| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
silence msvc warning C4244 (possible loss of data)
Change-Id: I1f0be8abc5337e05d3fe6d25b9afd9991f498e01
Pick-to: 6.1 6.2
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's how much there is in Linux's AT_RANDOM block.
I've also removed the check for validity. It's highly unlikely that 128
bits are bad.
Change-Id: Id2983978ad544ff79911fffd16723161ea7ec315
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of initializing the whole QRandomGenerator::system(), which in
turn gets to checking CPUID and whether the HWRNG works, trust the
operating system functions for an initial value. On Linux, we'll use 4
or 8 of the 16 bytes of random data that the kernel populates for us on
AT_RANDOM.
This should make Qt applications not stall on an early system launch
without an RNG daemon, if compiled without getentropy() support. And
avoids silly mistakes causing recursion, like QTBUG-78007 found.
Additionally, qt_random_initial_value() will most likely not throw
either. It's marked noexcept, even though SystemGenerator::fillBuffer
could throw on Linux, if the current thread is canceled, but Linux also
has AT_RANDOM. That leaves the other Unix systems without getentropy()
(read: macOS, since the BSDs have getentropy()).
Fixes: QTBUG-69555
Change-Id: Id2983978ad544ff79911fffd1671fca1a9f9044d
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unlike the 32-bit version, we can't go to a bigger integer type to do
the multiplication with. So instead accept looping. Both libstdc++ and
libc++ implement std::uniform_int_distribution this way anyway, but in a
far more complex way.
There is no looping if the "highest" is a power of two. The worst-case
scenario is when "highest" is one past a power of two (like 65). In that
case, we'll loop until the number is in range. Since all bits have equal
probability of being zero or one, there's a 50-50 chance that the most
significant useful bit will be set[*], in which case we'll need to loop
and we again get the same probability. So on average, we only need two
iterations to get an acceptable result.
[*] There's also a possibility that the other bits are such that the
number is still in range. For 65, we'd need the other 5 bits to be zero
(64 is a valid result), but the probability of that is only 1/2^5 =
3.125%. The bigger "highest" is, the closer we get to zero, so
approximate by saying that never happens and instead calculate that the
most significant useful bit is the controlling one.
[ChangeLog][QtCore][QRandomGenerator] Added 64-bit versions of the
bounded() functions. They are useful in conjunction with Qt 6's 64-bit
container sizes, so code that used to call bounded(list.size()) in Qt 5
will continue to compile and work in Qt 6.
Fixes: QTBUG-86318
Change-Id: I3eb349b832c14610895efffd16356927fe78fd02
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The most common uses of QRandomGenerator are getting 32- and 64-bit
quantities, either through the generate() and generate64() functions or
by ones that call those, like bounded() or generateDouble(). So optimize
for those with the same entry point by returning one 64-bit value from
the _fillRange() function. Further optimize by not requiring a buffer
for those two cases, which required us to replace the (begin, end)
parameters with (begin, count).
Change-Id: I3eb349b832c14610895efffd16356859eecd5397
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
| |
Both normal and relaxed constexpr are required by our new minimum of
C++17.
Change-Id: Ic028b88a2e7a6cb7d5925f3133b9d54859a81744
Reviewed-by: Sona Kurazyan <sona.kurazyan@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is no reason for keep using our macro now that we have C++17.
The macro itself is left in for the moment being, as well as its
detection logic, because it's needed for C code (not everything
supports C11 yet). A few more cleanups will arrive in the next few
patches.
Note that this is a mere search/replace; some places were using
double braces to work around the presence of commas in a macro, no
attempt has been done to fix those.
tst_qglobal had just some minor changes to keep testing the macro.
Change-Id: I1c1c397d9f3e63db3338842bf350c9069ea57639
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The macro is not documented, so not part of the public Qt API. It is
made obsolete by the alignof keyword in C++11.
Remove the usage of the macro across qtbase, in particular the
workarounds for compilers that didn't support alignof, and that will
not be supported in Qt 6.
The macro definition is left in place, no need to break existing
code.
Task-number: QTBUG-76414
Change-Id: I1cfedcd4dd748128696cdfb546d97aae4f98c3da
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
|\
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
qmake/generators/makefile.cpp
Change-Id: Ifb2633a69d0bf8cdf12d799c6259beefc279c49e
|
| |
| |
| |
| |
| |
| |
| |
| | |
Otherwise, the math will fail badly. Documentation improved to reflect
reality.
Change-Id: I9e3d261ad9bf41cfb2b6fffd159085cd38e3c388
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|/
|
|
|
|
|
| |
In preparation of Qt6 move away from pre-C++11 macros.
Change-Id: I44126693c20c18eca5620caab4f7e746218e0ce3
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Putting parentheses around the call to (std::numeric_limits<T>::min)()
works, but the trick cannot apply to the min() function declaration on
the same line. So we really need to #undef.
I hope no one after the 1990s still needs these macros.
Task-number: QTBUG-65414
Change-Id: I39332e0a867442d58082fffd15024f8edb293311
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During the container BoF session at the Qt Contributor Summit 2017 the
name of the signed size type became a subject of discussion in the
context of readability of code using this type and the intention of
using it for all length, size and count properties throughout the entire
framework in future versions of Qt.
This change proposes qsizetype as new name for qssize_t to emphasize the
readability of code over POSIX compatibility, the former being
potentially more relevant than the latter to the majority of users of
Qt.
Change-Id: Idb99cb4a8782703c054fa463a9e5af23a918e7f3
Reviewed-by: Samuel Gaist <samuel.gaist@edeltech.ch>
Reviewed-by: David Faure <david.faure@kdab.com>
|
|
|
|
|
|
|
|
|
|
|
| |
std::mt19937 is defined as operating on uint_fast32_t, which is usually
just a 32-bit integer. That's not the case on 64-bit Linux, where it is
actually 64-bit wide, meaning sizeof(std::mt19937) jumps from 2504 to
5000 bytes, with exactly 50% of it filled with zeroes. The seed()
function also needs a large zero-extending loop.
Change-Id: Icaa86fc7b54d4b368c0efffd14efa911e2a40b44
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
We store both in a single memory structure, instead of two local
statics. By construction, we also ensure that the global PRNG mutex is
in a different cacheline from the global PRNG state itself.
Finally, we don't store the full system QRandomGenerator, since we only
need the type member from it.
Change-Id: Icaa86fc7b54d4b368c0efffd14eecc48ff05ec27
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
This brings us to almost parity with the C++11 Random Engine API
requirements (see chapter 26.5.1.4 [rand.req.eng]). We don't implement
the templated Sseq requirements because it would require moving the
implementation details to the public API. And we don't implement the
<iostreams> code because we don't want to.
Change-Id: Icaa86fc7b54d4b368c0efffd14f05ff813ebd759
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we don't document how many bytes one needs (it's 2496), it's
difficult for the caller to provide just enough data in the seed
sequence. Moreover, since std::mt19937 doesn't make it easy to provide
the ideal size either, we can't actually write code that operates
optimally given a quint32 range either -- we only provide it via
std::seed_seq, which is inefficient.
However, we can do it internally by passing QRandomGenerator to the
std::mersenne_twister_engine constructor, as it's designed to work.
Change-Id: Icaa86fc7b54d4b368c0efffd14f0613c10998321
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
| |
Now only QRandomGenerator::system() will access the system-wide RNG,
which we document to be cryptographically-safe and possibly backed by a
true HWRNG. Everything else just wraps a Mersenne Twister.
Change-Id: I0a103569c81b4711a649fffd14ec8cd3469425df
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now,this does really nothing. This commit is just to allow us to
transition the other modules (besides qtbase) to use the syntax that
will become the API.
I've marked three places to use the system CSPRNG:
1) the QHash seed
2) QUuid
3) QAuthenticator
I didn't think the HTTP multipart boundary needed to be
cryptographically safe, so I changed that one to the global generator.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14ecf1938bd8ff61
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous version was good, just not optimal. Because the input was
an unsigned 64-bit number, compilers needed to generate extra code to
deal with HW instructions that only convert 64-bit signed input. And
that was useless because a double uniformly distributed from 0 to 1 can
only have 53 bits of randomness.
The previous implementation did exactly what the Microsoft libstdc++ and
libc++ implementations do. In my opinion, those implementations have an
imperfect distribution, which is corrected in this commit. In those, all
random input bigger than 0x20000000000000 has a different frequency
compared to input below that mark. For example, both 0x20000000000000
and 0x20000000000001 produce the same result (4.8828125e-4).
What's more, for the libc++ and MSVC implementations, input between
0xfffffffffffff001 and 0xffffffffffffffff results in 1.0 (probability 1
in 2⁵³), even though the Standard is very clear that the result should
be strictly less than 1. GCC 7's libstdc++ doesn't have this issue,
whereas the versions before would enter an infinite loop.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14eced3c375dd2ec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
"generate" is better than "get", and we already have "generate(it, it)"
which uses std::generate(). This changes:
- get32() → generate()
- get64() → generate64() and QRandomGenerator64::generate()
- getReal() → generateDouble()
Change-Id: I6e1fe42ae4b742a7b811fffd14e5d7bd69abcdb3
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
This class provides a reasonably-secure random number generator that
does not need seeding. That is quite unlike qrand(), which requires a
seed and is low-quality (definitely not secure).
This class is also like std::random_device, but better. It provides an
operator() like std::random_device, but unlike that, it also provides a
way to fill a buffer with random data, not just one 32-bit quantity.
It's also stateless.
Finally, it also implements std::seed_seq-like generate(). It obeys the
standard requirement of the range (32-bit) but not that of the algorithm
(if you wanted that, you'd use std::seed_seq itself). Instead,
generate() fills with pure random data.
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b4e3ba9ea04da8
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|