Hi all, On Tue, Feb 23, 2016 at 6:30 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: > > We have issue on pseudo random generators generates only odd/even > numbers. > > https://bugs.php.net/bug.php?id=63174 > https://news.ycombinator.com/item?id=9941364 > > We should raise E_WARNING/E_NOTICE if user supplies random number > range that generated random number cannot be random at least. > Patch for rand/mt_rand. > https://gist.github.com/yohgaki/1519f65dffd66735bafe > > It seems we need more reliable(fool proof) pseudo random generator. > Anyone working on this? > > We may extends rand()/mt_rand() so that they work with larger range by > calling random generators multiple times. If this is implemented, the > patch raises errors is not required. mt_rand() extension breaks compatibility > with other MT rand implementations, but we already broke it. Therefore, it > should not matter. (This was the reason why mt_rand() wasn't made to support > 64bit int, IIRC) > > IMO, we should provide better pseudo random generators than now. > > Any comments?
This is edge case that produces odd/even numbers only. https://3v4l.org/kYpAF This is the worst case. Current implementation uses 32bit int for generating random numbers and any number exceeds the range could be biased because the result is computed by RAND_RANGE() which uses double for arithmetic. PHP allows huge min/max without any warning/error under 64bit OS. Limiting range can prevent this and we can be sure rand()/mt_rand() produce the same random numbers on both 32/64 bit platform. (If rand() uses the same algorithm, of course) https://gist.github.com/yohgaki/1519f65dffd66735bafe Valid range is limited to 2^31 according to current implementation. Actual range could be determined by PHP_RAND_MAX/PHP_MT_RAND_MAX, but I heard Windows' PHP_RAND_MAX is only 2^15. Is this correct? I don't prefer to have strict range error for these systems. I'll write patch that does not raise warning for smaller PHP_RAND_MAX. It's unreliable pseudo random generator anyway. It should not matter much. Any comments for adding out of range warnings to rand()/mt_rand()? If nobody has comment on this, I'll write RFC for additional warnings. Anyone prefer to extend rand()/mt_rand() for 64bit OSes? Regards -- Yasuo Ohgaki yohg...@ohgaki.net -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
