Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:119191 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 36936 invoked from network); 20 Dec 2022 09:14:20 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 20 Dec 2022 09:14:20 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 6F609180503 for ; Tue, 20 Dec 2022 01:14:17 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-qk1-f170.google.com (mail-qk1-f170.google.com [209.85.222.170]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Tue, 20 Dec 2022 01:14:16 -0800 (PST) Received: by mail-qk1-f170.google.com with SMTP id z17so4935414qki.11 for ; Tue, 20 Dec 2022 01:14:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=colopl.co.jp; s=google; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=UgIePNzc/FQx+Xi4+4FPEIjvMG5+3nAxTDlFczOlRLE=; b=KzKpQlbuOzY52IVslAyYQ8/fMTVLr6owg1B6jpPO8684ML58EIl0L+6Ji8BMNKj3/J dFIkFjJt23Jmqv1+QnSZlwsm1nj2XAj24CCbHUVe1GdR1+a9CHv7+7dlHw1AkdQaAPnG wX8ock4UhlIqlkw1i81PAoEL4a+tTy31piywShkRDX5rEubK75jBmCPWihw8scffwCnm bFmxIgxfotlRy86rf0sBiouWZIpsNtuQfv0XGHoHNj8HTxQgikfYDL6m5P2o+PpaDCVV Yy2ttHpodr2V9RSBXoZUg9ZnopLIASRRBaFoXVT6Cf4Lj0d2w/HbCF6JJqDQET9BOFW2 mV+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=UgIePNzc/FQx+Xi4+4FPEIjvMG5+3nAxTDlFczOlRLE=; b=oxrfPTAj5JkwBS/0NpDGftrCSZGcJSlcIxylq7TzzZPTtBOffGEIeGOioNGjmZK5xe Aon2Z098lrQDhVZlCFQTAs0AHVEqpg4Ew7k8LHBOIHZ2ofH84OBvEbR17GD0Jz05bLY1 n1Beib8LPD8YYTOTp+qXU3RzJnqJPDulvfNNPmUAtEkMxH1Qc4OlhpeTSvbCinZYoT1p jaKJ7OYobGHRtjZZcQUiXR55IYJCi3+0OdBuCKWtLM9Dy25coe1H/Q2ra0BSnfxgaZdZ Skh8o8HEGL05c+mOIjwakQ6dbi6Qy6RzergnunzArepbQdsQOA6+JswB0uLfT/8Ppuyo eCkA== X-Gm-Message-State: ANoB5pmRe6SY44yItkuznnfWWSRo7EKmiwuw8ddeaV+By2mFansKe5EA zFij9geTBUi0ZPq54qP3yxwSg0hc3OoxB5vr6YaQrNeaizyTN9E= X-Google-Smtp-Source: AA0mqf5gXAFRF3AW+aYfN84Vl2ErGRU6uC4YYzl9umYK+UGv4Y+MtBep7bahLt+3gI95HkpOdPXyad8MZp9/0LcOpmo= X-Received: by 2002:a05:620a:8517:b0:6ff:59a4:c71c with SMTP id pe23-20020a05620a851700b006ff59a4c71cmr1872312qkn.582.1671527654861; Tue, 20 Dec 2022 01:14:14 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: Date: Tue, 20 Dec 2022 18:14:04 +0900 Message-ID: To: internals@lists.php.net Content-Type: multipart/alternative; boundary="00000000000019c58005f03edc5e" Subject: Re: [PHP-DEV] ext-random: add random_float() ? From: g-kudo@colopl.co.jp (Go Kudo) --00000000000019c58005f03edc5e Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable 2022=E5=B9=B412=E6=9C=8820=E6=97=A5(=E7=81=AB) 17:15 Hans Henrik Bergan : > btw while we're on the topic, does anyone know if this function gives > biased results/is-safe or not? i honestly don't know: > function random_float(float $min, float $max): float > { > if ($min > $max) throw new \InvalidArgumentException("min must be > less than max"); > if ($min =3D=3D=3D $max) return $min; > return $min + random_int(0, PHP_INT_MAX) / PHP_INT_MAX * ($max - $min= ); > } > > > On Tue, 20 Dec 2022 at 09:06, Hans Henrik Bergan > wrote: > > > > >returns a value between 0.0 and 1.0. > > > > wouldn't it be better to follow random_int(int $min, int $max) design? = eg > > random_float(float $min, float $max): float > > > > On Tue, 20 Dec 2022 at 07:27, Go Kudo wrote: > > > > > > Hi Internals. > > > > > > Congratulations on the release of PHP 8.2. > > > I just recently upgraded production PHP from 7.4 to 8.1 :) > > > > > > Now that my work is done, I was thinking about a proposal for a > sunsetting > > > of existing functions for PHP 8.3 based on the features introduced in > > > ext-random, and I realized that there is no alternative to > `lcg_value()`. > > > > > > Essentially, this could be completely replaced by > > > Random\Randomizer::getFloat(), but there are easier `random_int()` an= d > > > `random_bytes()` functions for ints and strings. > > > > > > The Randomizer may be overkill and complicated for PHP use cases wher= e > > > random number reproducibility is not required in many cases. > > > > > > So, why not add a `random_float(): float` function? This function, > like the > > > others, uses CSPRNG and returns a value between 0.0 and 1.0. This > behavior > > > is `Closed` `Closed`. > > > > > > Opinions are welcome. > > > > > > Regards, > > > Go Kudo > Hi. The dangers of generating floating-point random numbers from PHP integer values are explained in detail in Tim and Joshua's RFC. https://wiki.php.net/rfc/randomizer_additions I missed it at first too, and was negative about adding `Randomizer::getFloat()` ... In general, I think this problem is less noticeable and the absence of the random_float() function increases the likelihood of incorrect implementations in userland. Regards, Go Kudo --00000000000019c58005f03edc5e--