Date: Mon, 17 Feb 2003 16:40:48 +1100 From: Tim Robbins <tjr@FreeBSD.ORG> To: Kris Kennaway <kris@obsecurity.org> Cc: "Andrey A. Chernov" <ache@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: cvs commit: src/lib/libc/stdlib rand.c Message-ID: <20030217164048.A28273@dilbert.robbins.dropbear.id.au> In-Reply-To: <20030217045729.GA68471@rot13.obsecurity.org>; from kris@obsecurity.org on Sun, Feb 16, 2003 at 08:57:29PM -0800 References: <200302170352.h1H3qawJ062671@repoman.freebsd.org> <20030217045729.GA68471@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Feb 16, 2003 at 08:57:29PM -0800, Kris Kennaway wrote:
> On Sun, Feb 16, 2003 at 07:52:35PM -0800, Andrey A. Chernov wrote:
>
> > So, monotonically increased seed->first value correlation problem remains...
>
> I think we should commit this patch (to -current) and fix all the
> problems that pop up. For example, it's used in awk (which started
> this set of changes), and in some of the XFree86 libraries.
>
> Kris
>
> Index: stdlib/rand.c
> ===================================================================
> RCS file: /mnt2/ncvs/src/lib/libc/stdlib/rand.c,v
> retrieving revision 1.14
> diff -u -r1.14 rand.c
> --- stdlib/rand.c 5 Feb 2003 21:25:50 -0000 1.14
> +++ stdlib/rand.c 8 Feb 2003 06:07:55 -0000
> @@ -86,6 +86,8 @@
> #endif /* !USE_WEAK_SEEDING */
> }
>
> +__warn_references(rand_r,
> + "warning: rand_r() does not produce high-quality random numbers and should not generally be used");
>
> int
> rand_r(unsigned int *ctx)
> @@ -99,6 +101,9 @@
>
>
> static u_long next = 892053144; /* after srand(1), NSHUFF counted */
> +
> +__warn_references(rand,
> + "warning: rand() does not produce high-quality random numbers and should not generally be used");
>
> int
> rand()
I disagree. It's safe to use rand() in games and in certain kinds of
simulations when you don't care that the distribution isn't quite
uniform, or when you prefer speed over quality. I don't think rand()
needs a warning message like gets() &c. because it's not as dangerous.
What I suggest instead is to remove the pathetic "insults" in rand(3)
("bad" random number generator, obsoleted) and add a BUGS section
which describes the problem.
I'd much prefer that rand() generated higher quality numbers, though.
Tim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030217164048.A28273>