std::shuffle leads to different behavior on Windows & Linux

[0vercl0k]

I just discovered that std::shuffle's implementation is not defined by the standard so its behavior might differ per libc implementation.

Note that the implementation is not dictated by the standard, so even if you use exactly the same RandomFunc or URBG (Uniform Random Number Generator) you may get different results with different standard library implementations.

I am definitely observing different behaviors w/ the same seeds on Windows / Ubuntu. MutationDispatcher::Mutate_ShuffleBytes from libfuzzer uses it which leads to the generation of different testcases even w/ the same seeds, ugh:

    size_t MutationDispatcher::Mutate_ShuffleBytes(uint8_t* Data, size_t Size,
        size_t MaxSize) {
        if (Size > MaxSize || Size == 0) return 0;
        size_t ShuffleAmount =
            Rand(std::min(Size, (size_t)8)) + 1; // [1,8] and <= Size.
        size_t ShuffleStart = Rand(Size - ShuffleAmount);
        assert(ShuffleStart + ShuffleAmount <= Size);
        std::shuffle(Data + ShuffleStart, Data + ShuffleStart + ShuffleAmount, Rand);
        return Size;
    }

[0vercl0k]

Actually, I also found that std::uniform_int_distribution has annoying behaviors I wasn't aware of (sigh):

• The sequence of number it'll generate w/ the same seeded generator can differ per libc implementation; the latest Windows/msvc, Linux/gcc versions print the same one, but the latest Linux/clang version doesn't.
• On top of the above, the number of times it gets a number off the generator is different across at least Windows & Linux; this basically also desynchronize testcase generation across platform (example)