-
Notifications
You must be signed in to change notification settings - Fork 985
/
qrandom.cpp
1417 lines (1140 loc) · 48.4 KB
/
qrandom.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/****************************************************************************
**
** Copyright (C) 2017 Intel Corporation.
** Contact: https://www.qt.io/licensing/
**
** This file is part of the QtCore module of the Qt Toolkit.
**
** $QT_BEGIN_LICENSE:LGPL$
** Commercial License Usage
** Licensees holding valid commercial Qt licenses may use this file in
** accordance with the commercial license agreement provided with the
** Software or, alternatively, in accordance with the terms contained in
** a written agreement between you and The Qt Company. For licensing terms
** and conditions see https://www.qt.io/terms-conditions. For further
** information use the contact form at https://www.qt.io/contact-us.
**
** GNU Lesser General Public License Usage
** Alternatively, this file may be used under the terms of the GNU Lesser
** General Public License version 3 as published by the Free Software
** Foundation and appearing in the file LICENSE.LGPL3 included in the
** packaging of this file. Please review the following information to
** ensure the GNU Lesser General Public License version 3 requirements
** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
**
** GNU General Public License Usage
** Alternatively, this file may be used under the terms of the GNU
** General Public License version 2.0 or (at your option) the GNU General
** Public license version 3 or any later version approved by the KDE Free
** Qt Foundation. The licenses are as published by the Free Software
** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
** included in the packaging of this file. Please review the following
** information to ensure the GNU General Public License requirements will
** be met: https://www.gnu.org/licenses/gpl-2.0.html and
** https://www.gnu.org/licenses/gpl-3.0.html.
**
** $QT_END_LICENSE$
**
****************************************************************************/
// for rand_s
#define _CRT_RAND_S
#include "qrandom.h"
#include "qrandom_p.h"
#include <qobjectdefs.h>
#include <qmutex.h>
#include <qthreadstorage.h>
#include <errno.h>
#if QT_CONFIG(getentropy)
# include <sys/random.h>
#elif !defined(Q_OS_BSD4) && !defined(Q_OS_WIN)
# include "qdeadlinetimer.h"
# include "qhashfunctions.h"
# if QT_CONFIG(getauxval)
# include <sys/auxv.h>
# endif
#endif // !QT_CONFIG(getentropy)
#ifdef Q_OS_UNIX
# include <fcntl.h>
# include <private/qcore_unix_p.h>
#else
# include <qt_windows.h>
// RtlGenRandom is not exported by its name in advapi32.dll, but as SystemFunction036
// See https://msdn.microsoft.com/en-us/library/windows/desktop/aa387694(v=vs.85).aspx
// Implementation inspired on https://hg.mozilla.org/mozilla-central/file/722fdbff1efc/security/nss/lib/freebl/win_rand.c#l146
// Argument why this is safe to use: https://bugzilla.mozilla.org/show_bug.cgi?id=504270
extern "C" {
DECLSPEC_IMPORT BOOLEAN WINAPI SystemFunction036(PVOID RandomBuffer, ULONG RandomBufferLength);
}
#endif
#if defined(Q_OS_ANDROID) && !defined(Q_OS_ANDROID_EMBEDDED)
# include <private/qjni_p.h>
#endif
// This file is too low-level for regular Q_ASSERT (the logging framework may
// recurse back), so use regular assert()
#undef NDEBUG
#undef Q_ASSERT_X
#undef Q_ASSERT
#define Q_ASSERT(cond) assert(cond)
#define Q_ASSERT_X(cond, x, msg) assert(cond && msg)
#if defined(QT_NO_DEBUG) && !defined(QT_FORCE_ASSERTS)
# define NDEBUG 1
#endif
#include <assert.h>
QT_BEGIN_NAMESPACE
#if defined(Q_PROCESSOR_X86) && QT_COMPILER_SUPPORTS_HERE(RDRND)
static qsizetype qt_random_cpu(void *buffer, qsizetype count) Q_DECL_NOTHROW;
# ifdef Q_PROCESSOR_X86_64
# define _rdrandXX_step _rdrand64_step
# else
# define _rdrandXX_step _rdrand32_step
# endif
static QT_FUNCTION_TARGET(RDRND) qsizetype qt_random_cpu(void *buffer, qsizetype count) Q_DECL_NOTHROW
{
unsigned *ptr = reinterpret_cast<unsigned *>(buffer);
unsigned *end = ptr + count;
while (ptr + sizeof(qregisteruint)/sizeof(*ptr) <= end) {
if (_rdrandXX_step(reinterpret_cast<qregisteruint *>(ptr)) == 0)
goto out;
ptr += sizeof(qregisteruint)/sizeof(*ptr);
}
if (sizeof(*ptr) != sizeof(qregisteruint) && ptr != end) {
if (_rdrand32_step(ptr))
goto out;
++ptr;
}
out:
return ptr - reinterpret_cast<unsigned *>(buffer);
}
#else
static qsizetype qt_random_cpu(void *, qsizetype)
{
return 0;
}
#endif
enum {
// may be "overridden" by a member enum
FillBufferNoexcept = true
};
struct QRandomGenerator::SystemGenerator
{
#if QT_CONFIG(getentropy)
static qsizetype fillBuffer(void *buffer, qsizetype count) Q_DECL_NOTHROW
{
// getentropy can read at most 256 bytes, so break the reading
qsizetype read = 0;
while (count - read > 256) {
// getentropy can't fail under normal circumstances
int ret = getentropy(reinterpret_cast<uchar *>(buffer) + read, 256);
Q_ASSERT(ret == 0);
Q_UNUSED(ret);
read += 256;
}
int ret = getentropy(reinterpret_cast<uchar *>(buffer) + read, count - read);
Q_ASSERT(ret == 0);
Q_UNUSED(ret);
return count;
}
#elif defined(Q_OS_UNIX)
enum { FillBufferNoexcept = false };
QBasicAtomicInt fdp1; // "file descriptor plus 1"
int openDevice()
{
int fd = fdp1.loadAcquire() - 1;
if (fd != -1)
return fd;
fd = qt_safe_open("/dev/urandom", O_RDONLY);
if (fd == -1)
fd = qt_safe_open("/dev/random", O_RDONLY | O_NONBLOCK);
if (fd == -1) {
// failed on both, set to -2 so we won't try again
fd = -2;
}
int opened_fdp1;
if (fdp1.testAndSetOrdered(0, fd + 1, opened_fdp1))
return fd;
// failed, another thread has opened the file descriptor
if (fd >= 0)
qt_safe_close(fd);
return opened_fdp1 - 1;
}
#ifdef Q_CC_GNU
// If it's not GCC or GCC-like, then we'll leak the file descriptor
__attribute__((destructor))
#endif
static void closeDevice()
{
int fd = self().fdp1.load() - 1;
if (fd >= 0)
qt_safe_close(fd);
}
Q_DECL_CONSTEXPR SystemGenerator() : fdp1 Q_BASIC_ATOMIC_INITIALIZER(0) {}
qsizetype fillBuffer(void *buffer, qsizetype count)
{
int fd = openDevice();
if (Q_UNLIKELY(fd < 0))
return 0;
qint64 n = qt_safe_read(fd, buffer, count);
return qMax<qsizetype>(n, 0); // ignore any errors
}
#elif defined(Q_OS_WIN) && !defined(Q_OS_WINRT)
qsizetype fillBuffer(void *buffer, qsizetype count) Q_DECL_NOTHROW
{
auto RtlGenRandom = SystemFunction036;
return RtlGenRandom(buffer, ULONG(count)) ? count: 0;
}
#elif defined(Q_OS_WINRT)
qsizetype fillBuffer(void *, qsizetype) Q_DECL_NOTHROW
{
// always use the fallback
return 0;
}
#endif // Q_OS_WINRT
static SystemGenerator &self();
void generate(quint32 *begin, quint32 *end) Q_DECL_NOEXCEPT_EXPR(FillBufferNoexcept);
// For std::mersenne_twister_engine implementations that use something
// other than quint32 (unsigned int) to fill their buffers.
template <typename T> void generate(T *begin, T *end)
{
Q_STATIC_ASSERT(sizeof(T) >= sizeof(quint32));
if (sizeof(T) == sizeof(quint32)) {
// Microsoft Visual Studio uses unsigned long, but that's still 32-bit
generate(reinterpret_cast<quint32 *>(begin), reinterpret_cast<quint32 *>(end));
} else {
// Slow path. Fix your C++ library.
std::generate(begin, end, [this]() {
quint32 datum;
generate(&datum, &datum + 1);
return datum;
});
}
}
};
#if defined(Q_OS_WIN)
static void fallback_update_seed(unsigned) {}
static void fallback_fill(quint32 *ptr, qsizetype left) Q_DECL_NOTHROW
{
// on Windows, rand_s is a high-quality random number generator
// and it requires no seeding
std::generate(ptr, ptr + left, []() {
unsigned value;
rand_s(&value);
return value;
});
}
#elif QT_CONFIG(getentropy)
static void fallback_update_seed(unsigned) {}
static void fallback_fill(quint32 *, qsizetype) Q_DECL_NOTHROW
{
// no fallback necessary, getentropy cannot fail under normal circumstances
Q_UNREACHABLE();
}
#elif defined(Q_OS_BSD4)
static void fallback_update_seed(unsigned) {}
static void fallback_fill(quint32 *ptr, qsizetype left) Q_DECL_NOTHROW
{
// BSDs have arc4random(4) and these work even in chroot(2)
arc4random_buf(ptr, left * sizeof(*ptr));
}
#else
static QBasicAtomicInteger<unsigned> seed = Q_BASIC_ATOMIC_INITIALIZER(0U);
static void fallback_update_seed(unsigned value)
{
// Update the seed to be used for the fallback mechansim, if we need to.
// We can't use QtPrivate::QHashCombine here because that is not an atomic
// operation. A simple XOR will have to do then.
seed.fetchAndXorRelaxed(value);
}
Q_NEVER_INLINE
#ifdef Q_CC_GNU
__attribute__((cold)) // this function is pretty big, so optimize for size
#endif
static void fallback_fill(quint32 *ptr, qsizetype left) Q_DECL_NOTHROW
{
quint32 scratch[12]; // see element count below
quint32 *end = scratch;
auto foldPointer = [](quintptr v) {
if (sizeof(quintptr) == sizeof(quint32)) {
// For 32-bit systems, we simply return the pointer.
return quint32(v);
} else {
// For 64-bit systems, we try to return the variable part of the
// pointer. On current x86-64 and AArch64, the top 17 bits are
// architecturally required to be the same, but in reality the top
// 24 bits on Linux are likely to be the same for all processes.
return quint32(v >> (32 - 24));
}
};
Q_ASSERT(left);
*end++ = foldPointer(quintptr(&seed)); // 1: variable in this library/executable's .data
*end++ = foldPointer(quintptr(&scratch)); // 2: variable in the stack
*end++ = foldPointer(quintptr(&errno)); // 3: veriable either in libc or thread-specific
*end++ = foldPointer(quintptr(reinterpret_cast<void*>(strerror))); // 4: function in libc (and unlikely to be a macro)
#ifndef QT_BOOTSTRAPPED
quint64 nsecs = QDeadlineTimer::current(Qt::PreciseTimer).deadline();
*end++ = quint32(nsecs); // 5
#endif
if (quint32 v = seed.load())
*end++ = v; // 6
#if QT_CONFIG(getauxval)
// works on Linux -- all modern libc have getauxval
# ifdef AT_RANDOM
// ELF's auxv AT_RANDOM has 16 random bytes
// (other ELF-based systems don't seem to have AT_RANDOM)
ulong auxvSeed = getauxval(AT_RANDOM);
if (auxvSeed) {
memcpy(end, reinterpret_cast<void *>(auxvSeed), 16);
end += 4; // 7 to 10
}
# endif
// Both AT_BASE and AT_SYSINFO_EHDR have some randomness in them due to the
// system's ASLR, even if many bits are the same. They also have randomness
// between them.
# ifdef AT_BASE
// present at least on the BSDs too, indicates the address of the loader
ulong base = getauxval(AT_BASE);
if (base)
*end++ = foldPointer(base); // 11
# endif
# ifdef AT_SYSINFO_EHDR
// seems to be Linux-only, indicates the global page of the sysinfo
ulong sysinfo_ehdr = getauxval(AT_SYSINFO_EHDR);
if (sysinfo_ehdr)
*end++ = foldPointer(sysinfo_ehdr); // 12
# endif
#endif
Q_ASSERT(end <= std::end(scratch));
// this is highly inefficient, we should save the generator across calls...
std::seed_seq sseq(scratch, end);
std::mt19937 generator(sseq);
std::generate(ptr, ptr + left, generator);
fallback_update_seed(*ptr);
}
#endif
Q_NEVER_INLINE void QRandomGenerator::SystemGenerator::generate(quint32 *begin, quint32 *end)
Q_DECL_NOEXCEPT_EXPR(FillBufferNoexcept)
{
quint32 *buffer = begin;
qsizetype count = end - begin;
if (Q_UNLIKELY(uint(qt_randomdevice_control) & SetRandomData)) {
uint value = uint(qt_randomdevice_control) & RandomDataMask;
std::fill_n(buffer, count, value);
return;
}
qsizetype filled = 0;
if (qt_has_hwrng() && (uint(qt_randomdevice_control) & SkipHWRNG) == 0)
filled += qt_random_cpu(buffer, count);
if (filled != count && (uint(qt_randomdevice_control) & SkipSystemRNG) == 0) {
qsizetype bytesFilled =
fillBuffer(buffer + filled, (count - filled) * qsizetype(sizeof(*buffer)));
filled += bytesFilled / qsizetype(sizeof(*buffer));
}
if (filled)
fallback_update_seed(*buffer);
if (Q_UNLIKELY(filled != count)) {
// failed to fill the entire buffer, try the faillback mechanism
fallback_fill(buffer + filled, count - filled);
}
}
struct QRandomGenerator::SystemAndGlobalGenerators
{
// Construction notes:
// 1) The global PRNG state is in a different cacheline compared to the
// mutex that protects it. This avoids any false cacheline sharing of
// the state in case another thread tries to lock the mutex. It's not
// a common scenario, but since sizeof(QRandomGenerator) >= 2560, the
// overhead is actually acceptable.
// 2) We use both Q_DECL_ALIGN and std::aligned_storage<..., 64> because
// some implementations of std::aligned_storage can't align to more
// than a primitive type's alignment.
// 3) We don't store the entire system QRandomGenerator, only the space
// used by the QRandomGenerator::type member. This is fine because we
// (ab)use the common initial sequence exclusion to aliasing rules.
QBasicMutex globalPRNGMutex;
struct ShortenedSystem { uint type; } system_;
SystemGenerator sys;
Q_DECL_ALIGN(64) std::aligned_storage<sizeof(QRandomGenerator64), 64>::type global_;
#ifdef Q_COMPILER_CONSTEXPR
constexpr SystemAndGlobalGenerators()
: globalPRNGMutex{}, system_{0}, sys{}, global_{}
{}
#endif
void confirmLiteral()
{
#if defined(Q_COMPILER_CONSTEXPR) && !defined(Q_CC_MSVC) && !defined(Q_OS_INTEGRITY)
// Currently fails to compile with MSVC 2017, saying QBasicMutex is not
// a literal type. Disassembly with MSVC 2013 and 2015 shows it is
// actually a literal; MSVC 2017 has a bug relating to this, so we're
// withhold judgement for now. Integrity's compiler is unable to
// guarantee g's alignment for some reason.
constexpr SystemAndGlobalGenerators g = {};
Q_UNUSED(g);
Q_STATIC_ASSERT(std::is_literal_type<SystemAndGlobalGenerators>::value);
#endif
}
static SystemAndGlobalGenerators *self()
{
static SystemAndGlobalGenerators g;
Q_STATIC_ASSERT(sizeof(g) > sizeof(QRandomGenerator64));
return &g;
}
static QRandomGenerator64 *system()
{
// Though we never call the constructor, the system QRandomGenerator is
// properly initialized by the zero initialization performed in self().
// Though QRandomGenerator is has non-vacuous initialization, we
// consider it initialized because of the common initial sequence.
return reinterpret_cast<QRandomGenerator64 *>(&self()->system_);
}
static QRandomGenerator64 *globalNoInit()
{
// This function returns the pointer to the global QRandomGenerator,
// but does not initialize it. Only call it directly if you meant to do
// a pointer comparison.
return reinterpret_cast<QRandomGenerator64 *>(&self()->global_);
}
static void securelySeed(QRandomGenerator *rng)
{
// force reconstruction, just to be pedantic
new (rng) QRandomGenerator{System{}};
rng->type = MersenneTwister;
new (&rng->storage.engine()) RandomEngine(self()->sys);
}
struct PRNGLocker {
const bool locked;
PRNGLocker(const QRandomGenerator *that)
: locked(that == globalNoInit())
{
if (locked)
self()->globalPRNGMutex.lock();
}
~PRNGLocker()
{
if (locked)
self()->globalPRNGMutex.unlock();
}
};
};
inline QRandomGenerator::SystemGenerator &QRandomGenerator::SystemGenerator::self()
{
return SystemAndGlobalGenerators::self()->sys;
}
/*!
\class QRandomGenerator
\inmodule QtCore
\reentrant
\since 5.10
\brief The QRandomGenerator class allows one to obtain random values from a
high-quality Random Number Generator.
QRandomGenerator may be used to generate random values from a high-quality
random number generator. Like the C++ random engines, QRandomGenerator can
be seeded with user-provided values through the constructor.
When seeded, the sequence of numbers generated by this
class is deterministic. That is to say, given the same seed data,
QRandomGenerator will generate the same sequence of numbers. But given
different seeds, the results should be considerably different.
QRandomGenerator::securelySeeded() can be used to create a QRandomGenerator
that is securely seeded with QRandomGenerator::system(), meaning that the
sequence of numbers it generates cannot be easily predicted. Additionally,
QRandomGenerator::global() returns a global instance of QRandomGenerator
that Qt will ensure to be securely seeded. This object is thread-safe, may
be shared for most uses, and is always seeded from
QRandomGenerator::system()
QRandomGenerator::system() may be used to access the system's
cryptographically-safe random generator. On Unix systems, it's equivalent
to reading from \c {/dev/urandom} or the \c {getrandom()} or \c
{getentropy()} system calls.
The class can generate 32-bit or 64-bit quantities, or fill an array of
those. The most common way of generating new values is to call the generate(),
generate64() or fillRange() functions. One would use it as:
\code
quint32 value = QRandomGenerator::global()->generate();
\endcode
Additionally, it provides a floating-point function generateDouble() that
returns a number in the range [0, 1) (that is, inclusive of zero and
exclusive of 1). There's also a set of convenience functions that
facilitate obtaining a random number in a bounded, integral range.
\section1 Seeding and determinism
QRandomGenerator may be seeded with specific seed data. When that is done,
the numbers generated by the object will always be the same, as in the
following example:
\code
QRandomGenerator prng1(1234), prng2(1234);
Q_ASSERT(prng1.generate32() == prng2.generate32());
Q_ASSERT(prng1.generate64() == prng2.generate64());
\endcode
The seed data takes the form of one or more 32-bit words. The ideal seed
size is approximately equal to the size of the QRandomGenerator class
itself. Due to mixing of the seed data, QRandomGenerator cannot guarantee
that distinct seeds will produce different sequences.
QRandomGenerator::global(), like all generators created by
QRandomGenerator::securelySeeded(), is always seeded from
QRandomGenerator::system(), so it's not possible to make it produce
identical sequences.
\section1 Bulk data
When operating in deterministic mode, QRandomGenerator may be used for bulk
data generation. In fact, applications that do not need
cryptographically-secure or true random data are advised to use a regular
QRandomGenerator instead of QRandomGenerator::system() for their random
data needs.
For ease of use, QRandomGenerator provides a global object that can
be easily used, as in the following example:
\code
int x = QRandomGenerator::global()->generate32();
int y = QRandomGenerator::global()->generate32();
int w = QRandomGenerator::global()->bounded(16384);
int h = QRandomGenerator::global()->bounded(16384);
\endcode
\section1 System-wide random number generator
QRandomGenerator::system() may be used to access the system-wide random
number generator, which is cryptographically-safe on all systems that Qt
runs on. This function will use hardware facilities to generate random
numbers where available. On such systems, those facilities are true Random
Number Generators. However, if they are true RNGs, those facilities have
finite entropy sources and thus may fail to produce any results if their
entropy pool is exhausted.
If that happens, first the operating system then QRandomGenerator will fall
back to Pseudo Random Number Generators of decreasing qualities (Qt's
fallback generator being the simplest). Whether those generators are still
of cryptographic quality is implementation-defined. Therefore,
QRandomGenerator::system() should not be used for high-frequency random
number generation, lest the entropy pool become empty. As a rule of thumb,
this class should not be called upon to generate more than a kilobyte per
second of random data (note: this may vary from system to system).
If an application needs true RNG data in bulk, it should use the operating
system facilities (such as \c{/dev/random} on Linux) directly and wait for
entropy to become available. If the application requires PRNG engines of
cryptographic quality but not of true randomness,
QRandomGenerator::system() may still be used (see section below).
If neither a true RNG nor a cryptographically secure PRNG are required,
applications should instead use PRNG engines like QRandomGenerator's
deterministic mode and those from the C++ Standard Library.
QRandomGenerator::system() can be used to seed those.
\section2 Fallback quality
QRandomGenerator::system() uses the operating system facilities to obtain
random numbers, which attempt to collect real entropy from the surrounding
environment to produce true random numbers. However, it's possible that the
entropy pool becomes exhausted, in which case the operating system will
fall back to a pseudo-random engine for a time. Under no circumstances will
QRandomGenerator::system() block, waiting for more entropy to be collected.
The following operating systems guarantee that the results from their
random-generation API will be of at least cryptographically-safe quality,
even if the entropy pool is exhausted: Apple OSes (Darwin), BSDs, Linux,
Windows. Barring a system installation problem (such as \c{/dev/urandom}
not being readable by the current process), QRandomGenerator::system() will
therefore have the same guarantees.
On other operating systems, QRandomGenerator will fall back to a PRNG of
good numeric distribution, but it cannot guarantee proper seeding in all
cases. Please consult the OS documentation for more information.
Applications that require QRandomGenerator not to fall back to
non-cryptographic quality generators are advised to check their operating
system documentation or restrict their deployment to one of the above.
\section1 Reentrancy and thread-safety
QRandomGenerator is reentrant, meaning that multiple threads can operate on
this class at the same time, so long as they operate on different objects.
If multiple threads need to share one PRNG sequence, external locking by a
mutex is required.
The exceptions are the objects returned by QRandomGenerator::global() and
QRandomGenerator::system(): those objects are thread-safe and may be used
by any thread without external locking. Note that thread-safety does not
extend to copying those objects: they should always be used by reference.
\section1 Standard C++ Library compatibility
QRandomGenerator is modeled after the requirements for random number
engines in the C++ Standard Library and may be used in almost all contexts
that the Standard Library engines can. Exceptions to the requirements are
the following:
\list
\li QRandomGenerator does not support seeding from another seed
sequence-like class besides std::seed_seq itself;
\li QRandomGenerator is not comparable (but is copyable) or
streamable to \c{std::ostream} or from \c{std::istream}.
\endlist
QRandomGenerator is also compatible with the uniform distribution classes
\c{std::uniform_int_distribution} and \c{std:uniform_real_distribution}, as
well as the free function \c{std::generate_canonical}. For example, the
following code may be used to generate a floating-point number in the range
[1, 2.5):
\code
std::uniform_real_distribution dist(1, 2.5);
return dist(*QRandomGenerator::global());
\endcode
\sa QRandomGenerator64, qrand()
*/
/*!
\enum QRandomGenerator::System
\internal
*/
/*!
\fn QRandomGenerator::QRandomGenerator(quint32 seedValue)
Initializes this QRandomGenerator object with the value \a seedValue as
the seed. Two objects constructed or reseeded with the same seed value will
produce the same number sequence.
\sa seed(), securelySeeded()
*/
/*!
\fn QRandomGenerator::QRandomGenerator(const quint32 (&seedBuffer)[N])
\overload
Initializes this QRandomGenerator object with the values found in the
array \a seedBuffer as the seed. Two objects constructed or reseeded with
the same seed value will produce the same number sequence.
\sa seed(), securelySeeded()
*/
/*!
\fn QRandomGenerator::QRandomGenerator(const quint32 *seedBuffer, qsizetype len)
\overload
Initializes this QRandomGenerator object with \a len values found in
the array \a seedBuffer as the seed. Two objects constructed or reseeded
with the same seed value will produce the same number sequence.
This constructor is equivalent to:
\code
std::seed_seq sseq(seedBuffer, seedBuffer + len);
QRandomGenerator generator(sseq);
\endcode
\sa seed(), securelySeeded()
*/
/*!
\fn QRandomGenerator::QRandomGenerator(const quint32 *begin, const quint32 *end)
\overload
Initializes this QRandomGenerator object with the values found in the range
from \a begin to \a end as the seed. Two objects constructed or reseeded
with the same seed value will produce the same number sequence.
This constructor is equivalent to:
\code
std::seed_seq sseq(begin, end);
QRandomGenerator generator(sseq);
\endcode
\sa seed(), securelySeeded()
*/
/*!
\fn QRandomGenerator::QRandomGenerator(std::seed_seq &sseq)
\overload
Initializes this QRandomGenerator object with the seed sequence \a
sseq as the seed. Two objects constructed or reseeded with the same seed
value will produce the same number sequence.
\sa seed(), securelySeeded()
*/
/*!
\fn QRandomGenerator::QRandomGenerator(const QRandomGenerator &other)
Creates a copy of the generator state in the \a other object. If \a other is
QRandomGenerator::system() or a copy of that, this object will also read
from the operating system random-generating facilities. In that case, the
sequences generated by the two objects will be different.
In all other cases, the new QRandomGenerator object will start at the same
position in the deterministic sequence as the \a other object was. Both
objects will generate the same sequence from this point on.
For that reason, it is not adviseable to create a copy of
QRandomGenerator::global(). If one needs an exclusive deterministic
generator, consider instead using securelySeeded() to obtain a new object
that shares no relationship with the QRandomGenerator::global().
*/
/*!
\fn bool operator==(const QRandomGenerator &rng1, const QRandomGenerator &rng2)
\relates QRandomGenerator
Returns true if the two the two engines \a rng1 and \a rng2 are at the same
state or if they are both reading from the operating system facilities,
false otherwise.
*/
/*!
\fn bool operator!=(const QRandomGenerator &rng1, const QRandomGenerator &rng2)
\relates QRandomGenerator
Returns true if the two the two engines \a rng1 and \a rng2 are at
different states or if one of them is reading from the operating system
facilities and the other is not, false otherwise.
*/
/*!
\typedef QRandomGenerator::result_type
A typedef to the type that operator()() returns. That is, quint32.
\sa {QRandomGenerator::operator()}{operator()()}
*/
/*!
\fn result_type QRandomGenerator::operator()()
Generates a 32-bit random quantity and returns it.
\sa generate(), generate64()
*/
/*!
\fn quint32 QRandomGenerator::generate()
Generates a 32-bit random quantity and returns it.
\sa {QRandomGenerator::operator()}{operator()()}, generate64()
*/
/*!
\fn quint64 QRandomGenerator::generate64()
Generates a 64-bit random quantity and returns it.
\sa {QRandomGenerator::operator()}{operator()()}, generate()
*/
/*!
\fn result_type QRandomGenerator::min()
Returns the minimum value that QRandomGenerator may ever generate. That is, 0.
\sa max(), QRandomGenerator64::min()
*/
/*!
\fn result_type QRandomGenerator::max()
Returns the maximum value that QRandomGenerator may ever generate. That is,
\c {std::numeric_limits<result_type>::max()}.
\sa min(), QRandomGenerator64::max()
*/
/*!
\fn void QRandomGenerator::seed(quint32 seed)
Reseeds this object using the value \a seed as the seed.
*/
/*!
\fn void QRandomGenerator::seed(std::seed_seq &seed)
\overload
Reseeds this object using the seed sequence \a seed as the seed.
*/
/*!
\fn void QRandomGenerator::discard(unsigned long long z)
Discards the next \a z entries from the sequence. This method is equivalent
to calling generate() \a z times and discarding the result, as in:
\code
while (z--)
generator.generate();
\endcode
*/
/*!
\fn void QRandomGenerator::generate(ForwardIterator begin, ForwardIterator end)
Generates 32-bit quantities and stores them in the range between \a begin
and \a end. This function is equivalent to (and is implemented as):
\code
std::generate(begin, end, [this]() { return generate(); });
\endcode
This function complies with the requirements for the function
\l{http://en.cppreference.com/w/cpp/numeric/random/seed_seq/generate}{\c std::seed_seq::generate},
which requires unsigned 32-bit integer values.
Note that if the [begin, end) range refers to an area that can store more
than 32 bits per element, the elements will still be initialized with only
32 bits of data. Any other bits will be zero. To fill the range with 64 bit
quantities, one can write:
\code
std::generate(begin, end, []() { return QRandomGenerator::global()->generate64(); });
\endcode
If the range refers to contiguous memory (such as an array or the data from
a QVector), the fillRange() function may be used too.
\sa fillRange()
*/
/*!
\fn void QRandomGenerator::generate(quint32 *begin, quint32 *end)
\overload
\internal
Same as the other overload, but more efficiently fills \a begin to \a end.
*/
/*!
\fn void QRandomGenerator::fillRange(UInt *buffer, qsizetype count)
Generates \a count 32- or 64-bit quantities (depending on the type \c UInt)
and stores them in the buffer pointed by \a buffer. This is the most
efficient way to obtain more than one quantity at a time, as it reduces the
number of calls into the Random Number Generator source.
For example, to fill a vector of 16 entries with random values, one may
write:
\code
QVector<quint32> vector;
vector.resize(16);
QRandomGenerator::fillRange(vector.data(), vector.size());
\endcode
\sa generate()
*/
/*!
\fn void QRandomGenerator::fillRange(UInt (&buffer)[N})
Generates \c N 32- or 64-bit quantities (depending on the type \c UInt) and
stores them in the \a buffer array. This is the most efficient way to
obtain more than one quantity at a time, as it reduces the number of calls
into the Random Number Generator source.
For example, to fill generate two 32-bit quantities, one may write:
\code
quint32 array[2];
QRandomGenerator::fillRange(array);
\endcode
It would have also been possible to make one call to generate64() and then split
the two halves of the 64-bit value.
\sa generate()
*/
/*!
\fn qreal QRandomGenerator::generateDouble()
Generates one random qreal in the canonical range [0, 1) (that is,
inclusive of zero and exclusive of 1).
This function is equivalent to:
\code
QRandomGenerator64 rd;
return std::generate_canonical<qreal, std::numeric_limits<qreal>::digits>(rd);
\endcode
The same may also be obtained by using
\l{http://en.cppreference.com/w/cpp/numeric/random/uniform_real_distribution}{\c std::uniform_real_distribution}
with parameters 0 and 1.
\sa generate(), generate64(), bounded()
*/
/*!
\fn double QRandomGenerator::bounded(double highest)
Generates one random double in the range between 0 (inclusive) and \a
highest (exclusive). This function is equivalent to and is implemented as:
\code
return generateDouble() * highest;
\endcode
\sa generateDouble(), bounded()
*/
/*!
\fn quint32 QRandomGenerator::bounded(quint32 highest)
\overload
Generates one random 32-bit quantity in the range between 0 (inclusive) and
\a highest (exclusive). The same result may also be obtained by using
\l{http://en.cppreference.com/w/cpp/numeric/random/uniform_int_distribution}{\c std::uniform_int_distribution}
with parameters 0 and \c{highest - 1}. That class can also be used to obtain
quantities larger than 32 bits.
For example, to obtain a value between 0 and 255 (inclusive), one would write:
\code
quint32 v = QRandomGenerator::bounded(256);
\endcode
Naturally, the same could also be obtained by masking the result of generate()
to only the lower 8 bits. Either solution is as efficient.
Note that this function cannot be used to obtain values in the full 32-bit
range of quint32. Instead, use generate().
\sa generate(), generate64(), generateDouble()
*/
/*!
\fn quint32 QRandomGenerator::bounded(int highest)
\overload
Generates one random 32-bit quantity in the range between 0 (inclusive) and
\a highest (exclusive). \a highest must not be negative.
Note that this function cannot be used to obtain values in the full 32-bit
range of int. Instead, use generate() and cast to int.
\sa generate(), generate64(), generateDouble()
*/
/*!
\fn quint32 QRandomGenerator::bounded(quint32 lowest, quint32 highest)
\overload
Generates one random 32-bit quantity in the range between \a lowest (inclusive)
and \a highest (exclusive). The same result may also be obtained by using
\l{http://en.cppreference.com/w/cpp/numeric/random/uniform_int_distribution}{\c std::uniform_int_distribution}
with parameters \a lowest and \c{\a highest - 1}. That class can also be used to
obtain quantities larger than 32 bits.
For example, to obtain a value between 1000 (incl.) and 2000 (excl.), one
would write:
\code