Bug 151641

Summary: Use a better RNG for Math.random()
Product: WebKit Reporter: Jan de Mooij <jdemooij>
Component: JavaScriptCoreAssignee: Geoffrey Garen <ggaren>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, benjamin, cdumez, cmarcelo, commit-queue, ggaren, keith_miller, mark.lam, msaboff, oliver, sbarati, utatane.tea
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch andersca: review+

Description Jan de Mooij 2015-11-28 05:51:36 PST
The GameRand-based RNG Safari/JSC uses is very weak. Furthermore, it only uses 32 bits of precision. I blogged about this here:

http://jandemooij.nl/blog/2015/11/27/math-random-and-32-bit-precision/

V8 moved to a better RNG and we're switching the one in SpiderMonkey as well. JSC should probably do the same.
Comment 1 Oliver Hunt 2015-11-28 09:55:10 PST
If we really do consider more than 32bits necessary id just move up to a 64bit variant of gamerand which should not have a significant perf impact, then value & (2^53-1) / 2^53 (I can recall if the rand includes 1 as a valid result).

Has someone done something to find it's aggressively non-uniform in some space?
Comment 2 Geoffrey Garen 2015-11-30 17:01:13 PST
Created attachment 266302 [details]
Patch
Comment 3 Geoffrey Garen 2015-11-30 17:04:17 PST
I kind of wanted to stick with GameRandom in order to troll the internet commentators who keep confusing / conflating RNG algorithm with number of bits provided by RNG interface.

But there's literally no downside to upgrading to Xorshift+, so I've done it.
Comment 4 Anders Carlsson 2015-11-30 17:10:54 PST
Comment on attachment 266302 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=266302&action=review

> Source/WTF/ChangeLog:10
> +        prevents programs that mulitply a random number by a large constant from

typo, multiply.
Comment 5 Geoffrey Garen 2015-11-30 19:40:09 PST
Committed r192855: <http://trac.webkit.org/changeset/192855>
Comment 6 Jan de Mooij 2015-12-01 00:27:11 PST
(In reply to comment #3)
> I kind of wanted to stick with GameRandom in order to troll the internet
> commentators who keep confusing / conflating RNG algorithm with number of
> bits provided by RNG interface.

It's not just that; GameRand also doesn't do well in statistical tests:

http://jandemooij.nl/blog/2015/11/30/testing-math-random-crushing-the-browser/

No big deal probably, but it shows the algorithm has other issues.

> But there's literally no downside to upgrading to Xorshift+, so I've done it.

\o/