srandSets and returns the random number seed for the rand operator.
The point of the function is to "seed" the rand function so that randcan produce a different sequence each time you run your program. Whencalled with a parameter, srand uses that for the seed; otherwise it(semi-)randomly chooses a seed. In either case, starting with Perl 5.14,it returns the seed. To signal that your code will work only on Perlsof a recent vintage:
- use 5.014;# so srand returns the seed
If srand() is not called explicitly, it is called implicitly without aparameter at the first use of the rand operator. However, this was not trueof versions of Perl before 5.004, so if your script will run under olderPerl versions, it should call srand; otherwise most programs won't callsrand() at all.
But there are a few situations in recent Perls where programs are likely towant to call srand. One is for generating predictable results generally fortesting or debugging. There, you use srand($seed), with the same $seedeach time. Another case is that you may want to call srand()after a fork() to avoid child processes sharing the same seed value as theparent (and consequently each other).
Do not call srand() (i.e., without an argument) more than once perprocess. The internal state of the random number generator shouldcontain more entropy than can be provided by any seed, so callingsrand() again actually loses randomness.
Most implementations of srand take an integer and will silentlytruncate decimal numbers. This means srand(42) will usuallyproduce the same results as srand(42.1). To be safe, always passsrand an integer.
In versions of Perl prior to 5.004 the default seed was just thecurrent time. This isn't a particularly good seed, so many oldprograms supply their own seed value (often time ^ $$ or time ^($$ + ($$ << 15))), but that isn't necessary any more.
Frequently called programs (like CGI scripts) that simply use
- time ^ $$
for a seed can fall prey to the mathematical property that
- a^b == (a+1)^(b+1)
one-third of the time. So don't do that.
A typical use of the returned seed is for a test program which has too manycombinations to test comprehensively in the time available to it each run. Itcan test a random subset each time, and should there be a failure, log the seedused for that run so that it can later be used to reproduce the same results.
rand() is not cryptographically secure. You should not relyon it in security-sensitive situations. As of this writing, anumber of third-party CPAN modules offer random number generatorsintended by their authors to be cryptographically secure,including: Data::Entropy, Crypt::Random, Math::Random::Secure,and Math::TrulyRandom.
