Just to add some context, arbitrary code execution in Super Mario World is nothing new, it has been known since 2014. There was a tool assisted demonstration at Awesome Games Done Quick 2014 [1] where they inject a pong and a snake game using a TASBot (a robot controller that replays input scripts to the console). And in 2016 a streamer performed it manually to inject a flappy birds game [2] (this second video is really good, he goes into detail of the process).

So, what this newer demonstration brings is the use of the known arbitrary code execution capabilities of "Super Mario World" to help finish all 5 games in "Super Mario All-Stars + Super Mario World" as quick as possible.

[1] https://www.youtube.com/watch?v=jnZ2NNYySuE

[2] https://www.youtube.com/watch?v=hB6eY73sLV0

Disclaimer: I didn't watch the linked video but I did watch some of Sethbling's older videos about the All-Stars exploit which I assume this post is in reference to.

I think the bigger exploit here is not only the Super Mario World ACE but the Mario 3 save file exploit.

I love these, they are always really impressive. They've done the same with Ocarina of Time in the same event[0] to inject entirely new levels into the game on the fly and even give it Wi-Fi capabilities (sort of)

[0] - https://www.youtube.com/watch?v=2x_pqyrf9lA

That is pure insanity, the in-engine custom ending with BotW shading is mind blowing.

I don't understand how they got a network connection to load in the chat on an unmodified console. Was the TASBot connected to the network and pushing the messages via controller inputs? If so that is pretty insane.

Yes, TASBot is controlled by a PC connected to the network, and was pushing chat messages over the controller port in addition to ACE payloads.

Everything is on GitHub, so here's the code that was injected into the game to read commands from TASBot over the controller port: https://github.com/triforce-percent/triforce-percent/blob/01...

Yes; the four controller ports allow a total of like 60 bytes per read.

Actually, they progressively inject faster bootstrappers and end up with about 4.8 kB/s: https://youtu.be/qBK1sq1BQ2Q

But still about 60 bytes per read, an insurmountable limit.

I'm pretty impressed all the stuff they patched in the game at just 4.8 kB/s. TASBot was not active for all that long.

TASBot was only controlling controller 1 for a short time, but it remained connected to controllers 2-4 for the entire run, giving it time to download additional content as the showcase was going on.

Ah, I was under the impression that it had stopped. That makes more sense.

Recommended: Pokémon Yellow Total Control Hack: https://www.youtube.com/watch?v=p5T81yHkHtI

Brings back so many memories

Awesome to watch, and I recommend listening to the technical explanations if you have time.

I love some of the YouTube videos coming out recently explaining not just this exploit, but also some of the Zelda: Ocarina of Time applications of ACE, including a new category called "Triforce%," in which speedrunners use a program to input millions of inputs that essentially code a _new game_ within the _original, un-modded cartridge._

I feel like I've learned more about assembly and architecture concepts from those videos in the past year or so than I had reading any other book over the course of my career.

Related: https://www.youtube.com/watch?v=hB6eY73sLV0

What exactly is the politics you're referring to?

I have two guesses:

When runners are being featured, their preferred pronouns are displayed on screen.

Their events were remote during the pandemic, the recent event last week required everyone attending to wear masks.

The end of civilisation as we know it!

Won't someone think of the transphobic gamers and their needs???

Calling people by their preferred pronouns isn’t politics, it’s not being an asshole.