Difference between revisions of "Bughunting"

From SDA Knowledge Base

Jump to: navigation, search
(new idea, let me know if it makes sense / fix mistakes)
(No difference)

Revision as of 05:10, 28 August 2009

No program is perfect. By extension, no game is bug-free. The techniques here will help you find them, if none are already known. Hopefully the bugs you find will be useful, and you will then add them to this wiki on the appropriate game page!

All Games

Games share a lot of code, no matter the genre. Inventory management, quest/plot completion and conversation trees are a common factor, especially among today's "Action RPGs". As with any code, they are breakable.

Pausing

Pause may seem like a simple thing to implement, but in many cases it is done poorly. This mainly applies to older games. Most commonly it confuses timed events, such as reloading or hitstun. You can use this trick on Mega Man 2 to repeatedly hit bosses with the Lightning weapon, by pausing each time it hits, and waiting a short duration for the boss's hitstun to reset. It also changes Mega Man's vertical velocity to zero on some games, allowing you to make extra-long jumps.

Hidden Worlds

On games where the world is made up of discrete rooms, there must be some mechanic whereby the game decides which room to put you in next, usually when you reach a boundary. If this mechanic were confused, perhaps by another event occuring at the same instant the boundary is triggered, then it may send you to the wrong place. An alternate way of triggering this is by triggering a boundary while facing the wrong direction. This often leads to completely un-navigable areas or copies of other rooms without the contents. The Pokemon series are known for their 'Glitch Cities' which can be entered by exiting the Safari Zone in an unintended fashion.

Scrolling

When games scroll (in any direction), they have to decide what to put on the screen next. As with the Hidden World bugs, confusing this decision process can have strange results. A fairly well-known example is with Metroid II; by hitting Select at appropriate times, entire lines of wall can be skipped out when the engine scrolls them on screen. This also allows you to enter glitchy areas and skip vast sections of the map. The tweaking trick discovered on 4th-generation Pokemon games has much the same effect.


Action Games

You shoot stuff, you jump around, you press buttons. Sometimes you fight a boss. All action games share a great amount of gameplay, and as such, a lot of bugs too.

Physics

Let's say, the game you are playing runs at 60Hz. In most modern-ish PC games you can change this as long as your monitor supports it. While this frequency only tells you how many frames the graphics engine outputs per second, it also tends to be how many 'game ticks' the engine runs per second. This knowledge might not seem particularly useful, but when combined with a little understanding about how games implement physics, it can blow the game wide open.

Almost all games that have physics at all will go with some kind of simplified Newtonian method. What this means is that your character (and possibly other actors in the game world) will have at least position and velocity. Most of these engines boil down to running "NewPosition = OldPosition + Velocity" every game tick, which has some interesting consequences. If you are going so fast that on consecutive game ticks you are either side of a wall, the game may not register a collision. This is used on Half-Life to go through a barrier, and on countless other games to occasionally ignore corners.

Bunnyhopping

How do you reach such ludicrous speeds in the first place? A common technique (at least in First-Person Shooters) is to repeatedly jump. This counter-intuitive technique works, because the engine almost always runs something like "If Player on Ground: NewVelocity = OldVelocity - Friction" every tick. The more time you spend off the ground, the less friction will be applied to you. So far, so good. However, in order to actually gain speed rather than keep the same speed, you will need to do something else. The 'something else' depends entirely on the game's engine: on Quake, you need to continually move the mouse from side-to-side whilst using the strafe keys; Half-Life 2 mandates that you use alternate strafe keys as you land. Experiment.

As an aside, some games actually implement bunnyhopping consciously; Painkiller and Quake 3 let you off with just jumping while holding forward.


RPGs

Bughunting on RPGs is usually less 'playing around' and more 'pushing the envelope'. In general you should try and find the game mechanic that has the most effects on combat, and bend it until it breaks.

Integer Underflow

Games which need to store values do so based on how big that value will probably get. A standard way of doing this on old games is by using one byte, which gives an unsigned range of 0..255, or a signed range of -128..127. Unless the game checks that the value does not 'go below the minimum', you can often cause the value to wrap around to its maximum. This has obvious consequences if the value in question is your character's Strength or Level. On Baldur's Gate you can use an item-swapping trick to wrap an item's quantity value around to 65535, the two byte unsigned maximum. On Suikoden II you can use the Kindness Rune's attack-increasing ability to add 255 by making your Kindness value lower than 0. The applications are endless, and often, very profound.

Memory Corruption

A massive topic, and one that can break the game more often than not. As with Integer Underflow, it occurs when the programmer was not careful enough in implementing something. A well-known corruption bug occurs on Final Fantasy VI when Relm uses Sketch and it misses (because you cast Vanish on it beforehand). This causes the program to try to read an area of memory which does not contain an enemy's data, with often catastrophic results.

Personal tools