List of games that use power-on state to seed RNG

Discuss technical or other issues relating to programming the Nintendo Entertainment System, Famicom, or compatible systems. See the NESdev wiki for more information.

Moderator: Moderators

User avatar
Bregalad
Posts: 8055
Joined: Fri Nov 12, 2004 2:49 pm
Location: Divonne-les-bains, France

Re: List of games that use power-on state to seed RNG

Post by Bregalad »

strat wrote: Mon Dec 21, 2020 5:39 pm Here's the intended emulator-detection code from the RTC.nes demo. Even after reading about open-bus behavior on the wiki, I'm stumped here. In both FCEUX and Mesen it writes #$AA to vram address $0001 and the cmp reads from $0002 [Edit: It's actually reading the value in $1 on the read buffer - the problem here is that the emulator doesn't allow writes to chr memory if the header says chr rom]. I guess it's supposed to write #$AA to $2A00 and read it back with the cmp but the inx and the first dummy read ensure it will always hit $2A02.
Thus, we all agree this demo will, unintentionally, always show "YOU ARE USING AN EMULATOR" even on both NTSC and PAL hardware, both flash cart and EEPROM, right ?
Useless, lumbering half-wits don't scare us.
User avatar
Quietust
Posts: 1919
Joined: Sun Sep 19, 2004 10:59 pm
Contact:

Re: List of games that use power-on state to seed RNG

Post by Quietust »

lidnariq wrote: Mon Dec 21, 2020 5:58 pm
strat wrote: Mon Dec 21, 2020 5:39 pm 01:EDAA:EE 06 20 INC PPU_ADDRESS = #$00
Hm.
Normally that would read the PPU internal open bus (pre-seeded to 0 by the above STX), then write 0, then write 1.
Minor nitpick: the PPU's internal bus would be initialized by the "01:EDA5:AD 02 20 LDA PPU_STATUS = #$00" instruction immediately beforehand, which would set the upper 3 bits based on the VBLANK flag + Sprite 0 Hit + Sprite Overflow (and the lower 5 bits to zero by the PPU_MASK write above it).

In this case, though, those are all still zero (because it's outside of VBLANK and rendering is turned off), so it still behaves as described (i.e. wrongly).
Quietust, QMT Productions
P.S. If you don't get this note, let me know and I'll write you another.
strat
Posts: 409
Joined: Mon Apr 07, 2008 6:08 pm
Location: Missouri

Re: List of games that use power-on state to seed RNG

Post by strat »

Bregalad wrote: Mon Dec 28, 2020 11:29 am Thus, we all agree this demo will, unintentionally, always show "YOU ARE USING AN EMULATOR" even on both NTSC and PAL hardware, both flash cart and EEPROM, right ?
It's an NROM program that has 8K of chr-rom in the iNES header (yet still writes to chr-memory and reads it back) and clears all ram on startup except the stack. So it probably fails on a flashcart that locks chr memory when it's supposed to be chr-rom (like lidnariq says above).
User avatar
rainwarrior
Posts: 8731
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

Re: List of games that use power-on state to seed RNG

Post by rainwarrior »

Oh dear.

"After noticing that you could cause a bug in the saves from Dragon Quest III by increasing the temperature of the cartridge and start at level 99 at a specific temperature, a player has made a speedrun of the game with his console resting on a hot plate."

https://twitter.com/VGDensetsu/status/1 ... 9743085570
Pokun
Posts: 2675
Joined: Tue May 28, 2013 5:49 am
Location: Hokkaido, Japan

Re: List of games that use power-on state to seed RNG

Post by Pokun »

What the...?
Oh well, at least he is just cooking a clone and a cheap and common game.
User avatar
Bregalad
Posts: 8055
Joined: Fri Nov 12, 2004 2:49 pm
Location: Divonne-les-bains, France

Re: List of games that use power-on state to seed RNG

Post by Bregalad »

strat wrote: Mon Dec 28, 2020 5:01 pm It's an NROM program that has 8K of chr-rom in the iNES header (yet still writes to chr-memory and reads it back) and clears all ram on startup except the stack. So it probably fails on a flashcart that locks chr memory when it's supposed to be chr-rom (like lidnariq says above).
OK, but because the flash cart can make the 8k of CHR-ROM behave like pre-initialized CHR-RAM (like Nesticle :) ) it doesn't mean it has to. It can also block writes easily, and I'd definitely make it behave like this if I was designing a flash cart.
Useless, lumbering half-wits don't scare us.
User avatar
Broke Studio
Formerly glutock
Posts: 181
Joined: Sat Aug 15, 2015 3:42 pm
Location: France
Contact:

Re: List of games that use power-on state to seed RNG

Post by Broke Studio »

rainwarrior wrote: Wed Dec 16, 2020 6:03 pm
Game bugs: Reliance on RAM values wrote: Note that using power-on RAM content as a seed for random number generation is not a game bug.
We've deliberately excluded this case from the wiki, so I'm curious: which games do do this?

Offhand the only one I've heard of is:
  • Final Fantasy - power-on is used for a usually-consistent startup seed by speedrunners
I made two games leave most bits of the RNG uninitialized at reset so that gathered entropy propagates across each reset. (They don't bother to scan all of RAM at startup for entropy that way, though. I didn't really care too much about methods that don't work well on emulators or PowerPak.)
  • Lizard
  • NESert Golfing
Does anyone else know any?
I did something like this in Twin Dragons and Basse Def Adventures.
I check zeropage on startup/reset and look for a byte different than 0 and use a default one if I can't find anything.
The other byte of the seed is fixed though.
Worked fine enough for the games.
My first game : Twin Dragons available at Broke Studio.
puppydrum64
Posts: 160
Joined: Sat Apr 24, 2021 7:25 am

Re: List of games that use power-on state to seed RNG

Post by puppydrum64 »

tepples wrote: Mon Dec 21, 2020 7:45 pm This inc PPUADDR to reuse the PPU's I/O data bus value as a VRAM address is beautiful.

Even more dastardly would be inc PPUDATA to exploit the reported inability to write to video memory on consecutive M2 cycles.
Ok I'll admit I understood none of that :oops:
Post Reply