Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:94064 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 3218 invoked from network); 17 Jun 2016 01:06:02 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 17 Jun 2016 01:06:02 -0000 Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 108.166.43.115 as permitted sender) X-PHP-List-Original-Sender: fsb@thefsb.org X-Host-Fingerprint: 108.166.43.115 smtp115.ord1c.emailsrvr.com Linux 2.6 Received: from [108.166.43.115] ([108.166.43.115:42441] helo=smtp115.ord1c.emailsrvr.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id C5/4B-25388-9FC43675 for ; Thu, 16 Jun 2016 21:06:01 -0400 Received: from smtp7.relay.ord1c.emailsrvr.com (localhost.localdomain [127.0.0.1]) by smtp7.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id 63E39380263; Thu, 16 Jun 2016 21:05:58 -0400 (EDT) X-Auth-ID: fsb@thefsb.org Received: by smtp7.relay.ord1c.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id DA1603801EC; Thu, 16 Jun 2016 21:05:56 -0400 (EDT) X-Sender-Id: fsb@thefsb.org Received: from [10.0.1.2] (c-66-30-62-12.hsd1.ma.comcast.net [66.30.62.12]) (using TLSv1 with cipher DES-CBC3-SHA) by 0.0.0.0:465 (trex/5.5.4); Thu, 16 Jun 2016 21:05:58 -0400 User-Agent: Microsoft-MacOutlook/14.6.4.160422 Date: Thu, 16 Jun 2016 21:05:54 -0400 To: Leigh , Message-ID: Thread-Topic: [RFC] RNG fixes References: <53e44ebc-6ed0-089d-9798-843802b88cd2@thefsb.org> In-Reply-To: Mime-version: 1.0 Content-type: text/plain; charset="UTF-8" Content-transfer-encoding: 7bit Subject: Re: [RFC] RNG fixes From: fsb@thefsb.org (Tom Worster) Hi Leigh, I need to change stance wrt MT. On 6/16/16, 2:31 PM, "Leigh" wrote: >I get your point, but most people probably use mt_rand() because "it's >better than rand". mt_rand is also incredibly slow and has a huge state >when compared to modern algorithms. I should probably note the >performance gains in the RFC. I spent some time trying to understand the weird PHP mt_rand(). I took the binary MT19937_02 generator from TestU01 and made a variant with the PHP bug. I added side-by-side diff off the results from running BigCrush on both here https://gist.github.com/tom--/a12175047578b3ae9ef8 I can't see any significant difference between. More interesting was how this work changed my appreciation of Mersenne Twister. I used to think it was a good RNG. But that dates back a long time to when George Marsaglia had the best tests for RNGs and he was challenging sci.math to factor enormous numbers to use in new generators with ever more extravagant periods. I took it on authority that MT was decent. But after spending time with the code I see you're right! Its state and period are crazy. It's one thing to be slow but on top of that it's chewing up cache lines as though nothing else needs them. My opinion on rand() is that it is historical, like the crummy old RNGs kicking around in various libcs and elsewhere. Don't use them. Now I feel the same about mt_rand() -- like MD4 and DES, it's interesting history. I think every self-respecting programming environment should provide a good deterministic RNG. And now it seems I've persuaded myself that it's time time for PHP to move on from MT. So I need to update my opinion on your RFC. I still think rand() and mt_rand() implementations can stay but I now agree with you that it's time for a new RNG. And I agree that xoroshiro128+ is a good choice. Specifically, rand() docs should say that the underlying RNGs are obsolete, not portable and have questionable quality on some platforms. mt_rand() docs should mention the poor performance and reference #71152. Tom