Description
The scaling algorithm used internally by MT_RAND_PHP causes undefined CPU-dependent behavior.
This breaks compatibility of the MT random number sequences generated across platforms. (Its properties as a random number are already broken because it is improperly used.)
The following code:
mt_srand(1234, MT_RAND_PHP);
echo mt_rand(PHP_INT_MIN, PHP_INT_MAX) . PHP_EOL;
Resulted in this output:
- i386:
0
- amd64:
0
- arm32v7:
-1
- arm64v8:
-1
- s390x:
-1
Easily reproduced in QEMU's available Docker environment:
$ docker run --rm -it i386/php:7.4-cli -r 'mt_srand(1234, MT_RAND_PHP); echo mt_rand(PHP_INT_MIN, PHP_INT_MAX) . PHP_EOL;'
0
$ docker run --rm -it amd64/php:7.4-cli -r 'mt_srand(1234, MT_RAND_PHP); echo mt_rand(PHP_INT_MIN, PHP_INT_MAX) . PHP_EOL;'
0
$ docker run --rm -it arm32v7/php:7.4-cli -r 'mt_srand(1234, MT_RAND_PHP); echo mt_rand(PHP_INT_MIN, PHP_INT_MAX) . PHP_EOL;'
-1
$ docker run --rm -it arm64v8/php:7.4-cli -r 'mt_srand(1234, MT_RAND_PHP); echo mt_rand(PHP_INT_MIN, PHP_INT_MAX) . PHP_EOL;'
-1
$ docker run --rm -it s390x/php:7.4-cli -r 'mt_srand(1234, MT_RAND_PHP); echo mt_rand(PHP_INT_MIN, PHP_INT_MAX) . PHP_EOL;'
-1
But I expected this output instead:
This should probably be an error since it is beyond the range of getrandmax(), but should be unified to 0 or -1 for compatibility.
PHP Version
PHP 7.4.x (All supported version)
Operating System
Debian 11
Description
The scaling algorithm used internally by MT_RAND_PHP causes undefined CPU-dependent behavior.
This breaks compatibility of the MT random number sequences generated across platforms. (Its properties as a random number are already broken because it is improperly used.)
The following code:
Resulted in this output:
00-1-1-1Easily reproduced in QEMU's available Docker environment:
But I expected this output instead:
This should probably be an error since it is beyond the range of getrandmax(), but should be unified to 0 or -1 for compatibility.
PHP Version
PHP 7.4.x (All supported version)
Operating System
Debian 11