|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #27052 rand() returns easily predictable numbers
Submitted: 2004-01-26 15:53 UTC Modified: 2004-01-27 05:07 UTC
From: webmaster at armondc dot com Assigned:
Status: Not a bug Package: Math related
PHP Version: 4.3.5RC2-dev OS: Windows 2000 Professional
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: webmaster at armondc dot com
New email:
PHP Version: OS:


 [2004-01-26 15:53 UTC] webmaster at armondc dot com
I'm not sure if this is a very major problem, or even a bug, but here goes:

It seems rand() on Windows is very predictable.

I've tried it on 2 Windows Systems, and they were both predictable.  It showed a breif unpredictable segment, then followed by the same string of characters over and over, and finally a few more unpredictable characters.

I tried this on a FreeBSD 5.2 System, and it was unpreditable enough.  Seems to be a windows-only problem.

I also noticed bug#11108 - It seems similar, but the submitter was using his own seeds, and I am using without.

Reproduce code:
// This will reproduce the problem
// on windows
for($x = 0; $x < 500; $x++) {
  echo chr((rand()%32)+65);

// This is a quick-fix, but
// goes agaist the documentation's
// 'no need for srand()'
for($x = 0; $x < 500; $x++) {
	srand(hexdec(substr(md5(microtime()), 0, 8)));
	echo chr((rand()%32)+65);


Expected result:
Something a bit random like:


Actual result:
An easily spotted pattern:



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2004-01-26 15:56 UTC] webmaster at armondc dot com
On the "actual result" its not as easily spotted without wrapping.  This should give a better picture:

 [2004-01-26 19:04 UTC]
Please try using this CVS snapshot:
For Windows:

Some rand() related bugs have already been fixed..

 [2004-01-26 20:03 UTC] webmaster at armondc dot com
I tried it on 4.3.5RC2-dev, and it's still relativly the same.  The pattern is slightly different, but is still as predictable as before.
 [2004-01-26 20:06 UTC]

Note:  On some platforms (such as Windows) RAND_MAX  is only 32768. If you require a range larger than 32768, consider using mt_rand() instead.

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Jun 18 13:01:32 2024 UTC