Useful GMP random functions #839
Conversation
Since we don't allow users to seed the RNG, there is no BC issue with changing the generator.
|
Oh, it also switches the default RNG from LCG to MT on platforms that support it. We currently don't allow seeding of the GMP RNG, so it doesn't break BC. |
| @@ -1784,6 +1795,22 @@ ZEND_FUNCTION(gmp_sign) | |||
| } | |||
| /* }}} */ | |||
|
|
|||
| void gmp_init_random() | |||
- Thread safety on rand init function. - Ret false on validation failure - Add _dep of temp_a to temp_b - Special case int sized min values - More tests!
|
@smalyshev Do these APIs look okay to you? Any objections from your side to adding them? |
|
I wonder if it'd be also not good to add ability to initialize with different seed. This can serve two purposes: 1. test mocking and 2. our seed function had some complaints for not providing enough randomness. Custom seed allows people to use something like /dev/urandom or even /dev/random or any other source to their liking. |
|
@smalyshev We can't add the ability to explicitly seed the RNG currently, because we support pre-4.2 libgmp versions, which do not support the MT generator (so you'll get different results depending on which GMP version you use). We could however add the ability to seed in PHP 7 (assuming that we get a stable RNG sequence there - hopefully GMP and MPIR generate the same). |
|
I see @nikic already dropped support for 4.1 in master, I'm happy to add seeding functions (and if you feel appropriate algorithm selection (mt/lcg) functions) for master. I think from 4.2 onwards the random function is also hot-pluggable with a custom generator, so we could also provide our own generators that allow /dev/*random if desired. |
|
@smalyshev @nikic If there are no objections to this patch, it would be nice to get it in before 5.6.2 is tagged (tomorrow I believe is the schedule) |
|
@lt I don't have any objection to it. However, I don't think we can put it in 5.6.2 day before the release - I think that would be 5.6.3 within the regular RC/release process. |
|
@smalyshev can you merge for me? I don't have karma. |
|
@lt ok, I'll do it next couple of days. |
|
I've written a rand seeding function for master, any preference between Edit: Nikita is +1 on gmp_random_seed |
The existing
gmp_random()function doesn't allow the range of numbers to be fine-tuned, as the range is determined by a multiple of LIMB_BITS, which varies by platform.This patch introduces:
gmp_random_bits(int bits)- generates a number between 0 and (2 ** bits) - 1gmp_random_range(mixed min, mixed max)- generates a number between min and maxOutstanding issues with this patch:
I'm not sure how to create deterministic tests for random functions. I have created tests for error conditions, but not sure what more I can do. Suggestions welcome.
Attempting to generate a sufficiently large number with
gmp_random_bits()has two error scenarios. A moderately large number of bits can cause a PHP FATAL because the memory limit is breached, I think this is fine. An insanely large number of bits can cause GMP itself to abort, and I'm not sure how to catch this, although I think it's also fine if it's documented (the same as you can cause PCRE to abort by recursing it out of stack space - it's not PHPs fault)