Why are drand48() and friends obsolete?

Dúthomhas picture Dúthomhas · Aug 12, 2014 · Viewed 12.4k times · Source

After all, they seem superior to the standard libc rand(). Have I missed something?

(I have spent some time searching for this online, and the only other instance of this question I could find was in the context of distribution bias and left unanswered.)

The manual pages for rand() and drand48() also seem at odds. The first recommends the second, and the second states that it is obsolete and the first should be used. (Though, to be fair, a lot of people who understand the math behind PRNGs have issues with the man pages for these functions because they are poorly-worded and in some instances just wrong.)

Still, I can find no justification for the "obsolete" status.

Answer

Keith Thompson picture Keith Thompson · Aug 13, 2014

The man page on my system (which is from the Linux man-pages project says:

These functions are declared obsolete by SVID 3, which states that rand(3) should be used instead.

SVID 3 was published in 1989.

SVID 4 (the link is to a 720-page PDF), published in 1995, documents drand48, erand48, lrand48, nrand48, mrand48, jrand48, srand48, seed48, and lcong48 and, like POSIX, says nothing about them being obsolete.

POSIX, as of 2013, says nothing about them being obsolete, obsolescent, or deprecated.

I haven't found a copy of SVID 3, so I don't know why it would have declared those functions obsolete, but apparently that decision was reconsidered later. The statement in the man page seems like out-of-date information. I wouldn't worry about it.

As for which function you should use, the C standard rand() function is the most portable (unless you recompile a different one from source code). Some rand() implementations are poor quality, with the low-order bits repeating in a very regular pattern; others are slightly better.

If you don't need high quality pseudo-random numbers, you might as well use rand() (seeded by calling srand() with a reasonable value, e.g., srand(time(NULL)).

If you do need high-quality pseudo-random numbers, it's likely that none of these functions is good enough, I'd advise against using any of them for cryptography, for example. You can use /dev/urandom or /dev/random if your system supports it. I've heard good things about the Mersenne Twister, but I lack the expertise to comment further.

(BTW, if you do a Google search for SVID, watch out for Svið).