Homebrew Apparently confirmed bug: OoT cartridge causes certain homebrew to freeze while running 11.0

[LeifEricson]

EDIT: The general consensus is that it's the new memory randomization feature in 11.0. Though the payloads have been fixed to launch the HBL itself, any app that interacts with an ASLR-active cart (such as OoT or CN) will cause a crash 99% of the time. This is independent of the entry point used to reach the HBL, except A9LH/CFW which bypasses ASLR in the first place.

I've been seeing this pop up a few places the past few days; more than one person have described the same exact bug: when using a *hax entrypoint on 11.0, and trying to launch any homebrew that requires title selection (including save managers and the sploit installer), the console freezes on a yellow or red screen if OoT is inserted. Conveniently this means that if you experience this bug you can't access any app that can install oothax.

Confirmed cases (some are from reddit and as such their reddit profiles are linked):

1. Myself, happened on an O3DS 11.0U while trying to use smchax to launch sploit installer and svdt
2. /u/zweiwing -https://www.reddit.com/r/3dshacks/comments/4pznqd/3dshacking_qa_thread_worlds_on_fire/d4v8lfu
3. /u/dingycollar -https://www.reddit.com/r/3dshacks/comments/4pznqd/3dshacking_qa_thread_worlds_on_fire/d4tr1uf
4. /u/BigBarsofSoap -https://www.reddit.com/r/3dshacks/comments/4pznqd/3dshacking_qa_thread_worlds_on_fire/d4u3kqe
5. /u/jman0125 -https://www.reddit.com/r/3dshacks/comments/4pznqd/3dshacking_qa_thread_worlds_on_fire/d4tjbkc
6. /u/Haedoxic -https://www.reddit.com/r/3dshacks/comments/4pznqd/3dshacking_qa_thread_worlds_on_fire/d4vdsxi
7. /u/AltyJones - https://www.reddit.com/r/3dshacks/comments/4pznqd/3dshacking_qa_thread_worlds_on_fire/d4vd2i2
8. Farian - http://gbatemp.net/threads/apparent...reeze-while-running-11-0.432910/#post-6495347

If this is happening to you and you're not on this list let me know so I can add you. It doesn't seem to happen in all cases though, for example my A9LH 11.0 N3DS can select it as a target just fine.

 

[Roomsaver]

Oothax is buggy. Almost all of the entrypoints are buggy.

 

[Farian]

Yeah, I can confirm this. 11.0, non cfw/a9lh. Anyway, the reason why your a9lh 3ds can run the installer is because a9lh bypasses aslr, which is what causes this issue.

 

[Drakia]

Oothax is buggy. Almost all of the entrypoints are buggy.

OoTHax isn't buggy, it's just extremely complicated, and making something like that work 100% of the time on a system you don't have full control over in userland is damn near impossible.

when using a *hax entrypoint on 11.0, and trying to launch any homebrew that requires title selection (including save managers and the sploit installer), the console freezes on a yellow or red screen if OoT is inserted

I'm curious if the same occurs with Cubic Ninja inserted. Perhaps it's something to do with the memory randomization they added in 11.0 for those two titles conflicting with the *hax payload.

 

[LeifEricson]

I'm curious if the same occurs with Cubic Ninja inserted. Perhaps it's something to do with the memory randomization they added in 11.0 for those two titles conflicting with the *hax payload.

That's a good point. Don't have the hardware to test but maybe you're right.

 

[Farian]

The same should also occur with ninjhax. Like I said, aslr is what causes this. Though aslr has been bypassed in the latest oothax/ninjhax version, and successfully booting into the homebrew launcher works, any homebrew software modifying these titles will still be blocked by aslr.

 

[Roomsaver]

OoTHax isn't buggy

https://gbatemp.net/threads/update-11-0-and-homebrew.425973/ "OOThax: Works (It can take upwards of 30 tries to load the hbl until Smea fixes it)"

 

[Farian]

https://gbatemp.net/threads/update-11-0-and-homebrew.425973/ "OOThax: Works (It can take upwards of 30 tries to load the hbl until Smea fixes it)"

OotHax isn't buggy. Aslr is.

 

[Roomsaver]

OotHax isn't buggy. Aslr is.

My bad.

 

[LeifEricson]

My bad.

Plus, the taking 30+ attempts was before it was fixed for aslr as Farian said, but perhaps the multiple attempts may also apply to launching homebrew at the moment until it's fixed.

 

[Drakia]

https://gbatemp.net/threads/update-11-0-and-homebrew.425973/ "OOThax: Works (It can take upwards of 30 tries to load the hbl until Smea fixes it)"

You mean fixes it like this?
https://github.com/yellows8/oot3dhax/releases
https://github.com/yellows8/oot3dhax#110033-support

 

[Roomsaver]

You mean fixes it like this?
https://github.com/yellows8/oot3dhax/releases
https://github.com/yellows8/oot3dhax#110033-support

My bad.

 

[NichyXD]

You mean fixes it like this?
https://github.com/yellows8/oot3dhax/releases
https://github.com/yellows8/oot3dhax#110033-support

OOThax works just fine with the latest release.

 

[Drakia]

Plus, the taking 30+ attempts was before it was fixed for aslr as Farian said, but perhaps the multiple attempts may also apply to launching homebrew at the moment until it's fixed.

Yeah, my guess is having the cart in is triggering the memory randomization for the payload you're loading. Kind of a bummer, really.

 

[LeifEricson]

Yeah, my guess is having the cart in is triggering the memory randomization for the payload you're loading. Kind of a bummer, really.

Yep. Since it effects all entry points on 11.0 it's definitely the ASLR interacting with the OoT cart itself, and the payload in general handling it, as has been stated.