From 722b4cd07b306dc8fc3b7c930ccbc57697c4e51d Mon Sep 17 00:00:00 2001 From: Connor Olding Date: Tue, 2 Jul 2019 09:44:53 -0700 Subject: [PATCH] add RNG reversal script --- Lua/RNG index.lua | 192 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 192 insertions(+) create mode 100644 Lua/RNG index.lua diff --git a/Lua/RNG index.lua b/Lua/RNG index.lua new file mode 100644 index 0000000..fd44009 --- /dev/null +++ b/Lua/RNG index.lua @@ -0,0 +1,192 @@ +-- Random Number Generator reversal script for Bizhawk +-- original algorithm by trivial171 (rng, v2, rnginverse functions) +-- please refer to this video: https://www.youtube.com/watch?v=-9YLCoK5K6o +-- everything else by notwa + +local abs = math.abs +local floor = math.floor +local pow = math.pow + +-- Lua 5.3 is nice and precise and doesn't coerce everything into doubles. +local precise = 0xDEADBEEF * 0x12345678 % 0x100000000 == 0x5621CA08 + +-- constants of the LCG: +local m = 1664525 -- 0x0019660D +local b = 1013904223 -- 0x3C6EF35F +local gcd = 4 -- of m and 2^32 + +local powers = {} +for i = 1, 32 do + powers[i] = floor(pow(2, i - 1)) +end +local big32 = floor(pow(2, 32)) + +local gamedb = { + -- pairs of (RNG state address, display list address): + -- Ocarina of Time (J) 1.0 + ["C892BBDA3993E66BD0D56A10ECD30B1EE612210F"] = {0x105440, 0x11F290}, + -- Ocarina of Time (U) 1.0 + ["AD69C91157F6705E8AB06C79FE08AAD47BB57BA7"] = {0x105440, 0x11F290}, + -- Ocarina of Time (J) 1.2 + ["FA5F5942B27480D60243C2D52C0E93E26B9E6B86"] = {0x105A80, 0x11F958}, + -- Ocarina of Time (U) 1.2 + ["41B3BDC48D98C48529219919015A1AF22F5057C2"] = {0x105A80, 0x11F958}, + -- Majora's Mask (J) 1.0 + ["5FB2301AACBF85278AF30DCA3E4194AD48599E36"] = {0x098550, 0x1F9E28}, + -- Majora's Mask (J) 1.1 + ["41FDB879AB422EC158B4EAFEA69087F255EA8589"] = {0x098490, 0x1FA0D8}, + -- Majora's Mask (U) 1.0 + ["D6133ACE5AFAA0882CF214CF88DABA39E266C078"] = {0x097530, 0x1F9CB8}, + -- Doubutsu no Mori (J) 1.0 + ["E106DFF7146F72415337C96DEB14F630E1580EFB"] = {0x03C590, 0x145080}, +} + +local function mulmod(a, b, q) + if precise then return a * b % q end + + -- this needs to be done because old versions of Lua + -- store everything as doubles. that means we have 52 bits + -- to work with instead of the 64 that Lua 5.3 provides. + local limit = 0x10000000000000 + local halflimit = 0x4000000 -- half in terms of bits +-- assert(abs(a) < limit) +-- assert(abs(b) < limit) +-- assert(abs(q) <= limit) + + local L = halflimit -- shorthand + local a_lo = a % L + local a_hi = floor(a / L) % L + local b_lo = b % L + local b_hi = floor(b / L) % L + return (a_lo * b_lo + (a_lo * b_hi % L + a_hi * b_lo % L) % L * L) % q +end + +local function powmod(b, e, m) + -- blatantly lifted from Wikipedia and tweaked for overflows. + if m == 1 then + return 0 + else + local r = 1 + b = b % m + while e > 0 do + if e % 2 == 1 then + r = mulmod(r, b, m) + end + e = floor(e / 2) + b = mulmod(b, b, m) + end + return r + end +end + +local function mul32(a, b) + return mulmod(a, b, big32) +end + +local function inv32(x) + -- Modular inverse of x, an odd number. + -- via https://lemire.me/blog/2017/09/18/computing-the-inverse-of-odd-integers/ +-- assert(x % 2, "inv32(x): x must be odd!") + local y = x % big32 + for i = 1, 4 do + y = mul32(y, (2 - mul32(y, x))) + end + return y +end + +local const = floor((m - 1) / gcd) +local const_inv = inv32(const) + +local function rng(x) + -- The xth RNG value returned by the game. + -- Computable by geometric series formula: + -- RNG(x) = b * (m^x - 1) / (m - 1) % q + -- The denominator (m-1) shares a common factor of 4 with q, + -- so we compute the numerator mod 4q. + -- We divide by (m-1) by first dividing by 4, + -- and then multiplying by the modular inverse of the odd number (m-1)/4. + local temp = floor((powmod(m, x, gcd * big32) - 1) / gcd) + return mul32(mul32(b, temp), const_inv) +end + +local function v2(a) + -- The 2-adic valuation of a; that is, + -- the largest integer v such that 2^v divides a. + if a == 0 then return 100 end -- a large dummy value + local n = a + local v = 0 + while n % 2 == 0 do + n = floor(n / 2) + v = v + 1 + end + return v +end + +local function rnginverse(r) + -- Given an RNG value r, compute the unique x in range [0, 2^32) + -- such that RNG(x) = r. Note that x is only unique under the assumption + -- that the Linear Congruential Generator used has a period of 2^32. + + -- Recover m^x mod 4q from algebra (inverting steps in RNG function above) + local q = big32 * gcd + local xpow = (mul32(mul32(r, const), inv32(b)) * gcd + 1) % q + + local xguess = 0 + for _, p in ipairs(powers) do -- Guess binary digits of x one by one + -- This technique is based on Mihai's lemma / lifting the exponent + local lhs = v2(powmod(m, xguess + p, q) - xpow) + local rhs = v2(powmod(m, xguess, q) - xpow) + if lhs > rhs then + xguess = xguess + p + end + end + return xguess +end + +if m == 1664525 and b == 1013904223 then + -- self-tests: + assert(inv32(m - 1) == 4211439296) + assert(rng(0) == 0) + assert(rng(1) == 1013904223) + assert(rng(2) == 1196435762) + assert(rng(3) == 3519870697) + assert(1 == rnginverse(1013904223)) + assert(2 == rnginverse(1196435762)) + assert(3 == rnginverse(3519870697)) +end + +-- run the remaining code when executed in Bizhawk, otherwise exit. +if rawget(_G, "bizstring") == nil then return end + +local R4 = mainmemory.read_u32_be + +local hash = gameinfo.getromhash() +local addrs = gamedb[hash] +if addrs == nil then + print("unsupported ROM:") + print(hash) + return +end + +local ind_prev = nil +local dlist_prev = 0 +local ind_change = 0 + +while true do + local seed = R4(addrs[1]) + local dlist = R4(addrs[2]) + local ind = rnginverse(seed) + + gui.text(8, 8, ("RNG: 0x%08X"):format(seed), nil, "topright") + gui.text(8, 24, ("index: 0x%08X"):format(ind), nil, "topright") + gui.text(8, 40, ("delta: %+11i"):format(ind_change), nil, "topright") + + if dlist ~= dlist_prev and ind_prev ~= nil then + ind_change = ind - ind_prev + end + + ind_prev = ind + dlist_prev = dlist + + emu.frameadvance() +end