I had a crazy idea, but it's not working out as well as I'd hoped. If you ever played around in the memory editor, especially after hacking it to view all 8MB, you might have noticed copies of your code list left in RAM, if the game hadn't cleared that area out, with the names and hex of the codes. If you could know consistently where the hex for a certain code would end up left in RAM, you could do like newer devices allow you do, and have a code like this:
81123458 080C
8112345A 8400
3C1B8034 2484
00640804 8D18
AF64B21D 0000
...you see where I'm going with this. Jumping right into that data left in memory.
Unfortunately when I tried this I didn't find any of my code list left in Mario Kart (and couldn't be arsed to try another game). I did, however, find some interesting leftover text that surprisingly I hadn't seen before. ROM flasher, checksum, etc. Also, the default code list the device ships with, even though I deleted most of it. I've found diagnostic screens in a few other devices by holding buttons at startup; I wonder if this had one to recover a corrupt firmware?
I could have been wrong about having seen my own code lists, rather than the default ones, left in memory, but it wouldn't make a lot of sense for it to clear out only that before booting. More likely the game just wiped out that area. Mario64 seems like a good candidate for this sort of buggery, but mine doesn't seem to want to start.
The ROM dump I have doesn't run in Mupen64. It hangs on all sorts of infinite loops waiting for some I/O registers to read certain values or something. Patching these eventually just crashed the emulator, but it did eventually get far enough to decompress/decrypt this text into RAM. If anyone's interested, I could send the save state file or RAM dump and maybe they could look for references to it.
Also, I noticed something that I don't remember ever actually working before. The reset button will restart the boot sequence, or go straight to the game without applying any patches if pressed in the menu. O_o