Address Error Exception
Jump to navigation
Jump to search
The Nintendo 64's CPU, the VR4300, can throw an Address Error Exception. This occurs when lookup to an invalid or non-existent address occurs, most commonly as a Null Pointer Exception, which is an Address Error Exception caused by attempting to access an address of 0 (NULL).
Exploits
Address Error Exceptions often have exploit potential on Wii VC since the Wii VC emulator ignores null pointer exceptions. This means that a read from a null address into a register will actually leave the register untouched with its last value and resume normal execution.
We can then analyze crashes that cause Address Error Exceptions.
Cause | ACE Exploitable | Any Exploitable | Notes |
---|---|---|---|
Deleting a non-existent file on the File Select Screen | No | Doubtful | sMainMenuButtons[MENU_BUTTON_ERASE]->oMenuButtonActionPhase is NULL when written to. For selecting 'NO' this results in the button zoom being unaffected. 'YES' is more complex. It's just a write and the copy menu doesn't allow for this glitch, so this is unlikely to be exploitable. Plus, there's barely anything to work with when we're not even in-game. |
Moving a shadow above surface 12 while it's over OOB | |||
Killing a Monty Mole remotely | No | No | o->oMontyMoleCurrentHole->oMontyMoleHoleCooldown = 30 causes crash as mario needs to be < 1500 units for monty to select a hole (otherwise it's null) |
Killing an uninitialized Monty Mole | No | No | (same as above) |
Going out of bounds in a room with a painting | No | No | `gPaintingMarioFloorType` is what is affected, and it's updated every frame the OoB check happens; at most, you could maybe delay entering a painting by 1 frame |
Being pushed off of a hang-able ceiling while in the idle hanging action | No | Doubtful | t9 for start hang. Would potentially cause Mario to stay hanging for a single frame without a ceiling, No effect for idle loop hang t8, last use of t8 set is jr t8 which is never the hang-able value 0x05) |
Sound glitch | N/A | N/A | The cause of sound glitch is unknown. Contrary to popular belief, it can sometimes occur on versions other than the original Japanese N64 release. |