Investigate replacements for SmallRng algorithm

[dhardy]

Due to close correlations of PCG streams and lack of right-state propegation we should consider replacing PCG with another algorithm(s) for the next Rand version (0.8).

From the docs, the purpose of SmallRng is:

SmallRng may be a good choice when a PRNG with small state, cheap initialization, good statistical quality and good performance are required. It is not a good choice when security against prediction or reproducibility are important. ... The algorithm is deterministic but should not be considered reproducible due to dependence on platform and possible replacement in future library versions.

Ideally (in my opinion), SmallRng should be small but not too small; preferably 128-bit or 256-bit if we must. @vigna have you thoughts on this (given that you recommend a 256-bit variant of your generator for general usage, but in this case we already have a ChaCha-based generator for general usage)?

There are other generators besides PCG and Xo(ro)shiro, e.g. GJrand, JSF and SFC, though I've seen less analysis of these. Previous decisions on this topic have been somewhat influenced by this thread, though it only considers benchmarks and some very basic analysis.

[vigna]

Do you need multiple streams? Constant-time jumps for parallel execution? Are 64-bit operations fine or would you prefer 32-bit operations?

[dhardy]

We expect the key size (seed + stream) to be at least 100 bits. We require an algorithm for 32-bit CPUs and for 64-bit CPUs (currently we have a different RNG for each; they could also be the same).

For parallel usage we generally recommend seeding each PRNG independently from a strong master (CSPRNG or system source) instead of using jumps.

[vks]

Does this affect the current implementation of SeedableRng::seed_from_u64?

[vigna]

For these two cases, on my page I suggest xoroshiro128++ or xoshiro128++. The second generator is 32-bit though, so you'll need to call it twice for a 64-bit integer or a double.

Note that in general generators writing to multiple locations (like those above) might perform better in artificial benchmarks (e.g., loops) than generators with a stream parameter, but in real life the cost of storing two words instead of one might be detectable even at the application level in some circumstances (e.g., a lot of generation but in a situation in which the compiler cannot keep the state of the PRNG in registers).

SplitMix fills many of your requirements. The problem with it is that the parameter (the additive constant of the underlying Weyl generator) must have a balance of zeros and ones, so it might be tricky to have the user specify an arbitrary parameter and avoid collisions when you "fix" it.

An alternative you might explore is any kind of 64-bit engine (e.g., a xorshift generator or an LCG with modulus 2^64) with a strong parameterized scrambling function. Something like a murmurHash mix, but inserting the constant defining the stream in the middel (e.g., when you multiply). Of course it is not guaranteed that all constants will work equally, etc. Streams are objectively difficult unless you are using a stream cipher.

[dhardy]

Does this affect the current implementation of SeedableRng::seed_from_u64?

I don't believe so. In this case we care more about reproducibility and less about supporting many independent instances (the function only accepts 64-bit key, and uses a fixed stream).

I did some quick benchmarks of our existing Rust PRNGs below. These are not fully representative (only one CPU arch, may be a little imprecise), but show roughly how our current code performs.

x86_64 (Haswell):

test gen_bytes_chacha12      ... bench:     351,126 ns/iter (+/- 22,460) = 2916 MB/s
test gen_bytes_chacha20      ... bench:     535,578 ns/iter (+/- 41,333) = 1911 MB/s
test gen_bytes_chacha8       ... bench:     256,668 ns/iter (+/- 10,779) = 3989 MB/s
test gen_bytes_hc128         ... bench:     461,475 ns/iter (+/- 42,922) = 2218 MB/s
test gen_bytes_os            ... bench:   4,672,746 ns/iter (+/- 105,596) = 219 MB/s
test gen_bytes_pcg32         ... bench:     480,698 ns/iter (+/- 8,081) = 2130 MB/s
test gen_bytes_pcg64         ... bench:     410,520 ns/iter (+/- 10,004) = 2494 MB/s
test gen_bytes_pcg64mcg      ... bench:     337,623 ns/iter (+/- 8,450) = 3032 MB/s
test gen_bytes_std           ... bench:     535,034 ns/iter (+/- 9,829) = 1913 MB/s
test gen_bytes_step          ... bench:     272,422 ns/iter (+/- 4,405) = 3758 MB/s
test gen_bytes_isaac                ... bench:     767,380 ns/iter (+/- 14,082) = 1334 MB/s
test gen_bytes_isaac64              ... bench:     410,192 ns/iter (+/- 11,555) = 2496 MB/s
test gen_bytes_splitmix64           ... bench:     504,261 ns/iter (+/- 19,653) = 2030 MB/s
test gen_bytes_xoroshiro128plus     ... bench:     471,811 ns/iter (+/- 19,862) = 2170 MB/s
test gen_bytes_xoroshiro128plusplus ... bench:     465,413 ns/iter (+/- 25,334) = 2200 MB/s
test gen_bytes_xoroshiro128starstar ... bench:     465,180 ns/iter (+/- 20,501) = 2201 MB/s
test gen_bytes_xoroshiro64star      ... bench:     560,486 ns/iter (+/- 12,691) = 1826 MB/s
test gen_bytes_xoroshiro64starstar  ... bench:     590,918 ns/iter (+/- 14,597) = 1732 MB/s
test gen_bytes_xorshift             ... bench:     385,338 ns/iter (+/- 15,345) = 2657 MB/s
test gen_bytes_xoshiro128plus       ... bench:     480,411 ns/iter (+/- 21,039) = 2131 MB/s
test gen_bytes_xoshiro128plusplus   ... bench:     506,841 ns/iter (+/- 35,335) = 2020 MB/s
test gen_bytes_xoshiro128starstar   ... bench:     485,184 ns/iter (+/- 34,264) = 2110 MB/s
test gen_bytes_xoshiro256plus       ... bench:     373,064 ns/iter (+/- 29,397) = 2744 MB/s
test gen_bytes_xoshiro256plusplus   ... bench:     382,244 ns/iter (+/- 15,187) = 2678 MB/s
test gen_bytes_xoshiro256starstar   ... bench:     365,659 ns/iter (+/- 27,107) = 2800 MB/s
test gen_bytes_xoshiro512plus       ... bench:     395,434 ns/iter (+/- 46,206) = 2589 MB/s
test gen_bytes_xoshiro512plusplus   ... bench:     410,415 ns/iter (+/- 32,176) = 2495 MB/s
test gen_bytes_xoshiro512starstar   ... bench:     400,167 ns/iter (+/- 11,301) = 2558 MB/s
test gen_bytes_siprng ... bench:     662,201 ns/iter (+/- 41,361) = 1546 MB/s

test gen_u32_chacha12        ... bench:       1,778 ns/iter (+/- 77) = 2249 MB/s
test gen_u32_chacha20        ... bench:       2,516 ns/iter (+/- 73) = 1589 MB/s
test gen_u32_chacha8         ... bench:       1,304 ns/iter (+/- 46) = 3067 MB/s
test gen_u32_hc128           ... bench:       1,836 ns/iter (+/- 46) = 2178 MB/s
test gen_u32_os              ... bench:     623,795 ns/iter (+/- 28,568) = 6 MB/s
test gen_u32_pcg32           ... bench:       1,218 ns/iter (+/- 38) = 3284 MB/s
test gen_u32_pcg64           ... bench:       1,867 ns/iter (+/- 40) = 2142 MB/s
test gen_u32_pcg64mcg        ... bench:       1,222 ns/iter (+/- 50) = 3273 MB/s
test gen_u32_std             ... bench:       2,506 ns/iter (+/- 86) = 1596 MB/s
test gen_u32_step            ... bench:          96 ns/iter (+/- 3) = 41666 MB/s
test gen_u32_isaac                  ... bench:       3,242 ns/iter (+/- 228) = 1233 MB/s
test gen_u32_isaac64                ... bench:       3,251 ns/iter (+/- 292) = 1230 MB/s
test gen_u32_splitmix64             ... bench:         820 ns/iter (+/- 34) = 4878 MB/s
test gen_u32_xoroshiro128plus       ... bench:       1,071 ns/iter (+/- 79) = 3734 MB/s
test gen_u32_xoroshiro128plusplus   ... bench:       1,524 ns/iter (+/- 115) = 2624 MB/s
test gen_u32_xoroshiro128starstar   ... bench:       1,358 ns/iter (+/- 302) = 2945 MB/s
test gen_u32_xoroshiro64star        ... bench:       1,582 ns/iter (+/- 108) = 2528 MB/s
test gen_u32_xoroshiro64starstar    ... bench:       1,720 ns/iter (+/- 206) = 2325 MB/s
test gen_u32_xorshift               ... bench:       1,376 ns/iter (+/- 676) = 2906 MB/s
test gen_u32_xoshiro128plus         ... bench:         983 ns/iter (+/- 32) = 4069 MB/s
test gen_u32_xoshiro128plusplus     ... bench:       1,036 ns/iter (+/- 23) = 3861 MB/s
test gen_u32_xoshiro128starstar     ... bench:       1,150 ns/iter (+/- 4) = 3478 MB/s
test gen_u32_xoshiro256plus         ... bench:         981 ns/iter (+/- 6) = 4077 MB/s
test gen_u32_xoshiro256plusplus     ... bench:       1,120 ns/iter (+/- 17) = 3571 MB/s
test gen_u32_xoshiro256starstar     ... bench:       1,065 ns/iter (+/- 7) = 3755 MB/s
test gen_u32_xoshiro512plus         ... bench:       3,362 ns/iter (+/- 34) = 1189 MB/s
test gen_u32_xoshiro512plusplus     ... bench:       3,467 ns/iter (+/- 23) = 1153 MB/s
test gen_u32_xoshiro512starstar     ... bench:       3,418 ns/iter (+/- 67) = 1170 MB/s
test gen_u32_siprng   ... bench:       5,052 ns/iter (+/- 417) = 791 MB/s

test gen_u64_chacha12        ... bench:       3,993 ns/iter (+/- 315) = 2003 MB/s
test gen_u64_chacha20        ... bench:       4,463 ns/iter (+/- 164) = 1792 MB/s
test gen_u64_chacha8         ... bench:       3,268 ns/iter (+/- 181) = 2447 MB/s
test gen_u64_hc128           ... bench:       3,930 ns/iter (+/- 387) = 2035 MB/s
test gen_u64_os              ... bench:     625,831 ns/iter (+/- 14,467) = 12 MB/s
test gen_u64_pcg32           ... bench:       2,664 ns/iter (+/- 228) = 3003 MB/s
test gen_u64_pcg64           ... bench:       1,868 ns/iter (+/- 37) = 4282 MB/s
test gen_u64_pcg64mcg        ... bench:       1,215 ns/iter (+/- 25) = 6584 MB/s
test gen_u64_std             ... bench:       5,380 ns/iter (+/- 211) = 1486 MB/s
test gen_u64_step            ... bench:         152 ns/iter (+/- 9) = 52631 MB/s
test gen_u64_isaac                  ... bench:       7,551 ns/iter (+/- 26) = 1059 MB/s
test gen_u64_isaac64                ... bench:       3,621 ns/iter (+/- 16) = 2209 MB/s
test gen_u64_splitmix64             ... bench:         994 ns/iter (+/- 14) = 8048 MB/s
test gen_u64_xoroshiro128plus       ... bench:       1,201 ns/iter (+/- 3) = 6661 MB/s
test gen_u64_xoroshiro128plusplus   ... bench:       1,408 ns/iter (+/- 4) = 5681 MB/s
test gen_u64_xoroshiro128starstar   ... bench:       1,342 ns/iter (+/- 26) = 5961 MB/s
test gen_u64_xoroshiro64star        ... bench:       3,064 ns/iter (+/- 111) = 2610 MB/s
test gen_u64_xoroshiro64starstar    ... bench:       3,337 ns/iter (+/- 142) = 2397 MB/s
test gen_u64_xorshift               ... bench:       1,849 ns/iter (+/- 218) = 4326 MB/s
test gen_u64_xoshiro128plus         ... bench:       1,834 ns/iter (+/- 193) = 4362 MB/s
test gen_u64_xoshiro128plusplus     ... bench:       2,190 ns/iter (+/- 187) = 3652 MB/s
test gen_u64_xoshiro128starstar     ... bench:       2,070 ns/iter (+/- 189) = 3864 MB/s
test gen_u64_xoshiro256plus         ... bench:         987 ns/iter (+/- 148) = 8105 MB/s
test gen_u64_xoshiro256plusplus     ... bench:       1,038 ns/iter (+/- 107) = 7707 MB/s
test gen_u64_xoshiro256starstar     ... bench:       1,129 ns/iter (+/- 98) = 7085 MB/s
test gen_u64_xoshiro512plus         ... bench:       3,337 ns/iter (+/- 123) = 2397 MB/s
test gen_u64_xoshiro512plusplus     ... bench:       3,377 ns/iter (+/- 239) = 2368 MB/s
test gen_u64_xoshiro512starstar     ... bench:       3,446 ns/iter (+/- 203) = 2321 MB/s
test gen_u64_siprng   ... bench:       5,037 ns/iter (+/- 128) = 1588 MB/s


i686 (emulated on Haswell):

test gen_bytes_chacha12      ... bench:   2,959,160 ns/iter (+/- 69,935) = 346 MB/s
test gen_bytes_chacha20      ... bench:   4,676,660 ns/iter (+/- 176,771) = 218 MB/s
test gen_bytes_chacha8       ... bench:   2,129,900 ns/iter (+/- 105,724) = 480 MB/s
test gen_bytes_hc128         ... bench:     779,442 ns/iter (+/- 23,737) = 1313 MB/s
test gen_bytes_os            ... bench:   4,763,796 ns/iter (+/- 68,559) = 214 MB/s
test gen_bytes_pcg32         ... bench:     841,579 ns/iter (+/- 20,688) = 1216 MB/s
test gen_bytes_pcg64         ... bench:   1,499,088 ns/iter (+/- 90,571) = 683 MB/s
test gen_bytes_pcg64mcg      ... bench:   1,291,361 ns/iter (+/- 24,630) = 792 MB/s
test gen_bytes_std           ... bench:   4,732,747 ns/iter (+/- 124,216) = 216 MB/s
test gen_bytes_step          ... bench:     319,588 ns/iter (+/- 4,945) = 3204 MB/s
test gen_bytes_isaac                ... bench:   1,028,576 ns/iter (+/- 195,479) = 995 MB/s
test gen_bytes_isaac64              ... bench:     564,817 ns/iter (+/- 6,652) = 1812 MB/s
test gen_bytes_splitmix64           ... bench:   2,781,309 ns/iter (+/- 67,637) = 368 MB/s
test gen_bytes_xoroshiro128plus     ... bench:   4,087,332 ns/iter (+/- 1,702,551) = 250 MB/s
test gen_bytes_xoroshiro128plusplus ... bench:   4,295,951 ns/iter (+/- 468,283) = 238 MB/s
test gen_bytes_xoroshiro128starstar ... bench:   2,778,644 ns/iter (+/- 119,197) = 368 MB/s
test gen_bytes_xoroshiro64star      ... bench:     598,607 ns/iter (+/- 46,824) = 1710 MB/s
test gen_bytes_xoroshiro64starstar  ... bench:     621,693 ns/iter (+/- 34,658) = 1647 MB/s
test gen_bytes_xorshift             ... bench:     441,959 ns/iter (+/- 37,409) = 2316 MB/s
test gen_bytes_xoshiro128plus       ... bench:     704,238 ns/iter (+/- 56,033) = 1454 MB/s
test gen_bytes_xoshiro128plusplus   ... bench:     557,983 ns/iter (+/- 53,534) = 1835 MB/s
test gen_bytes_xoshiro128starstar   ... bench:     568,295 ns/iter (+/- 67,564) = 1801 MB/s
test gen_bytes_xoshiro256plus       ... bench:     728,636 ns/iter (+/- 42,730) = 1405 MB/s
test gen_bytes_xoshiro256plusplus   ... bench:     758,109 ns/iter (+/- 11,789) = 1350 MB/s
test gen_bytes_xoshiro256starstar   ... bench:     769,551 ns/iter (+/- 4,485) = 1330 MB/s
test gen_bytes_xoshiro512plus       ... bench:     907,000 ns/iter (+/- 3,928) = 1128 MB/s
test gen_bytes_xoshiro512plusplus   ... bench:   1,025,192 ns/iter (+/- 15,996) = 998 MB/s
test gen_bytes_xoshiro512starstar   ... bench:     914,588 ns/iter (+/- 28,553) = 1119 MB/s
test gen_bytes_siprng ... bench:   1,699,922 ns/iter (+/- 29,795) = 602 MB/s

test gen_u32_chacha12        ... bench:      12,904 ns/iter (+/- 308) = 309 MB/s
test gen_u32_chacha20        ... bench:      19,474 ns/iter (+/- 255) = 205 MB/s
test gen_u32_chacha8         ... bench:       9,149 ns/iter (+/- 240) = 437 MB/s
test gen_u32_hc128           ... bench:       2,453 ns/iter (+/- 151) = 1630 MB/s
test gen_u32_os              ... bench:     642,248 ns/iter (+/- 23,286) = 6 MB/s
test gen_u32_pcg32           ... bench:       2,831 ns/iter (+/- 293) = 1412 MB/s
test gen_u32_pcg64           ... bench:       9,930 ns/iter (+/- 691) = 402 MB/s
test gen_u32_pcg64mcg        ... bench:       8,675 ns/iter (+/- 751) = 461 MB/s
test gen_u32_std             ... bench:      18,959 ns/iter (+/- 995) = 210 MB/s
test gen_u32_step            ... bench:           2 ns/iter (+/- 0) = 2000000 MB/s
test gen_u32_isaac                  ... bench:       3,742 ns/iter (+/- 74) = 1068 MB/s
test gen_u32_isaac64                ... bench:       4,328 ns/iter (+/- 124) = 924 MB/s
test gen_u32_splitmix64             ... bench:       2,001 ns/iter (+/- 93) = 1999 MB/s
test gen_u32_xoroshiro128plus       ... bench:       2,499 ns/iter (+/- 336) = 1600 MB/s
test gen_u32_xoroshiro128plusplus   ... bench:       2,608 ns/iter (+/- 37) = 1533 MB/s
test gen_u32_xoroshiro128starstar   ... bench:       2,816 ns/iter (+/- 309) = 1420 MB/s
test gen_u32_xoroshiro64star        ... bench:       1,307 ns/iter (+/- 106) = 3060 MB/s
test gen_u32_xoroshiro64starstar    ... bench:       1,490 ns/iter (+/- 133) = 2684 MB/s
test gen_u32_xorshift               ... bench:       1,547 ns/iter (+/- 164) = 2585 MB/s
test gen_u32_xoshiro128plus         ... bench:       2,372 ns/iter (+/- 177) = 1686 MB/s
test gen_u32_xoshiro128plusplus     ... bench:       2,408 ns/iter (+/- 232) = 1661 MB/s
test gen_u32_xoshiro128starstar     ... bench:       1,702 ns/iter (+/- 68) = 2350 MB/s
test gen_u32_xoshiro256plus         ... bench:       4,157 ns/iter (+/- 284) = 962 MB/s
test gen_u32_xoshiro256plusplus     ... bench:       4,162 ns/iter (+/- 593) = 961 MB/s
test gen_u32_xoshiro256starstar     ... bench:       4,091 ns/iter (+/- 295) = 977 MB/s
test gen_u32_xoshiro512plus         ... bench:       6,711 ns/iter (+/- 341) = 596 MB/s
test gen_u32_xoshiro512plusplus     ... bench:       7,369 ns/iter (+/- 438) = 542 MB/s
test gen_u32_xoshiro512starstar     ... bench:       6,171 ns/iter (+/- 83) = 648 MB/s
test gen_u32_siprng   ... bench:      15,812 ns/iter (+/- 965) = 252 MB/s

test gen_u64_chacha12        ... bench:      23,474 ns/iter (+/- 2,590) = 340 MB/s
test gen_u64_chacha20        ... bench:      35,887 ns/iter (+/- 4,109) = 222 MB/s
test gen_u64_chacha8         ... bench:      16,714 ns/iter (+/- 1,957) = 478 MB/s
test gen_u64_hc128           ... bench:       5,033 ns/iter (+/- 681) = 1589 MB/s
test gen_u64_os              ... bench:     721,669 ns/iter (+/- 75,554) = 11 MB/s
test gen_u64_pcg32           ... bench:       6,309 ns/iter (+/- 251) = 1268 MB/s
test gen_u64_pcg64           ... bench:      11,835 ns/iter (+/- 1,544) = 675 MB/s
test gen_u64_pcg64mcg        ... bench:      11,505 ns/iter (+/- 545) = 695 MB/s
test gen_u64_std             ... bench:      36,579 ns/iter (+/- 634) = 218 MB/s
test gen_u64_step            ... bench:           4 ns/iter (+/- 0) = 2000000 MB/s
test gen_u64_isaac                  ... bench:       7,792 ns/iter (+/- 257) = 1026 MB/s
test gen_u64_isaac64                ... bench:       5,642 ns/iter (+/- 407) = 1417 MB/s
test gen_u64_splitmix64             ... bench:       2,236 ns/iter (+/- 96) = 3577 MB/s
test gen_u64_xoroshiro128plus       ... bench:       3,360 ns/iter (+/- 223) = 2380 MB/s
test gen_u64_xoroshiro128plusplus   ... bench:       3,833 ns/iter (+/- 159) = 2087 MB/s
test gen_u64_xoroshiro128starstar   ... bench:       3,787 ns/iter (+/- 164) = 2112 MB/s
test gen_u64_xoroshiro64star        ... bench:       2,982 ns/iter (+/- 51) = 2682 MB/s
test gen_u64_xoroshiro64starstar    ... bench:       3,119 ns/iter (+/- 72) = 2564 MB/s
test gen_u64_xorshift               ... bench:       2,558 ns/iter (+/- 204) = 3127 MB/s
test gen_u64_xoshiro128plus         ... bench:       3,017 ns/iter (+/- 315) = 2651 MB/s
test gen_u64_xoshiro128plusplus     ... bench:       2,772 ns/iter (+/- 330) = 2886 MB/s
test gen_u64_xoshiro128starstar     ... bench:       2,815 ns/iter (+/- 321) = 2841 MB/s
test gen_u64_xoshiro256plus         ... bench:       4,115 ns/iter (+/- 127) = 1944 MB/s
test gen_u64_xoshiro256plusplus     ... bench:       5,121 ns/iter (+/- 155) = 1562 MB/s
test gen_u64_xoshiro256starstar     ... bench:       4,620 ns/iter (+/- 154) = 1731 MB/s
test gen_u64_xoshiro512plus         ... bench:       7,430 ns/iter (+/- 858) = 1076 MB/s
test gen_u64_xoshiro512plusplus     ... bench:       7,301 ns/iter (+/- 756) = 1095 MB/s
test gen_u64_xoshiro512starstar     ... bench:       7,020 ns/iter (+/- 695) = 1139 MB/s
test gen_u64_siprng   ... bench:      16,127 ns/iter (+/- 592) = 496 MB/s

[vks]

It's nice to see that chacha8 is faster than steprng thanks to vectorization!

This looks like xoshiro128++ and xoshiro256++ are good choices for i686 and x86_64, respectively.

[dhardy]

test gen_bytes_chacha8 ... bench: 2,129,900 ns/iter (+/- 105,724) = 480 MB/s

Not on i686. I guess this has more to do with which CPU features can be assumed than the word size.

[dhardy]

Some results are improved a little when using RUSTFLAGS="-C target-cpu=native". Whether we should care about this is questionable. I posted some results using this (x86_64) here.

[vks]

Not on i686. I guess this has more to do with which CPU features can be assumed than the word size.

Yes, this is expected, because x86_64 implies SSE2, but i686 doesn't.

[vigna]

Are you keeping the compiler from unrolling loops? My experience, in particular with clang, is that the compiler will unroll different code a different number of times, strongly biasing the results. That might not be the case here, but it doesn't hurt.

The other parameter that might influence heavily the result is whether you let the compiler extract loop invariants. In that case, anything using large constants might appear much faster than in reality, because due to the small loop size all constants are loaded into registers before entering the loop. When you're mixing generation with other activities this might or might not happen (but this depends a lot on the CPU architecture).

[dhardy]

Most of the results (the MB/s value) are robust against doubling each of RAND_BENCH_N (from 1000 to 2000) and BYTES_LEN (from 1024 to 2048), testing gen_bytes_* benches from the rngs repo and gen_u* from the rand repo. There are a few differences, e.g. SplitMix is approx 8% slower when the byte output length is doubled, and the 128-bit PCG generators appear about 4% faster when the number of loop iterations is doubled. Most benchmarks are basically unaffected.

This doesn't rule out loop unrolling, but I would expect to see some larger changes if it were a significant factor.

When you're mixing generation with other activities this might or might not happen

I don't really know what we can do about this, except to recommend that users benchmark their particular applications (which we already do). SmallRng is supposed to be a "reasonable default choice", not necessarily the best.

[vigna]

I didn't say you had to do anything—that was just a general comment. My benchmarks use 10^10 iterations.

In C, -march=native can have disruptive effects—for example, on my benchmark hardware SplitMix gets unrolled/vectorized by GCC and takes 0.50ns/word.

[dhardy]

Based on re-reading this and this, sfc64 and sfc32 also appear good candidates.

I have updated @pitdicker's small-rngs repo here and run some benchmarks; they perform well here:

test gen_u32_ci                   ... bench:       5,662 ns/iter (+/- 308) = 706 MB/s
test gen_u32_gj                   ... bench:       2,701 ns/iter (+/- 105) = 1480 MB/s
test gen_u32_jsf32                ... bench:         963 ns/iter (+/- 28) = 4153 MB/s
test gen_u32_jsf64                ... bench:       1,048 ns/iter (+/- 134) = 3816 MB/s
test gen_u32_kiss32               ... bench:       3,572 ns/iter (+/- 700) = 1119 MB/s
test gen_u32_kiss64               ... bench:       2,997 ns/iter (+/- 117) = 1334 MB/s
test gen_u32_msws                 ... bench:       1,119 ns/iter (+/- 28) = 3574 MB/s
test gen_u32_mwp                  ... bench:         938 ns/iter (+/- 31) = 4264 MB/s
test gen_u32_pcg_xsh_64_lcg       ... bench:       1,162 ns/iter (+/- 76) = 3442 MB/s
test gen_u32_pcg_xsl_128_mcg      ... bench:       1,202 ns/iter (+/- 54) = 3327 MB/s
test gen_u32_pcg_xsl_64_lcg       ... bench:       1,123 ns/iter (+/- 48) = 3561 MB/s
test gen_u32_sapparoth_32         ... bench:       1,355 ns/iter (+/- 53) = 2952 MB/s
test gen_u32_sapparoth_64         ... bench:       1,339 ns/iter (+/- 93) = 2987 MB/s
test gen_u32_sfc_32               ... bench:       1,203 ns/iter (+/- 66) = 3325 MB/s
test gen_u32_sfc_64               ... bench:       1,210 ns/iter (+/- 20) = 3305 MB/s
test gen_u32_velox                ... bench:       2,117 ns/iter (+/- 113) = 1889 MB/s
test gen_u32_xoroshiro_128_plus   ... bench:       1,284 ns/iter (+/- 63) = 3115 MB/s
test gen_u32_xoroshiro_64_plus    ... bench:       1,336 ns/iter (+/- 58) = 2994 MB/s
test gen_u32_xoroshiro_mt_32of128 ... bench:       1,376 ns/iter (+/- 79) = 2906 MB/s
test gen_u32_xoroshiro_mt_64of128 ... bench:       1,413 ns/iter (+/- 57) = 2830 MB/s
test gen_u32_xorshift_128_32      ... bench:         808 ns/iter (+/- 32) = 4950 MB/s
test gen_u32_xorshift_128_64      ... bench:       1,053 ns/iter (+/- 70) = 3798 MB/s
test gen_u32_xorshift_128_plus    ... bench:       1,180 ns/iter (+/- 132) = 3389 MB/s
test gen_u32_xorshift_mt_32       ... bench:       1,202 ns/iter (+/- 50) = 3327 MB/s
test gen_u32_xorshift_mt_64       ... bench:       1,262 ns/iter (+/- 37) = 3169 MB/s
test gen_u32_xsm32                ... bench:       2,654 ns/iter (+/- 355) = 1507 MB/s
test gen_u32_xsm64                ... bench:       1,185 ns/iter (+/- 26) = 3375 MB/s
test gen_u64_ci                   ... bench:      10,732 ns/iter (+/- 1,305) = 745 MB/s
test gen_u64_gj                   ... bench:       2,943 ns/iter (+/- 327) = 2718 MB/s
test gen_u64_jsf32                ... bench:       2,121 ns/iter (+/- 219) = 3771 MB/s
test gen_u64_jsf64                ... bench:       1,038 ns/iter (+/- 103) = 7707 MB/s
test gen_u64_kiss32               ... bench:       5,281 ns/iter (+/- 110) = 1514 MB/s
test gen_u64_kiss64               ... bench:       3,022 ns/iter (+/- 202) = 2647 MB/s
test gen_u64_msws                 ... bench:       1,154 ns/iter (+/- 25) = 6932 MB/s
test gen_u64_mwp                  ... bench:       1,219 ns/iter (+/- 108) = 6562 MB/s
test gen_u64_pcg_xsh_64_lcg       ... bench:       2,318 ns/iter (+/- 164) = 3451 MB/s
test gen_u64_pcg_xsl_128_mcg      ... bench:       1,206 ns/iter (+/- 136) = 6633 MB/s
test gen_u64_pcg_xsl_64_lcg       ... bench:       2,322 ns/iter (+/- 186) = 3445 MB/s
test gen_u64_sapparoth_32         ... bench:       2,734 ns/iter (+/- 263) = 2926 MB/s
test gen_u64_sapparoth_64         ... bench:       1,336 ns/iter (+/- 103) = 5988 MB/s
test gen_u64_sfc_32               ... bench:       2,829 ns/iter (+/- 152) = 2827 MB/s
test gen_u64_sfc_64               ... bench:       1,078 ns/iter (+/- 62) = 7421 MB/s
test gen_u64_velox                ... bench:       3,995 ns/iter (+/- 219) = 2002 MB/s
test gen_u64_xoroshiro_128_plus   ... bench:       1,346 ns/iter (+/- 111) = 5943 MB/s
test gen_u64_xoroshiro_64_plus    ... bench:       2,609 ns/iter (+/- 193) = 3066 MB/s
test gen_u64_xoroshiro_mt_32of128 ... bench:       2,873 ns/iter (+/- 202) = 2784 MB/s
test gen_u64_xoroshiro_mt_64of128 ... bench:       1,510 ns/iter (+/- 109) = 5298 MB/s
test gen_u64_xorshift_128_32      ... bench:       2,902 ns/iter (+/- 195) = 2756 MB/s
test gen_u64_xorshift_128_64      ... bench:       1,048 ns/iter (+/- 84) = 7633 MB/s
test gen_u64_xorshift_128_plus    ... bench:       1,003 ns/iter (+/- 55) = 7976 MB/s
test gen_u64_xorshift_mt_32       ... bench:       2,647 ns/iter (+/- 162) = 3022 MB/s
test gen_u64_xorshift_mt_64       ... bench:       1,349 ns/iter (+/- 126) = 5930 MB/s
test gen_u64_xsm32                ... bench:       3,534 ns/iter (+/- 302) = 2263 MB/s
test gen_u64_xsm64                ... bench:       1,158 ns/iter (+/- 70) = 6908 MB/s

[dhardy]

Simulated i686 benchmarks imply we should prefer SFC32 over SFC64 for 32-bit platforms:

test gen_u32_sfc_32               ... bench:       2,495 ns/iter (+/- 193) = 1603 MB/s
test gen_u32_sfc_64               ... bench:       4,046 ns/iter (+/- 172) = 988 MB/s
test gen_u64_sfc_32               ... bench:       3,731 ns/iter (+/- 192) = 2144 MB/s
test gen_u64_sfc_64               ... bench:       3,839 ns/iter (+/- 398) = 2083 MB/s