So I've been doing some more reverse engineering to the game and I think I made some discoveries about the RNG for the game.

The RNG seed is a 4-byte global variable (I'm excluding its location in memory to prevent people from hacking it to cheat). This number, assuming that it's an unsigned integer, has a range of 0 to 4,294,967,295 inclusive. How the seed is determined is still uncertain, but one aspect of the function is known.

It's already known that the RNG is determined by the Windows kernal, but what in the kernal was unknown until now. After poking around the assembled code in RAM I found a several pointers to a function in a Windows .dll file with a name close to "get_tick_count" (I forgot to note the actual name of the function and the .dll file for this explanation). As the name suggests, the function returns how many "ticks" (it's either the amount of frames or cpu cycles since Windows has been booted, I couldn't find out which one it was but I assume it's the frame count). I know this is used in determining RNG because there's several instructions after this function is called that ultimately puts the new seed into the RNG seed address. Trying to find out what these instructions do is going to be a nightmare as there are over 100 instructions (I'm not too familiar with x86, my background is in ARM) and several instructions jump to other parts of RAM so keeping track of what does what is going to be difficult.

However, I can say this with 100% certainty. Manipulating RNG will NEVER be possible without the use of hacks. Even if you do the exact same inputs, like a TAS, on 2 different playthroughs, they will desync as the RNG will start on and change to different values. The only way one can manipulate RNG is if they start the game on an exact frame since they booted Windows and make no mistakes in their run. Good luck with that.

If I or anyone else discovers more information, I will make more posts in this thread.

tl;dr RNG cannot be manipulated because it's determined by how long your PC has been on for.

(Very long post incoming. tl;dr will be at the end.)

This is in response to the guide by @Wolfii that attempts to explain this glitch. His guide can be found here: https://www.speedrun.com/sjsm/guide/n955g

If you don't know what this glitch is, you can watch my video on it below.

As of September 9, 2018, his explanation is only partially correct. The glitch can be triggered by interacting with a locked door then obtaining the key for said locked door. What causes it, however, is rather complex, but I think I found the reason. It's not what Wolfii describes in his guide.

Let's start with the objects that spawn when the gel room loads for the first time. The two main objects responsible are the locked door trigger (door1_wait_trig) and the note about Specimen 1 (note_sp1_obj).

The door1_wait_trig object has two events (Game Maker's version of functions); an Alarm (an event that can only be activated after a specified amount of frames) with an index of 0 (will be referred to as "Alarm 0" from here on), and a collision event for when the player touches the trigger. Alarm 0 returns door1_wait_trig to it's spawn point. The collision event goes like this: -If the player pressed "E"

Show the text that tells the player to look around the room Move door1_wait_trig to (0, 0) (basically far outside of the room to not retrigger the text) In 120 frames (~2 seconds), execute Alarm 0

The note_sp1_obj object has three events, but only two are necessary for this explanation. It uses a create event and a collision event for the player. The create event scales the note object by 1.5 and sets the variable "do_var" to 0. The collision event is similar to the fake door, but it's a little different. -If the player pressed "E", and do_var is 0

Move note_sp1_obj to (0, 0) Create the paper that the player sees on the screen Create the object sp1_text (the words on the paper) Set do_var to 1 (this is done to prevent the player from re-picking up the note

The glitch now begins with the sp1_text object. There are only two events in sp1_text; destroy, and draw. Destroy does the following:

Create gel_obj (Specimen 1) Change door1_wait_trig into door1_trig (the real door trigger) Draw just displays the text for Specimen 1.

This is only a theory, but I think the glitch is caused when door1_wait_trig gets changed into door1_trig. The door1_trig object also has an Alarm 0 event. This event is the one that sends the player to the next room. Basically, reading the note within 2 seconds of interacting with the fake door causes the real door to mistakenly execute its Alarm 0 once the 2 seconds are up.

If I find anything new, I will update this post at a later point.

tl;dr The locked door has a function with the same name as a function of the real door and it gets executed after picking up the note, all within 2 seconds.

EDIT: The version of this glitch in the looping room is actually not a glitch but an oversight by the developers. As my second post says, the door in this room doesn't check the notes you pick up, but rather checks how many times you examined the door. If you examine the door 4 times, it will always open (when I tested it, at least).

Runs for parts one and two no longer require video verification as long as they are 5 hours or longer. However, it is recommended that you at least upload your splits and an image of your completed save file when submitting, but this is not required.

The only exceptions to this are for 100% and full game runs. These categories REQUIRE video verification.

If you don't have a video and your time/category doesn't meet the requirements for not needing video, you can talk to the mods about making an exception for your run either in your submission or through other means.

(Also 100% is still locked until a full definition for the category is complete. Once this is done 100% runs will be accepted.)

So I was doing some PB attempts for 250 rooms last night and came across a strange glitch with room 60.

I don't know how this happened, but here's what I did that may have caused it:

My time was falling behind so I stopped focusing on the room number and was just focusing on the doors. Because of that, I ran to the door in room 60 without thinking and mashed the "E" key to try and open it. I realized then that I needed the note before opening the door and went to get it. After putting the note away, it just warped me to the next room.

The video speaks for itself. I'm probably gonna look through the game's code to find out how this happened and do some further testing. Can anyone else replicate this glitch? If so, will this glitch save time in runs?

(Update: I found that this glitch is useless as it softlocks you later on)

I found out that you can skip opening the safe and getting the gas mask in the Steam version using this simple glitch.

Do any of you think this will be faster than getting the gas mask?

So after messing around with the shop glitch for a few days I came to a few conclusions.

1. The shop glitch most likely doesn't actually write arbitrary code like I initially thought. I'm thinking this because the data we manipulate to get the results in the Konami Code category doesn't appear to generate byte code that the GBA can read (I'm still looking into this to see if this is true - I've converted part of the RAM that is associated with the shop to ARMv7 THUMB assembly code which does make a piece of code but it's mostly garbage afaik).

2. The outcome of the shop glitch appears to be affected by buying too many collection packs. Buying too many volume packs or standard decks seems to be fine but collection packs cause the magic. In combination with this, buying other card packs creates unique results. Most combinations I tested usually either crash the game or softlock. Nearly all of them changed the language to Japanese and the animation speed to the slowest possible value. There are more effects that can occur, which brings me to my next point.

3. The shop glitch is likely not going to be very useful. Any outcome that doesn't crash/softlock the game (from what I've tested) always gives you the ability to start the credits at will (I think until you restart the game, but I'm not sure), anywhere between 480 and 500 of the 1,000 cards that can be obtained (you can get all the Exodia pieces at least 99% of the time with this glitch), and you'll have very few DP remaining (usually less than 100 DP). User gcah2006 has reported glitching into cups/tournaments and glitching trophies into the bedroom, so different results are possible but probably not useful for a glitched any% run (as of now). I'm still looking into this and trying to come up with new strats and explanations.

Some other notes: -Why the results of the glitch changes randomly with the same card set-up is still unknown. It's likely caused by RNG or values in the processor's registry. -Why only collection packs break the game like this is also unknown. It's probably just bad programming. -Most of the RAM values are still unknown. I've only been able to map at least 2 portions of RAM.

Like I said, I'm still looking into this so if I find anything new I'll post it here.

I'm planning on speedrunning this game soon and I was curious about this. Certain names provide different effects in game (most notably "SOUTHPARK" changing the character graphics and more) and I was wondering if using these specific names that affect the game were allowed: TIMER - Shows a timer in the top right corner of how long the oni will chase you GODMODE - Makes you invincible to the oni BLOCKMAN - Replaces all random oni encounters with the Blockman oni, does not include scripted oni events I'm mostly curious about TIMER specifically as that can help when evading oni, especially for those either just starting or have trouble with timing. I imagine GODMODE would probably be banned as it could count as using a cheat. BLOCKMAN could be a separate category if it really affects the difficulty. What do you guys think?