiKevin83 in 09:47.92) was the right call to make either. When I first judged that run I was more focused on the Blue/Yellow comparison but I realized later after Super Mario Bros. 3 that I looked past the ACE elements too quickly. EDIT: The more I think about it, the more I realize the issue with basing a branch's ruleset solely on lack of save corruption. Theoretically, a run that uses a different type of glitch could be faster than both Coin Case and Save Glitch, obsoleting both yet following the same rules. This branch does not seem categorically different from other GeG type runs.
[16:36:31] <Mothrayas> I have to say this argument about robot drug usage is a lot more fun than whatever else we have been doing in the past two+ hours
[16:08:10] <BenLubar> a TAS is just the limit of a segmented speedrun as the segment length approaches zero
Site Admin, Skilled player (1255)
Joined: 4/17/2010
Posts: 11492
Location: Lake Char­gogg­a­gogg­man­chaugg­a­gogg­chau­bun­a­gung­a­maugg
A lot of confusion is added by the fact that similar glitch types co-existed in game versions that then became comparable to each other in terms of obsoletion, but only within certain branches, that feature certain glitch types. Warp glitch and save glitch involved green, yellow, and red. And then, trainer glitch, brock glitch, warp glitch, and game end glitch involved red, blue, and yellow, as a separate chain, with completely different times! Otherwise, save glitch being separated from CCG indeed looks similar to gen1. The existing CCG run got decent feedback probably because it was a novel concept, and also had some gameplay left in it since gold save glitch, which also got decent feedback. The new save glitch, crystal this time, doesn't look so certain about its Moon with entertainment rating of 5, but it's marked as fastest completion, so should be vaultable at least. If this submission obsoletes silver CCG, there will be less version difference to showcase, and also we're not sure it goes to Moons after all that's happened with all these games since 2014. Rejecting and leaving the slower run also feels weird, but at least that slower run is probably more entertaining? Is it still entertaining though? I don't know, I'd argue these two are meant to be comparable in that regard.
Warning: When making decisions, I try to collect as much data as possible before actually deciding. I try to abstract away and see the principles behind real world events and people's opinions. I try to generalize them and turn into something clear and reusable. I hate depending on unpredictable and having to make lottery guesses. Any problem can be solved by systems thinking and acting.
Reviewer, Active player (287)
Joined: 12/14/2006
Posts: 717
In other words, Pokémon chain of succession is a huge muddled mess. I tend to lump all forms of memory corruption into the same category. I know that's not really the case and Pokémon specifically has a long history of all kinds of memory corruption being used, but I'm probably not the best judge for this kind of stuff. May I ask: what's the difference between this and save corruption that a lay person might be able to pick up without all the background information. It feels like save glitch is ACE and this is also ACE, but it takes longer to get there.
TiKevin83
He/Him
Ambassador, Moderator, Site Developer, Player (155)
Joined: 3/17/2018
Posts: 358
Location: Holland, MI
I'll try to reframe it from an information security perspective: Gen 1 and 2 Pokemon are broadly vulnerable to memory corruption attacks due to a lack of sanity checks in the pokemon party and item bag menus. There are several different vectors for this attack and levels of severity of each vector across the individual games. Gen 1 has two primary attack vectors: One, a lack of sanity checks on save data enables save corruption by hard resetting during saving. With the item and party data corrupted the memory vulnerabilities in the party and bag become exposed. This is the category ran as "any%" in RTA and it has an equivalent TAS branch shared across gen 1. Two: trainer fly in Viridian Forest. By encountering a wild Pokemon at the same time as a trainer, you break the script system that starts battles and trainer dialogue. The movies for this in RB vs Y have very different processes to set up the payload that gets executed in the forest. The Pokemon TASers generally treat the different payloads as different enough to warrant individual TASes, but the branches are currently treated as one due to the shared initial trainer fly attack vector. Gen 2 also has two primary attack vectors: The first is the same as Gen 1 - save corruption, however the developers largely patched it in gen 2 by implementing data safety for save data via a checksum. To counter this a collision attack has to be crafted on the checksum. Between the generational game difference and checksum collision, the branches are in my opinion appropriately treated as separate. The second attack vector available in Gen 2 is the coin case. A typo in the string that shows your coins executes some sound data as code, which can be set up to execute some pokemon stat data as code which can be set up to execute box names as code. In infosec terms it's like an invalid string terminator executes an invalid pointer which can be crafted to execute unsanitized user input (box names). A complex attack, but the payloads are obscured by normal-looking gameplay, so all you see visually of the exploit is the box naming and opening the coin case. Yes a layperson may see all this as "they glitched to the end of the game," but: 1: Doing it on different game releases and different generations inherently appeals to different people. 2: The different attack vectors can be unique to watch. 3: The different combinations of games and attack vectors create several unique routing challenges for TASers. 4: Anyone with even a slight infosec training can identify integer underflow in the bag or pokemon party, the failed save data checksums, and unsanitized user input as separate issues worthy of individual investigation.
Reviewer, Active player (287)
Joined: 12/14/2006
Posts: 717
Saw that Memory mentioned Super Mario Bros 3 and I decided to look it up. It does seem that that game had a situation similar to this. When [4032] NES Super Mario Bros. 3 "game end glitch" by Masterjun & ais523 in 00:00.78 was submitted, the previous movie was [2588] NES Super Mario Bros. 3 "game end glitch" by Lord_Tom & Tompa in 02:54.98. The previous movie executes its glitch by manipulating objects to go to certain places which set up the RAM so that once Mario goes the wrong way into a specific pipe, the game will warp you to the ending. The new movie gets to the ending from the title screen. It doesn't even enter the game proper. For the 7-1 version, like you said for Coin Case, the set up for the glitch can be disguised as normal gameplay, so the audience might not know anything is happening until the glitch takes effect. Abusing the way the game reads inputs to warp to the ending from the title screen is very, very, very different from that. It's not close to the same method. It doesn't look the same. It is very obviously completely new. Thing is though, [4032] NES Super Mario Bros. 3 "game end glitch" by Masterjun & ais523 in 00:00.78 obsoleted [2588] NES Super Mario Bros. 3 "game end glitch" by Lord_Tom & Tompa in 02:54.98. Even though they relied on very different methods to achieve their goals, they were still deemed to be the same category. Is there something special that makes this situation stand out from that? I supposed you can say they're different games, but it seems to be tradition on this site that Pokémon games of the same generation are treated as the same game, so I'm not sure if that's enough.
Samsara
She/They
Senior Judge, Site Admin, Expert player (2240)
Joined: 11/13/2006
Posts: 2822
Location: Northern California
TiKevin83 wrote:
I'll try to reframe it from an information security perspective: [rest of post snipped]
Let's continue with that metaphor, then. If the end result of both attack vectors is the same (i.e, a successful attack), why does it matter which one was used to begin with? Assuming, for some reason, that your average layperson is watching these attacks happen, they're not going to understand the mechanics behind each one. They're just going to wonder why one attack is 25+ minutes slower than the other. Sure, you'll get the occasional person who's interested in how both attacks work, and will gain entertainment out of both of them (I'm sure a lot of people who actually visit the site are interested in that), but most people (i.e, casual speedrun fans and the YouTube audience) aren't going to see a difference apart from time. The analogy falls apart when you realize that different attack vectors in infosec are important because each one needs to be specifically prevented, so ultimately the only thing that matters there is finding them in the first place. In one of the strangest phrases I've ever had to write: This isn't infosec, it's Pokemon speedrunning. Speed matters, and there's a 0% chance that any of these methods of attack are going to be "fixed" in any way, barring a revelation that something only works on an emulator, and given your dedication to console verifying these runs, I don't even see that happening, so in terms of what gets showcased on the site, what matters the most is speed. I mentioned the Chrono Trigger and SMB3 examples in a previous post, where two highly entertaining and universally praised runs were obsoleted by clear Vault runs, just because those runs used faster methods of attack. I don't see why Pokemon should continue to receive special treatment here, especially considering the current CCG run isn't considered to be the same level of entertaining as the aforementioned runs. Of course, that's not to say these methods shouldn't be redone at all, or that they shouldn't be studied. This is purely an issue of site publication and how we handle these sorts of (coin) cases. The Pokemon speedrunning community will absolutely benefit from CCG being studied further and done faster in the same way that it'll benefit from any other GEG run getting the same treatment, but this isn't the Pokemon speedrunning community. It's a much larger niche that contains members of that community. As far as I'm (and I assume most other people are) concerned, CCG and save corruption are the same category of glitch (memory manipulation/game end glitch), and thus the faster one should be the preferred one. This is further evidenced by save corruption being our first Gen 2 GEG run, initially obsoleted by CCG (which was the fastest known at the time), and as far as I can tell, the only reason why CCG was even kept despite the original Crystal save glitch run being submitted is because nobody had any opinion on it. Still, it's a good thing this was submitted, and it's a good thing this conversation is happening. We need runs like this to spark discussions like this to keep improving and refining how the site operates. I've seen a lot of positive change from the last time I was on the site, and I'd like to keep seeing that going forward. This run getting rejected is far from the end of the world: Like I said on the S3K Sonic run, we can always take another look at it in the future when the rules change. Rejection is only really a black mark in the case of obviously horrible optimization, or blatantly stolen input, or Super Mario Bros 1. There almost certainly will be a place for this run on the site someday, even if it takes 11 years like Lee Trevino's Combat Golfsketball.
TASvideos Admin and acting Senior Judge 💙 Currently unable to dedicate a lot of time to the site, taking care of family. Now infrequently posting on Bluesky
warmCabin wrote:
You shouldn't need a degree in computer science to get into this hobby.
Emulator Coder, Judge, Experienced player (732)
Joined: 2/26/2020
Posts: 788
Location: California
Samsara wrote:
barring a revelation that something only works on an emulator, and given your dedication to console verifying these runs, I don't even see that happening
Well, that does bring an interesting point. While No Save Corruption runs easily console verify, Save Corruption does not. The issue is primarily just due to the fact that we cannot programmatically hard reset a GBP. So far, for gen 1 save corruption TASes, verification has done either 2 things: 1. a human does the reset (reasonable for gen 1, it's a 4 frame window), or 2. the expected save data is flashed onto the cartridge. For 1, my submission has the reset window at a whopping ~60μs (gifvex's is worse, with only ~10μs to work with). So yeah, that throws human resets out of the question. For 2, while that works easily for Gen 1, the same can't be said for Gen 2, due to the presence of RTC in the cartridge. This could easily lead to some input boundary issue, an extra lag frame appearing, and of course, if any RNG is involved, it will certainly desync (this isn't too much a concern, but important in case some future movie has RNG elements later). Along for my submission, the proper VRAM timing is needed for Type D1 map corruption, which can possibly also be screwed over by RTC. Not to mention the inherit shakiness of such a "verification" since it's still making the assumption that's the data that would result if we timed the precise reset correctly. As it really stands, the save corruption runs should work in principle, but at the moment we can't do a true console verification, and the more shaky methods still have a good chance to desync just due to RTC. None of this applies to Coin Case since it doesn't need a reset, so it can usually just sync right away (barring some cart that has some extreme clock drift, even then the run is 30 minutes long so clock drift is very unlikely to happen in the first place).