Eric Sosman said:
...296, obviously. Sorry about that.
You may be conflating the size of the PRNG's expression of
its state with the "diversity" of that state.
I don't think I am though, as always, I think I could have been
clearer. In particular I was talking about PRNGs in general, not
simply those limited to the srand interface. A PRNG with a large
state and narrow seed interface (like srand) is an example of the
exceptions described by the last sentence. The trailing "but the two
are strongly correlated!" is unhelpful and I should have stopped 5
words sooner.
After srand(S)
for some value S, you can call rand() a bunch of times and get
some sequence of values. If you call srand(S) a second time,
rand() must then produce the same sequence of values again. That
is, there can be no more distinct rand() sequences than there can
be S values. It doesn't matter how many bits rand()/srand() use
internally: they can have no more than lg( | { all S } | ) bits
of independent information. (Well, rand() *can* keep bits that
don't derive from S -- but they mustn't affect the output.)
Yes, I get that. Well most of it. The very last part I am not sure
about. Reading 7.20.2.2 p2 closely reveals what may be a deliberate
loophole:
"The srand function uses the argument as a seed for a new sequence
of pseudo-random numbers to be returned by subsequent calls to
rand."
OK, that does not say the seed entirely determines the sequence, just
that it is used as a seed in some (as yet unspecified) way. Let's
imagine an srand that pulls in more random bits from a hardware source
and uses both the supplied seed and the extra bits for the internal
state of the PRNG. The paragraph continues:
"If srand is then called with the same seed value, the sequence of
pseudo-random numbers shall be repeated."
This is odd wording. The "then", "same" and "repeated" suggests that
the requirement to duplicate the sequence applies only to seeds used
previously. If so, srand needs only to store the random bit pulled in
for each seed used so far and it can meet this requirement while using
more bits than were supplied in the seed. Finally:
"If rand is called before any calls to srand have been made, the
same sequence shall be generated as when srand is first called with
a seed value of 1."
I think this means that a seed of 1 fully determines the sequence so
we have to special-case this seed -- no extra bits can be used.
It is, indeed, possible for a small-state PRNG to have an
enormous period. But for rand(), the number of sequences --
and the number of starting points in the enormous periods --
cannot exceed 1+UINT_MAX. Even if the algorithm could do more
(given suitable seeds), the fact that srand() governs rand()
puts a hard limit on what can be done.
Such an srand could get round the hard limit, but would it be
conforming? I would not bet the house on it, but it seems to fit the
letter of the standard.