Dupe State: Difference between revisions

From Jak Speedruns Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(13 intermediate revisions by the same user not shown)
Line 1: Line 1:
[[File:Dupe State Eco.gif|frame|Collecting [[Blue Eco|blue eco]] while in dupe state.]]
[[File:Dupe State Eco.gif|frame|Collecting blue eco while in dupe state on console (PS2).]]
Dupe state is a "state" that Jak can enter while performing the duplication exploit on scout flies. Some side effects that occur while in dupe state include seemingly random hardlocks, statue glitch, failure to load certain parts of the game, and collectable entities not disappearing after collecting them. Dupe state can travel across save files, which is a trait not seen in any other known state. This leads some to believe that dupe state is not actually a state.
'''Dupe state''' is a "state" that Jak can enter while performing the [[Duplication Glitch|duplication exploit]] on scout flies which allows for a degree of arbitrary code execution. The state is essentially a buffer overflow in the <code>actor</code> heap involving <code>*hint-semaphore*</code> de-referencing a pointer.


Using yellow eco while dupe state is active will lead to a statue glitch, where Jak becomes frozen in place right after you press the square button to shoot yellow eco. This is the only known way to consistently perform the statue glitch.
The known side effects and behaviors that can occur while in dupe state include seemingly random game crashes, infinite loops, [[Statue Glitch|statue glitch]] with red and yellow eco, baby spiders in Spider Cave not hatching, orb vents not opening while powered with blue eco, Jak's idle animation being disabled, and collectable entities or actors not disappearing after collecting them.  


Currently, there is no use for dupe state in any speedruns of Jak and Daxter: The Precursor Legacy.  
This de-referenced pointer can travel across save files, which is a trait not seen in any other known exploit in the game.


== Technical ==
== Technical ==
Water111 had this to say when asked about what could be causing dupe state.
[[File:Dupe State hint-semaphore.png|thumb|Debug subtitle text showing that <code>*hint-semaphore*</code> now points to <code>med-res-level-1</code>.]]
Technical write-up by Hat Kid.


"A lot of the stuff in levels in Jak 1 is a "process". So there is a process for each orb, enemy, animated thing, camera, Jak,..... Each process gets run once per frame by the kernel, and each process has some memory associated with it to store its state (like where the item is located, what animation it plays...). Many processes have their memory allocated manually, like the orbs, which go into a special "collectables" heap. But other things, (like flies which spawn from crates, eco....) go on the "actor" heap. This actor heap has some really complicated code that will move around the memory for processes to compact them together and get larger chunks of free memory. However, this code is really sensitive - if any process using the actor heap accidentally writes past its allocated memory, the engine won't be able to maintain the actor heap any more. This means that deleting actors might not work, or there could be random memory corruption. Some common side effects of the actor heap getting messed up is objects don't disappear when they are supposed to, because they cannot be deleted from the actor heap. Other times, certain objects won't spawn because the actor heap is too full. Or sometimes, when it tries to spawn new enemies, it will just crash because it overwrites something else in the actor heap. I believe in debug mode, it would display "Low Actor Memory" in this case. I am not sure how save data could cause this to happen though."
There is a variable called <code>*hint-semaphore*</code> that is either always set to <code>#f</code> or, if a hint is playing, a process is spawned for that hint, and <code>*hint-semaphore*</code> stores a pointer to that hint. When you perform the scout fly dupe, the process pointer stored in <code>*hint-semaphore*</code> no longer points to the hint process, because that got killed by loading the save file, but <code>*hint-semaphore*</code> is still storing that value. Because <code>*hint-semaphore*</code> is not <code>#f</code>, the subtitle debug code that displays the hint in the top left is de-referencing that pointer. In this screenshot (loading a Geyser save), the process pointer that was stored just so happens to now point to the process for the <code>med-res-level-1</code> entity, so the subtitle debug code is de-referencing the pointer as if it were a level-hint, which happens to lead to the med-res-level's <code>cspace-array</code> (and the text ID is pointing to its root).


== Tutorial ==
== Tutorial ==
To activate dupe state, you need to load a save file (without saving) on a specific frame of a spin kick while collecting a scout fly. Once you load back in, the dupe state will be active. It works best on Geyser Rock with the first scout fly you encounter. You are able to load any save file once you have the initial spin kick set up, allowing the state to carry over with Jak to any level you load him in to.
To activate dupe state, enter a level where no scout flies have been collected. Find a scout fly crate and open it. Stand next to the scout fly and press Circle and Start at roughly the same time. If done correctly, the scout fly will no longer be present on screen and Jak's foot will be slightly lifted off the ground. Now, load a save file. Dupe state will now be active.
 
If in Debug Mode (not [[Cheat Mode]]), loading a save file while simply standing in front of the elevator door in Gol and Maia's Citadel will result in a 50% chance of dupe state being active. If the hint text is present in the top left of the screen during the pause, it will work.


<youtube>https://www.youtube.com/watch?v=FYUAW7dEvBk</youtube>
<youtube>https://www.youtube.com/watch?v=FYUAW7dEvBk</youtube>
Line 20: Line 23:
   
   
<youtube>https://www.youtube.com/watch?v=377ULKPYh3s</youtube>
<youtube>https://www.youtube.com/watch?v=377ULKPYh3s</youtube>
{{Glitches}}

Latest revision as of 23:37, 5 July 2025

Collecting blue eco while in dupe state on console (PS2).

Dupe state is a "state" that Jak can enter while performing the duplication exploit on scout flies which allows for a degree of arbitrary code execution. The state is essentially a buffer overflow in the actor heap involving *hint-semaphore* de-referencing a pointer.

The known side effects and behaviors that can occur while in dupe state include seemingly random game crashes, infinite loops, statue glitch with red and yellow eco, baby spiders in Spider Cave not hatching, orb vents not opening while powered with blue eco, Jak's idle animation being disabled, and collectable entities or actors not disappearing after collecting them.

This de-referenced pointer can travel across save files, which is a trait not seen in any other known exploit in the game.

Technical

Debug subtitle text showing that *hint-semaphore* now points to med-res-level-1.

Technical write-up by Hat Kid.

There is a variable called *hint-semaphore* that is either always set to #f or, if a hint is playing, a process is spawned for that hint, and *hint-semaphore* stores a pointer to that hint. When you perform the scout fly dupe, the process pointer stored in *hint-semaphore* no longer points to the hint process, because that got killed by loading the save file, but *hint-semaphore* is still storing that value. Because *hint-semaphore* is not #f, the subtitle debug code that displays the hint in the top left is de-referencing that pointer. In this screenshot (loading a Geyser save), the process pointer that was stored just so happens to now point to the process for the med-res-level-1 entity, so the subtitle debug code is de-referencing the pointer as if it were a level-hint, which happens to lead to the med-res-level's cspace-array (and the text ID is pointing to its root).

Tutorial

To activate dupe state, enter a level where no scout flies have been collected. Find a scout fly crate and open it. Stand next to the scout fly and press Circle and Start at roughly the same time. If done correctly, the scout fly will no longer be present on screen and Jak's foot will be slightly lifted off the ground. Now, load a save file. Dupe state will now be active.

If in Debug Mode (not Cheat Mode), loading a save file while simply standing in front of the elevator door in Gol and Maia's Citadel will result in a 50% chance of dupe state being active. If the hint text is present in the top left of the screen during the pause, it will work.

Discovery

Dupe state was inadvertently found along side the discovery of Precursor Orb, Scout Fly, and Power Cell duplication in Jak and Daxter: The Precursor Legacy, which was discovered by RNGPenguin on January 14, 2018. While other runners attempted to perform the duplication exploit, some of them reported strange side effects when failing the dupe and reloading the save file to try again. These side effects were listed earlier at the top of the page. Two days later on January 16, 2018, Ruh found a consistent setup to cause the strange side effects and coined the name Dupe State.


Glitches, Bugs, Exploits, and Secrets
Jak and Daxter: The Precursor Legacy Audio Pause GlitchBoat PauseBridge BlastCheat ModeDark GlitchDeveloper ModeDeveloper PicturesDupe StateEaster EggsFlut Flut EscapeGame CrashGhost GlitchHard FishIdle DeloadLine GlitchMoon WalkOrb Duplication GlitchPause BufferPause Cutscene TriggerPunch GlitchStatue GlitchTexture CorruptionVoid OutWalking While TalkingZombie GlitchZoomer Escape
Jak II Cheat ModeDeveloper ModeDeveloper PicturesEaster EggsGame CrashGhost TownInvisibility GlitchInvulnerability GlitchLine GlitchOrb Duplication GlitchPause BufferPeacemaker StackingPunch GlitchStadium BugStatue GlitchZombie Glitch
Jak 3 Cheat ModeDeveloper ModeDeveloper PicturesEaster EggsGame CrashInvisibility GlitchInvulnerability GlitchLine GlitchOrb Duplication GlitchPeacemaker StackingPunch GlitchStatue GlitchZombie Glitch
Jak X: Combat Racing Autosave BugCheat ModeDeveloper ModeEaster EggsLine Glitch
Daxter Dream OrbEaster EggsPalace Vase OrbTeleporter Menu Storage
Jak and Daxter: The Lost Frontier Easter EggsScene Player Skip
Retrieved from "https://wiki.jakspeedruns.com/index.php?title=Dupe_State&oldid=1862"