Past Gen RNG Research

Kaphotics

Remodeling Kitchens
is a Top Researcher Alumnusis a Top Contributor Alumnus
Time warp back to Gen 3: Colosseum WISHMKR Jirachi

Uses a 1 word hex seed (XXXX), grabbed from the save file in which the Jirachi is generated from via the Common GBA Restricted method (kinda like method 1).

Code:
Seed-> [yyyy][zzzz][IVs][IVs] .... PID: zzzzyyyy 
call:  1     2     3    4             (Uses upper16 bits from each seed)
Basically a flipped Method 1 PID. See [URL="http://www.smogon.com/ingame/rng/pid_iv_creation#rng_pokemon_generation"]X-Act's article[/URL] on PIDIV creation.
For those looking to RNG this bugger (Body Slam), this seed is not manipulatable in currently known ways, and would have to be tirelessly reset like IDs in gen3, or edited... It is stored in the save file and retrieved when connected to the distribution Bonus Disc.

It's been confirmed that it has no seed restrictions, so all 65536 possible (shiny) spreads are obtainable.
 

ΩDonut

don't glaze me bro
is a Programmer Alumnusis a Forum Moderator Alumnusis a Top Researcher Alumnusis a Top Contributor Alumnus
Continuing the time warp back to Gen 3: Colosseum\XD RNG initial seeding

Code:
800e0c78: stwu	sp, -0x0010 (sp)
800e0c7c: mflr	r0
800e0c80: stw	r0, 0x0014 (sp)
800e0c84: bl	->0x800A2778		; branch to time retrieval

800a2778: mftbu	r3
800a277c: mftbl	r4			; seed = current value of the lower time-base register            
800a2780: mftbu	r5
800a2784: cmpw	r3, r5
800a2788: bne+	->0x800A2778
800a278c: blr	

800e0c88: lwz	r3, -0x7B8C (r13)
800e0c8c: stw	r4, 0 (r3)			; seed is set, stored in 0x80478C90
800e0c90: lwz	r0, 0x0014 (sp)
800e0c94: mtlr	r0
800e0c98: addi	sp, sp, 16
800e0c9c: blr


The seed is retrieved directly from the time-base about a few seconds into the Nintendo logo that first pops up. According to the PowerPC documentation (it's the Gamecube\Wii architecture), the time-base is measured in nanoseconds. This pretty much throws any hope of RNGing Colosseum\XD on a real Gamecube\Wii out the window. You'll only be able to do it (eventually) on an emulator, where you can pause the game and look at the current seed.

Or maybe with the help of an Action Replay.
 
I couldn't think of a better place to ask, as you guys seem to be geniuses so I hope you guys can help me and a lot of other people out ^^

As you might know, there are rumours going around about higher shiny rates in B/W. Now this always happens when a new game is released, I'm very aware of that as a hunter myself.

However, using the PIDRNG program, I tried checking some things myself.
What I did was using 100 different seeds and check the first 8192 frames of those seeds.

Doing this with 4th gen. seeds would result in a lot of 10k+ frames.
My results were really surprising, though.

Out of 100 seeds, 75 had at least 1 and a maximum of 4 shiny frames within the first 8192 frames. The ones with multiple frames weren't "clones" like you sometimes see in 4th gen.

From the 25 seeds that didn't have a frame within the first 8192 frames, 9 of them had one before 10k.

The average of my test was about one shiny frame for every 5500 frames.
Now I've been checking YouTube and some forums to see how fast people ended their hunts in B/W.

So far, from nearly 40 shinies, I rarely saw a hunt over 10k (I think there was only 1). On one specific forum, 15 B/W shinies were caught, the longest hunt being 9532 encounters. From the other 14 shinies, the longest hunt was only 3666.

So, my question to you guys is, is there any way for you to check if there really are more shiny frames in these games? I checked 100 seeds, which is quite a bit, but far from enough to draw a conclusion.

I myself managed to catch some fast shinies aswell, Tympole took me no longer than 15 minutes, Solosis appeared in less than 200 encounters and my Swadloon and Patrat both took no more than 4000.

I hope any of you wants to check this if possible, I and tons of other hunters would really appreciate it~

Thanks for your time =3

EDIT: I will delete this message if needed, because even though I couldn't think of a better place, I do know this really isn't the place to ask either. I just thought I'd ask here because you guys seem to be good at checking game data/coding.
 

ΩDonut

don't glaze me bro
is a Programmer Alumnusis a Forum Moderator Alumnusis a Top Researcher Alumnusis a Top Contributor Alumnus
There is, without a doubt, no difference in wild shiny rate. No PIDs are being modified to create an artificially higher shiny rate.

The only difference in shiny rate is in breeding with international parents (aka the "Masuda method"), which is now 6\8192 instead of 4\8192.
 

Bond697

Dies, died, will die.
PID generation is something we've basically had down for awhile. I was fooling around with some other stuff, so I took a quick look to see if anything interesting was going on, just to see. Nothing super-interesting happens, though I guess 1 or 2 small pieces of what we're using can be fixed. That and I think we should be documenting exactly what the game is doing, not giving approximations.

Code:
----------------------------------------------------------------------------------------------------

standard 0x8 decision pid generation(btw, r6 is sidtid for basically this entire thing)

020056FC F096ECB6 blx  #0209C06C      //switch to ARM, to 0209C06C

(rng.64bit.multiply())

02005700 6922          ldr  r2,[r4,#0x10]      //r2=(value @ 2216244), load value at 2216254 into r2(00269EC3)
02005702    6963          ldr  r3,[r4,#0x14]      //r3=(value @ 2216248),    load 02216258 into r3(aka, zero-out r3)--this word is always zero on purpose, most likely
02005704    1810          add  r0,r2,r0             //add together r0 and r2(r2 is   b  in ax+b - 00269ec3)-add b to lower half of rng  to finish  advancement
02005706 414B         adc  r3,r1                //add r3(zero) and r1(fa37b690)-this should be our new upper seed-output to r3
02005708    6020         str  r0,[r4]                //store the value at  r4(lower half rng) to memory
0200570A    6063         str  r3,[r4,#0x4]       //store the value at r4+4(upper half rng) to memory
0200570C 2D00        cmp  r5, #0x0          //compare the value at r5(0x0) with 0 for( i = 0;i< 0; i++)
0200570E D101        bne #0x2005714      // false, no branch - this step seems to separate out pid gen from everything else.  r5==0 only on pid gen, it seems
02005714 6860         ldr r0,[r4,#0x4]         //load the value of the upper half of the rng state into r0
02005716 2100         mov r1, #0x0           //set r1 to 00000000
02005718 2300         mov r3, #0x0           //set r3 to 00000000
0200571A   1C2A        mov r2, r5                //move contents r5(0x0) to   r2
0200571C F096ECA6 blx  #0209C06C      //no branch

02005720 1C08     mov     r0,r1 //save that u32
02005722 BD38     pop     {r3-r5,r15} //jump to 20186F8

020186F8 1C04     mov     r4,r0 //save the seed to compare
020186FA E024     b       #0x2018746

02018746 9807     ldr     r0,[sp,#0x1C]  // value @ 2FE3604(0x2)
02018748 2800     cmp     r0,#0x0
0201874A D019     beq     #0x2018780
0201874C 2801     cmp     r0,#0x1
0201874E D002     beq     #0x2018756
02018750 2802     cmp     r0,#0x2
02018752 D01E     beq     #0x2018792   ;true

02018792 2001     mov     r0,#0x1
02018794 9906     ldr     r1,[sp,#0x18]
02018796 0400     lsl     r0,r0,#0x10 //prepping for base 0x00010000 xor
02018798 1C22     mov     r2,r4
0201879A 4002     and     r2,r0 //not understanding why it ANDs u32 by 10000, but r2 now == 0
0201879C 0409     lsl     r1,r1,#0x10
0201879E 428A     cmp     r2,r1 // same as with the legendaries, 10000 vs. 20000, not equal
020187A0 D000     beq     #0x20187A4 // false, no advancement
020187A2 4044     eor     r4,r0 // base xor by 00010000
020187A4 1C20     mov     r0,r4 // store this half-ready pid to r0 and save it...
020187A6 BDF8     pop     {r3-r7,r15}

021A9DB2 79A1     ldrb    r1,[r4,#0x6] //2FE36C4
021A9DB4 2902     cmp     r1,#0x2 // r1 = 0
021A9DB6 D012     beq     #0x21A9DDE // false, no branch
021A9DB8 6A2C     ldr     r4,[r5,#0x20] //load sidtid to r4
021A9DBA 0401     lsl     r1,r0,#0x10 //set the lower half of the temp pid to r1(u16 of r1, need to fix)
021A9DBC 0C0B     lsr     r3,r1,#0x10 // move the lower half temp-pid to the lower half of r3 to prep
021A9DBE 0421     lsl     r1,r4,#0x10 // separate tid and sid; this is tid
021A9DC0 0C22     lsr     r2,r4,#0x10 // sid is ready
021A9DC2 0C09     lsr     r1,r1,#0x10 // tid is ready
021A9DC4 4051     eor     r1,r2 // tid ^ sid
021A9DC6 1C1A     mov     r2,r3 // move lower 16 of pid to r2, get ready for next step
021A9DC8 404A     eor     r2,r1 l16 pid ^ (tid ^ sid)
021A9DCA 2101     mov     r1,#0x1 // r1 = 1
021A9DCC 4211     tst     r1,r2 // (tid ^ sid ^ l16 pid) & 1 (== 0 in my case)
021A9DCE D004     beq     #0x21A9DDA // resilve to 0, skip this
021A9DD0 2102     mov     r1,#0x2 // set up 0x8 xor
021A9DD2 0789     lsl     r1,r1,#0x1E  // r1 = 80000000
021A9DD4 B002     add     sp,#0x8
021A9DD6 4308     orr     r0,r1 // this is an OR, not XOR
021A9DD8 BD70     pop     {r4-r6,r15} //return
021A9DDA 4902     ldr     r1,=#0x7FFFFFFF // set up to finish the pid
021A9DDC 4008     and     r0,r1 // kill bit 31 if it's set
021A9DDE B002     add     sp,#0x8
021A9DE0 BD70     pop     {r4-r6,r15} // return


Anyway, here's what's happening:

-standard RNG multiply to advance
-save the u32 of the result
-02018746 is an interesting spot. it seems to be where the game decides what kind of pokemon pid it's creating. legendaries branch one way, wilds another. i'd wager the third is standing legendaries with no shiny check or possibly gifts, probably the former.
-so how does the game decide whether to OR(not XOR) with 0x80000000?
Code:
 -XOR tid and sid
  -XOR the lower half of the pid with that tid^sid result: (l16pid ^ (tid ^ sid))
  -AND that number with 1(tst r1, r2) and:
    -if it's 0, then AND with 0x7FFFFFFF
    -if it's 1, then OR(again, not XOR) with 0x80000000
After that, it does the normal shiny check and things progress normally again.
 
Encounter Slot Table, translated from Maruamyu.net

Black and White

Someone want to make this pretty?
Here a temporary Design for the Encounter slots
Sorry for using Megaupload
This is just a temporary design, I just made the list a little more condense
I may be finish with this sometime this week

The finish version will be a .doc then .html, but this one is .xls (so you'll need something that can view excel documents


Edit: Done for now
I Just need to upload them

Edit again: Sorry I had some difficulties
Pokemon BW Encounter List

Warning: I been working on this for the past 2 days usually from 7pm-3am, so If there is a huge error tell me


edit: Sorry but I made some adjustment with the slots


I had to swap around Basculin Red and Blue and Sawk and Throh
MU[This is the most recent update to the BW encounter List]
 

Toast++

Nexus is literally the worst.
is a Site Content Manager Alumnusis a Battle Simulator Admin Alumnusis a Programmer Alumnusis a Top Researcher Alumnusis a Top Smogon Media Contributor Alumnusis an Administrator Alumnus
I've been looking into the frame advancements, encounters and shaking spots.
I should note that all of these are related to the PID RNG.

Advancements:

Movement:
  • Moving of any sort in areas with wild Pokemon is +2.
  • After an encounter, you can turn without stepping for a +1 advancement.
  • Turning and moving while running only counts as 1 movement, not 2. Biking, walking and surfing all count as 2.
  • The game advances +1 for every 20 steps in all places.
  • The game also advances +1 every 17 steps in or around grass.
    [*]There is a 3rd method of advancement that I haven't been able to determine.These combined are what create the unpredictability.
  • Turning in grass is the only consistent way to advance the frame besides saving (and chatots). Edit: I've been seeing that this isn't the case lately. Although I did hundreds of trials without any strange advances, other people get strange advances.

Patches:
Although these have appeared to be consistent, the game has been trolling me and things that seemed consistent were only so for a few hours.
  • Grass: +3 (4 in total when adding in normal advancement.)
  • Cave: +1 (2 in total when adding in normal advancement.)
  • Water Spot: +2 (3 in total when adding in normal advancement.)

Calculations:

Wild Encounter - Credit also goes to Bond697 here.
if (([n+2] >> 60) == 0) encounter. (1 in 16 steps)

There is also a flag here that makes sure you've made a complete step before allowing another encounter.

Shaking Patch & Water Spot Appearance
if((([n+1] >> 60) == 0) && ((stepcounter % 20) == 0)) create spot (1 in 320 steps)

It's also a good way to verify non-C-Gear seeds, as mattj pointed out before. Now we can tell when they'll appear.
 

Sephirona

t-t-t-tubearrific. (✿≖ᴗ≖) ・゚✧*:・゚✧
is a Top Artist Alumnus
This is for gen 5 right, ToastPlusOne?
I believe so, shaking spots are a new Gen 5 game element.

Thanks for that, Toast. I know we've talked about this before, but just to verify - does this mean PID advancing with steps isn't as random as is written in some guides at the moment (advancing 1, 4, or 6) and follow the set pattern you've just described?
 

Toast++

Nexus is literally the worst.
is a Site Content Manager Alumnusis a Battle Simulator Admin Alumnusis a Programmer Alumnusis a Top Researcher Alumnusis a Top Smogon Media Contributor Alumnusis an Administrator Alumnus
I believe so, shaking spots are a new Gen 5 game element.

Thanks for that, Toast. I know we've talked about this before, but just to verify - does this mean PID advancing with steps isn't as random as is written in some guides at the moment (advancing 1, 4, or 6) and follow the set pattern you've just described?
I thought so, but apparently this game hates me. The patterns are chaotic enough to be called random. The 1s still make perfect sense, but the rest have unfortunately been appearing for reasons outside of those I outlined above.



To anyone else with questions, PM/VM with them. I don't know that OD and the others want this thread to be cluttered with questions.
 

Toast++

Nexus is literally the worst.
is a Site Content Manager Alumnusis a Battle Simulator Admin Alumnusis a Programmer Alumnusis a Top Researcher Alumnusis a Top Smogon Media Contributor Alumnusis an Administrator Alumnus
I've managed to successfully RNG my ID in White. Unlike what I understand from previous attempts at this, I actually chose what I wanted it to be (00777). Although we don't know the exact frame that it's set on since it's variable, it's consistent per seed. This allows us to generate a range, find an interesting ID and try to get it. After finding out exactly what the ID is, we can find out which frame we hit and advance to the correct one the next time around. IV generation frames seem to fall between 28 and 35. This is limited research, so the range may be larger.

The second and probably more interesting thing I discovered in this process is that this can be used instead of IVs to find your DS parameters. Given a particular ID at a reasonable range of values, there are only a few possible combinations of parameters that can generate that ID seed. A second new game will knock it down to a single combination. This will let us find the parameters from the start instead of waiting for high levels.

It appears that Chiizu may have done something like this in the past. It seems much easier to me, but I'm doing a few more tests.

Again, any questions about this should be directed to me personally. Don't want to spam the research thread.
 

Ditto

/me huggles
is a Tournament Director Alumnusis a Forum Moderator Alumnusis a Community Contributor Alumnusis a Contributor Alumnusis a Battle Simulator Moderator Alumnus
Breeding in White Version

Seed:1F557C09
Full Seed: 1F557C092D6B877B
Breeding IV Frame: 1
Breeding IV Spread: 31 / 31 / 31 / 31 / 31 / 10

Attempt 1
Slot 1 (Supposed A): Female Adamant Scraggy with Everstone 17 / 28 / 29 / 13 / 29 / 4, 6
Slot 2 (Supposed B): Male Jolly Smeagle 31 / 31 / 31 / 31 / 31 / 31
Child: Female Adamant Scraggy 31 / 31 / 31 / 31 / 31 / 4, 6
Supposed Spread: B, 31 / B, 31 / B, 31 / B, 31 / B, 31 / A

Attempt 2
Slot 1: Male Jolly Smeagle 31 / 31 / 31 / 31 / 31 / 31
Slot 2: Female Adamant with Everstone Scraggy 31 / 31 / 31 / 31 / 31 / 4, 6
Child: Female Adamant Scraggy 31 / 31 / 31 / 31 / 31 / 4, 6
Supposed Spread: A, 31 / A, 31 / A, 31 / A, 31 / A, 31 / B using Gender

I am not sure what is happening, but it seems that something is causing A/B to be gender instead of slots with this.
 

Kaphotics

Remodeling Kitchens
is a Top Researcher Alumnusis a Top Contributor Alumnus
White forest abuse related:

Turning in place after a previous encounter will not allow for another encounter, you must move to an adjacent patch of grass to get a new encounter to occur.

Hints that it is related to the step counter in the proc calculation, at the least.

It does not follow a repeating pattern where
Steps %10 = Pokemon Slot, or
Steps %(# of different pkm) = Pokemon Slot or
Steps *10(or #) = Slot.

Sweet Scenting at any place results in the message:
"There appears to be nothing here..."
Obvious that it's not the regular kind of grass, which sweet scenting may call for a slot value.
 

ΩDonut

don't glaze me bro
is a Programmer Alumnusis a Forum Moderator Alumnusis a Top Researcher Alumnusis a Top Contributor Alumnus
Some time ago, we thought we had found the crucial piece of the DSi encryption message for Japanese Black\White, which eventually we could have used to figure out DSi parameter search. But, it didn't work when we tried it with chiizu's seed. However, I left this DSi encryption message in RNG Reporter's source code, and someone on a Japanese message board looking through it found the message, or "nazo" as they call it. Now this nazo has spread like wildfire on the various Japanese message boards. I know they follow this thread, so I want to explain how we found it.

We used a CycloDS iEvolution because it was the only way we could run a game in DSi mode and still use codes to find out the nazo. All other flashcarts run in regular DS mode, and even the Action Replay DSi forces DSi games to run in DS mode, so we couldn't use those to test DSi behavior.

Our AR codes didn't seem to be working. We later realized it was because the memory pointers that the codes relied on had changed in DSi mode. Since the nazo is also based off memory pointers, we realized it probably changed as well.

So I developed some codes that did not rely on memory pointers to find the nazo:

Code:
MTRNG seed = nazo (メルセンヌ・ツイスタ SEED = nazo)
Japanese White
0208209C E5101004
020820A0 E5102034
02005700 69616920
D2000000 00000000
With this code, we were able to find out that for Japanese White and Japanese Black AND French White:

nazo[0] = 0x02737EB0
nazo[1] = 0x02737FAC
nazo[2] = 0x02737FAC
nazo[3] = 0x02737FF8
nazo[4] = 0x02737FF8

However, when we tried a DS parameter search with this nazo, it didn't work for chiizu's seed. It did work when doing a parameter search for the CycloDS iEvolution, which generates seeds a little differently because it acts as if the game is soft-reset.

We also discovered that hos1519 also apparently found the same nazo. We do not know his method, but it would be very helpful if someone could contact him and ask him to explain his method.

If you are reading this and have had success with this nazo and found VCount, Timer0, and GxStat, please contact us.

お願い:
上記の「謎」のご利用でDSiの初期シードが作成でき、SHA-1メッセージのもととなる値(VCount, Timer0, GxStat 等)のご存知の方いらっしゃったら、是非ご連絡くださいますよう、宜しくお願いいたします。
 

chiizu

PPPPPPPPPPPPPPPPP RNG
is a Programmer Alumnusis a Top Researcher Alumnus
If you are reading this and have had success with this nazo and found VCount, Timer0, and GxStat, please contact us.
As requested by OD:
お願い:
上記の「謎」のご利用でDSiの初期シードが作成でき、SHA-1メッセージのもととなる値(VCount, Timer0, GxStat 等)のご存知の方いらっしゃったら、是非ご連絡くださいますよう、宜しくお願いいたします。
 

Kaphotics

Remodeling Kitchens
is a Top Researcher Alumnusis a Top Contributor Alumnus
30 unique White Forest / Black City Inhabitants.

30 is very close to 32, which can be arrived at with a >>27 operation on a MTRNG seed or standard seed.

Currently researching.

Code:
White Forest Inhabitants | Name / {In Grass} [In Water] 
==================================================
00 = Schoolkid Leo / {Pidgey} [Surskit]
01 = Schoolkid Sylvia / {Wurmple} [Surskit]
02 = Roughneck Dave / {Gastly} [Surskit]
03 = Clerk Britney / {Hoppip} [Surskit]
04 = Youngster Robbie / {Elekid} [Surskit]
05 = Lass Miki / {Togepi} [Surskit]
06 = Black Belt Ryder / {Machop} [Lotad]
07 = Battle Girl Karenna / {Slakoth} [Lotad]
08 = Clerk Doug / {Shinx} [Lotad]
09 = Ace Trainer Vincent / {Magby} [Corphish]
0A = Scientist Marie / {Magnemite} [Lotad]
0B = Ace Trainer Lena / {Ralts} [Wooper]
0C = Backpacker Carlos / {Starly} [Corphish]
0D = Backpacker Molly / {Azurill} [Lotad]
0E = Gentleman Frederic / {Budew} [Wooper]
0F = Lady Lynette / {Oddish} [Surskit]
10 = Rich Boy Pierce / {Mareep} [Surskit]
11 = Hiker Gene / {Aron} [Surskit]
12 = Clerk Piper / {Bellsprout} [Surskit]
13 = Nusery Aide Miho / {Seedot} [Surskit]
14 = Schoolkid Shane / {Rhyhorn} [Surskit]
15 = Pokemon Ranger Ralph / {Lotad} [Surskit] 
16 = Pokemon Ranger Eliza / {Trapinch} [Lotad] 
17 = Clerk Collin / {Abra} [Lotad] 
18 = Veteran Ken / {Nidoran-M} [Corphish]
19 = Scientist Jacques / {Nidoran-F} [Lotad]
1A = Veteran Rosa / {Whismur} [Lotad]
1B = Backpacker Herman / {Porygon} [Wooper]
1C = Backpacker Emi / {Happiny} [Corphish]
1D = Socialite Grace / {Bagon} [Wooper]
 

Bond697

Dies, died, will die.
so awhile back i had said that i thought the weirdness with the victini battle was a bug. for those who don't remember, in the japanese version, if you talked to it when the pid would be shiny, the battle would simply not start. you could talk to it over and over again.

toast just looked, and in the U/E version, the PID has 0x10000000 added to it just like all of the other pokes with a shiny check. it looks like the battle not starting actually was some kind of bug after all.
 

chiizu

PPPPPPPPPPPPPPPPP RNG
is a Programmer Alumnusis a Top Researcher Alumnus
Encounter Slots: Land

Code:
EXAMPLE:                     Water Monkey, In the range of 70-79. (Slot 5)
0    01F8E5F5E6DB9DBB        Initial Seed Before Encountering             
1    7BF30CE2D051EC8A        Highest Bit is 0, No Sync                     
2    2010F971B7D4CB35        ???
3    B45C04B3524D27AC        u32*0x64>>32=0x46=   =70  (slot 5)       
4    AA8CA97F6886519F        ???              
5    EFC01D0A6E2BE97E        PID Calculated (we know).
6    F0841C7D81E02B79        u32*0x19>>32=0x17 Careful
The encounter slot calculation in the post above is incorrect. The correct calculation is
Code:
(u32 >> 16) / 0x290
Here is a corner case to demonstrate:
Code:
Seed: BEE3257E2A8565C9
Frame 44 Grass/Cave Encounter
Wrong ESV:    ((B34F765F546EFDAC >> 32) * 0x64) >> 32 = 70 (slot 5)
Correct ESV:  (B34F765F546EFDAC >> 48) / 0x290 = 69 (slot 4)
RNG Reporter has this implemented correctly already (since it's essentially the same as DPPt).
 

Kaphotics

Remodeling Kitchens
is a Top Researcher Alumnusis a Top Contributor Alumnus
re: that calc

oops, and to add more derp slot 4 is 60-69, which was in pinwheel forest as opposed to lostlorn.

That calc should be ignored, when I initially posted it I had it right :P
 

Kaphotics

Remodeling Kitchens
is a Top Researcher Alumnusis a Top Contributor Alumnus
Double Battle
Code:
DB = (FullSeed>> 32) * 100>> 32
If DB <40 (double probability), 
       proc double battle
   else proc single
Fishing
Code:
(FullSeed>> 32) * 2>> 32
0 success, 1 fail

Can be restated as the highest bit (>>63)


src
Code:
Fishing Levels? They aren't the same across slots, 
                  so it has to grab them.
Result (%) * (Max Level - Min Level) + Min Level (round normally)

It makes sense in theory, but does it really act that way?

Awaiting further breaks to update.
 

Kaphotics

Remodeling Kitchens
is a Top Researcher Alumnusis a Top Contributor Alumnus
Finding the %6 of the PID based on Characteristic
To help find initial frame, and possibly pick characteristics!

Essentially this analysis will give you the numbers of PID%6 that your frame you hit has.

Code:
Find what the highest IVs are, if there are more than one (Flawless).
Look up characteristic to see what IV is the dominant 
                               for the PID%6 value(s).

Eliminate IVs that are not the highest duplicates.
The higher the duplicate highest IVs, the more beneficial it is.

0 - HP, Attack, Defense, Speed, Special Attack, Special Defense
1 - Attack, Defense, Speed, Special Attack, Special Defense, HP
2 - Defense, Speed, Special Attack, Special Defense, HP, Attack
3 - Speed, Special Attack, Special Defense, HP, Attack, Defense
4 - Special Attack, Special Defense, HP, Attack, Defense, Speed
5 - Special Defense, HP, Attack, Defense, Speed, Special Attack
Code:
Characteristic			IV	Last digit of IV
Loves to eat.			HP	0 or 5
Often dozes off.		HP	1 or 6
Often scatters things.		HP	2 or 7
Scatters things often.		HP	3 or 8
Likes to relax.			HP	4 or 9
Proud of its power.		Atk	0 or 5
Likes to thrash about.		Atk	1 or 6
A little quick tempered.	Atk	2 or 7
Likes to fight.			Atk	3 or 8
Quick tempered.			Atk	4 or 9
Sturdy body.			Def	0 or 5
Capable of taking hits.		Def	1 or 6
Highly persistent.		Def	2 or 7
Good endurance.			Def	3 or 8
Good perseverance.		Def	4 or 9
Code:
Highly curious.			SpA	0 or 5
Mischievous.			SpA	1 or 6
Thoroughly cunning.		SpA	2 or 7
Often lost in thought.		SpA	3 or 8
Very finicky.			SpA	4 or 9
Strong willed.			SpD	0 or 5
Somewhat vain.			SpD	1 or 6
Strongly defiant.		SpD	2 or 7
Hates to lose.			SpD	3 or 8
Somewhat stubborn.		SpD	4 or 9
Likes to run.			Spe	0 or 5
Alert to sounds.		Spe	1 or 6
Impetuous and silly.		Spe	2 or 7
Somewhat of a clown.		Spe	3 or 8
Quick to flee.			Spe	4 or 9
Note:
You need to know what your Lowest digit of your SID is to use this on capturable Pokemon.
If you find your initial frame, you can generate both even and odd last digit SID results, and find out which one causes it to line up with your Nature - Characteristic save progression.

Example
First, we find out what our starting frame is, and guess any SID if we do not know.
We get a Bashful.
The first bashful within initial frame range is at 49, so that's our initial frame.
^^ Just in case there are multiple ones. Else, just do a progression to narrow it down.

(31/31/31/x/31/31 is our spread from the seed)

The characteristic was Somewhat Vain, indicating a 4 or 5. That agrees with 49.
If this was incorrect, the SID would be the opposite of what it was before (odd/even).
Essentially just add 1 to the SID you guessed. Confirm with new guessed SID.
Bam, Odd/Even SID deduced.

We save once, and encounter with our sync lead. It's synchronized as we expect.
The characteristic of it is (HP's 1).

Thus, we deduce that our PID%6 must be = 0.
Guess what, that's frame 50 from the result.

Now to find a PID%6 = 5, or 4 (since 4 would skip our unflawless SpA IV -> SpD)
This will get us a Somewhat vain Terrakion with our IV spread.
Windows calculator (soon to be done by Reporter)
Checking each PID in the list by PID mod 6, FROM THE SYNC FRAMES.
Frame 54's PID%6 = 5, woo!

54-49 = 5 PIDRNG advances.
Hit seed, do advances, we get our Somewhat Vain (31/31/31/x/31/31) Terrakion.

 

ΩDonut

don't glaze me bro
is a Programmer Alumnusis a Forum Moderator Alumnusis a Top Researcher Alumnusis a Top Contributor Alumnus
Little Entralink tidbit:

The act of talking to a Pokemon in the forest advances the IVRNG 26 frames. The IV generation is included in this, so a Pokemon effectively starts on frame 23 (which is RNG Reporter's frame 21). If you say no to encountering the Pokemon, the IVRNG advances will happen anyway. You can quickly and easily advance the IVRNG by talking to a Pokemon and refusing to encounter it.

For example --

First thing I do when enter the forest is talk to a Pokemon. If I catch it, it will have the IVs corresponding to RNG Reporter's frame 21.
If I say no, then talk to it again to capture it, it will have IVs corresponding to RNG Reporter's frame 47 (21 + 26).

-------

Unrelated, but I thought I'd point out how even more screwed you are if you try to RNG for a flawless roamer by respawning it at the Elite Four. The IVRNG does not advance at a consistent 120 frames\second in battle. It advances at a rate determined by the animations of the Pokemon, which can be slow or fast depending on their remaining health, or even the duration of the attack you use.
 

Bond697

Dies, died, will die.
Item or Pokemon Dust Cloud Decisions

Code:
02005738  F096EC98  blx        #0x209c06c

64-bit multiply();
//multiplies out rng this time...

0200573C 6922          ldr  r2,[r4,#0x10]      //r2=1103b016(value @ 2216244), load value at 2216254 into r2(00269EC3)
0200573E  6963          ldr  r3,[r4,#0x14]      //r3=ca0e2106(value @ 2216248),  load 02216258 into r3(aka, zero-out r3)--this word is always zero on  purpose, most likely
02005740  1810          add  r0,r2,r0             //add together r0 and r2(r2 is b  in ax+b - 00269ec3)-add b to lower half of rng  to finish advancement
02005742 414B         adc  r3,r1                //add r3(zero) and r1(fa37b690)-this should be our new upper seed-output to r3
02005744  6020         str  r0,[r4]                //storing value of lower half rng to offset?)
02005746  6063         str  r3,[r4,#0x4]       //storing value of upper half rng to offset?)
02005748  1C18        mov  r0, r3 //move value of upper rng half to r0
0200574A 2100         mov r1, #0x0           //set r1 to 00000000
0200574C 2300         mov r3, #0x0           //set r3 to 00000000
0200574E  1C2A        mov r2, r5                //move contents r5(0x64, 100) to  r2(calc check of some kind)
02005750 F096ECA6 blx  #0209C06C      //switch to ARM, go forth and prosper to 0209C06C

64-bit multiply, r0 is upper rng();  
//multiply upper rng by 0x3E8(1000) and return lower 32 bits in r5 and the rest in r4, r4 used for item/encounter calc

02005756 1C08         mov  r0, r1   //result of calc
02005758 BD38         pop  (r3-r5,r15) //restore stack, jump back to restored r15

021AA9D0  0400        lsl        r0, r0, #0x10 // r0 result of x3E8 calc, left-shift 16
021AA9D2  0C01        lsr        r1, r0, #0x10 // right shift back 16, set to r1
021AA9D4  7B20        ldrb     r0, [r4, #0xC]  // r0 == value at 2257044
021AA9D6  2807        cmp    r0, #0x7 //
021AA9D8  D10B       bne    #0x21aa9f2 //true, branching down..

021AA9F2  2804        cmp    r0, #0x4
021AA9F4  D107        bne    #0x21aaa06// false, no branch
[b]021AA9F6  2019        mov    r0, #0x19 // r0 = 19
021AA9F8  0100        lsl       r0, r0, #0x4// r0 = 190[/b]
021AA9FA  4281       cmp     r1, r0
021AA9FC  D200      bcs      #0x21AAA00 // if (r1 >= 400), goto 0x21AAA00 - item decision
021AA9FE  E002      b        #0x21AAA06 //to A06 =- battle setup
(Sorry if this is hard to read!)

Basically, the game multiplies the upper half of the rng by 1000dec then right-shifts 32 bits. If the value is less than 400dec, a battle starts. If it's above, a gem is found. I tried this 20 times and successfully predicted encounter/gem each time.

e: i also tried manually editing r1 to 0x189, 190, and 191. 189 is a battle, and 190/191 are gems.

e2: and thank you chiizu for showing me a different way of thinking about some of the assembly.

e: just as sort of an update:

Code:
dust cloud item number decision

dust cloud item number decision

021AA9F6    2019        mov        r0, #0x19 //getting ready to check item/encounter
021AA9F8    0100        lsl          r0, r0, #0x4 //set r0 to 0x190 for the comparison
021AA9FA     4281        cmp        r1, r0 //compare our number based on the rng  with the set value to determine the final outcome of the dustcloud
021AA9FC   D200        bcs        #0x21AAA00 //r1 > r0, true, move on down

rng advances here, another x1000 calc 

021AB044 0400     lsl     r0,r0,#0x10 //"cleaning up" x1000 calc, i guess
021AB046 0C00     lsr     r0,r0,#0x10
021AB048 2864     cmp     r0,#0x64 //compar the x1000 calc with 0x64, 
021AB04A D20A     bcs     #0x21AB062 //branch if >= 0x64
021AB04C 1C20     mov     r0,r4 //if it's less than 0x64, this is what happens- it keeps 3E8(1000)
021AB04E F65AFB6B bl      #0x2005728  //straight back for the next item calc if less than 0x64

021AB062 3C32     sub     r4,#0x32 //set r4 = 950
021AB064 42A0     cmp     r0,r4 // compare 950 and 1000(always)
021AB066 D20D     bcs     #0x21AB084 //always false, keep going
021AB068 4808     ldr     r0,=#0x6A4 // this will be used for the calc instead of 3E8
021AB06A F65AFB5D bl      #0x2005728 //back for the next rng advance and calc

02005728 -- setting up to advance rng again, advance
0200574E -- heading to 64-bit mult again,(#0209C06C) but with 6A4 to multiply OR 3E8(1700 or 1000) depending on whether r0 was greater or less than 0x64
209C06C - mult out with 1000 or 1700, same setup as before, jump to r15 again    - ok, starting here. the game multiplies out u32 *1700(or u32 *1000),  the lower 32 bits are written to one register and thrown away, the rest  is written to another register(what we would call >>32 is this,  basically)

021AB06E    2164        mov        r1, r0 - the game takes that 3-digit result and moves it to r0 to use for later
021AB070    F6F1E92A    blx        #0x209C2C8

0209C2C8 E3510000 cmp     r1,#0x0 -- this is where the bullshit begins----------------useless starting here
0209C2CC 012FFF1E bxeq    r14
0209C2D0 E1500001 cmp     r0,r1
0209C2D4 31A01000 movcc   r1,r0
0209C2D8 33A00000 movcc   r0,#0x0
0209C2DC 312FFF1E bxcc    r14
0209C2E0 E3A0201C mov     r2,#0x1C
0209C2E4 E1A03220 mov     r3,r0,lsr #0x4
0209C2E8 E1510623 cmp     r1,r3,lsr #0xC
0209C2EC D2422010 suble   r2,r2,#0x10
0209C2F0 D1A03823 movle   r3,r3,lsr #0x10
0209C2F4 E1510223 cmp     r1,r3,lsr #0x4
0209C2F8 D2422008 suble   r2,r2,#0x8
0209C2FC D1A03423 movle   r3,r3,lsr #0x8
0209C300 E1510003 cmp     r1,r3
0209C304 D2422004 suble   r2,r2,#0x4
0209C308 D1A03223 movle   r3,r3,lsr #0x4-------------------------------------useless part ends here
0209c30c e1a00210 mov     r0,r0,lsl r2 -- left-shift r0 by 28 - take the 3-digit value and left-shift by 28 bits, removing the upper 2 values and leaving a single digit as "X0000000"
0209C310 E2611000 rsb     r1,r1,#0x0-ignore
0209C314 E0900000 adds    r0,r0,r0 -- add r0 to itself(double r0) -- r0 * 2, basically- "(2X)0000000"
0209C318 E0822082 add     r2,r2,r2,lsl #0x1-ignore
0209C31C E08FF102 add     r15,r15,r2,lsl #0x2-ignore
0209C320 E1A00000 nopskips a huge part of the math
---big skipped area
0209C474 E0B13083 adcs    r3,r1,r3,lsl #0x1
0209C478 30433001 subcc   r3,r3,r1
0209C47C E0B00000 adcs    r0,r0,r0 - add with carry (2X)0000000
0209C480 E0B13083 adcs    r3,r1,r3,lsl #0x1
0209C484 30433001 subcc   r3,r3,r1
0209C488 E0B00000 adcs    r0,r0,r0 - (2X)0000000
0209C48C E0B13083 adcs    r3,r1,r3,lsl #0x1
0209C490 30433001 subcc   r3,r3,r1
0209C494 E0B00000 adcs    r0,r0,r0 - (2X)0000000
0209C498 E0B13083 adcs    r3,r1,r3,lsl #0x1
0209C49C 30433001 subcc   r3,r3,r1
0209C4A0 E0B00000 adcs    r0,r0,r0  - (2X)0000000 -- these later add with carrys start to move the value  back to the right.  by the last one, the value is on the right again,  single digit"0000000X"
0209C4A4 E1A01003 mov     r1,r3
0209C4A8 E12FFF1E bx      r14

021AB074 0400     lsl     r0,r0,#0x10 - left-shift that value by 16
021AB076 0C01     lsr     r1,r0,#0x10 - right shift by 16 to clear out u16
021AB078 2089     mov     r0,#0x89- 137 in dec(no idea?)
021AB07A 0080     lsl     r0,r0,#0x2 - this makes 0x89 into 0x224
021AB07C 1808     add     r0,r1,r0 - add 224 + X from before to give us a gem item value
021AB07E 0400     lsl     r0,r0,#0x10 - clear off same as before via left-right shifts
021AB080 0C00     lsr     r0,r0,#0x10
021AB082 BD10     pop     {r4,r15} - function is done, go back!


so, to follow along with the code, here's what happens:

-rng advance
-u32 rng multiplied by 0x3E8(1000) to determine encounter or item
-if item, advance rng then multiply by 1000 again
-if this calc results in a number under 100, the next calc will use 1000(0x3E8), if >= 100, the next calc will use 1700(0x6A4)
-rng advances again
-last item determining calc is done, via either x1000 or x1700
-the resulting number is << 28 to clear out 2 digits and leave the least significant one
-this number is added to itself 4 times via "add with carry"
-after the add with carries, the resulting number(in hex) is added to 0x224 to determine the final item number that will be received by the player.
 

Users Who Are Viewing This Thread (Users: 1, Guests: 1)

Top