So you’re a computer. You run programs. Your programs count on when they store a piece of information, it stays the same. If someone changes one of these values on you, you don’t know and blissfully run the program with the new, cheat information.

Stale memory reference is a variable in memory that is not supposed to be used anymore, but the hacker puts new information in, which then confuses the program.

Most of these sort of exploits are bugs. The programmers fail to predict, for example, someone could walk out of a room while the boomerang is still in the air. This creates a situation where unexpected things happen, because the programmers goofed.

In the case of SRM, profoundly large unintended consequences can result.

To discover these things, you need luck, knowledge of how programs work, or know how to think like a programmer. A common tactic anyone can use is to find “edge cases.” An edge case is an unexpected set of circumstances. What if I jump through a door and then crouch mid air? What happens if I shoot a live grenade with a rocket launcher?

From what I understand, the Zelda SRM bug is about how Nintendo implements its stack. That is a very specific detail you would only know if you worked at Nintendo writing operating system code. So this would be very hard to find by looking for it, because you wouldn’t know it is there.

Usually these things are discovered by accident.

It is likely people discovered the bug, kept experimenting, and ultimately figured out what was happening.