Opened 13 years ago

Closed 6 years ago

#767 closed enhancement (fixed)

random seed should be more random

Reported by: Jim Ursetto Owned by:
Priority: not urgent at all Milestone:
Component: core libraries Version: 4.7.x
Keywords: Cc:
Estimated difficulty: hard


The default RNG is seeded with time(NULL) which only changes every 1 second. See CHICKEN_initialize in runtime.c. Actually it only changes every 2 seconds, as C_randomize expects a C_word and the bottom bit is therefore destroyed. Actually, on most platforms it may take up to a minute to change values, as rand() is crap. Example:

while :; do date; csi -p '(random 60000)'; done

Instead it should be seeded with pid XOR seconds XOR milliseconds. This is totally portable and doesn't involve replacing rand() with random() or anything else disruptive, just seeding with more random bits.

I will put together a patch to do this, it is a trivial fix.

Change History (4)

comment:1 Changed 13 years ago by Jim Ursetto

Even worse, (randomize) only generates a new result once every 1,000 seconds, as (current-seconds) is divided by 1000. I will aim to fix this as well.

comment:2 Changed 13 years ago by Jim Ursetto

Milestone: 4.8.0
Owner: Jim Ursetto deleted
Priority: majornot urgent at all
Status: newassigned
Type: defectenhancement

I guess it is not trivial, the core would not support it without some disruptive changes, i.e. risking compilation failures on unusual platforms.

1) gettimeofday is not available in core on non-UNIX platforms, even though it is available in both mingw and cygwin themselves. Maybe that is historical.
2) getpid is available on unix and windows but perhaps not elsewhere?

In short, there's no easy way to get the process pid or the usec since epoch at initialization time from runtime.c.

With regard to Peter's hash table security patch, which was the impetus for this ticket -- as it requires a random fixnum when SRFI-69 is loaded --, an ugly workaround should be to use the randomization key in make-hash-table, as in

(use random-bsd)
(make-hash-table eq? hash size randomization: (random-fixnum 536870912))

random-bsd only seeds its own generator, not the system one, so unfortunately you can't just load it and affect the random sequence generated by the core RNG.

I'll leave this open, but at the lowest possible priority.

comment:3 Changed 8 years ago by sjamaan

Estimated difficulty: hard

comment:4 Changed 6 years ago by felix winkelmann

Resolution: fixed
Status: assignedclosed

Fixed in CHICKEN 5 with the new RNG.

Note: See TracTickets for help on using tickets.