-
Bug
-
Resolution: Not an Issue
-
P3
-
None
-
1.4.0_01
-
None
-
sparc
-
solaris_8
During startup of S1 AppServer 7 Alan Beecraft has reported that the server hangs. The cause has been traced to a hang in the SecureRandom internal seeding. It turns out that Alan can replicate the hang with the following minimal test case:
public class RNG
{
public static void main(String[] args)
{
SecureRandom rng = new SecureRandom();
long seed = rng.nextLong();
System.out.println("nextLong: " + seed);
rng.setSeed(seed);
seed = rng.nextLong();
System.out.println("nextLong: " + seed);
}
}
This occurs on a S8 box with Jun.14 recommended patch set. See bug 4708968 for background on the original report.
This behavior has not been observed on any other of our S8 boxes. The most significant difference found is that Alan's S8 box has a /dev/random device, not part of default S8 install. I asked Alan to verify if removing the securerandom.source property from java.security changes the observed behavior; he'll update the bug with more info.
Also refer to bug 4709460. The conditions and outcome are different in that case, but the core problem seems to also be in SecureRandom internal seeding, so there could perhaps be some relation.
###@###.### 2002-06-28
--
###@###.### 2002-07-01
I cannot be entirely certain (as I have since removed the package), but I think
that /dev/random was created just after I installed the /opt/SUNWs1h2 package
(Sun ONE Single-Install Experimental Software - Solaris 8) that was produced
for Java One. This is a "single install" package of App. Server (6.5), plus
Portal Server and a few other Sun ONE products. As I have previously installed
most of the products separately (the App. Server, Directory Server and Web
Server) I suspect that it is the Portal Server which requires/creates the
/dev/random file.
I discovered that I was able to run the test case as a non-root user. After a
suggestions from Jyri I was also able to run his test case as root by commenting
out the following line in the $JAVA_HOME/jre/lib/security/java.security file:
securerandom.source=file:/dev/random
Without this modification the test case hangs indefinitely if run as root,
even though it succeeds if run as a non-root user.
This strikes me as strange because the permissions on the /dev/random file show
it is owned by root:
prw------- 1 root other 0 May 1 11:13 /dev/random
I see that a /dev/random patch is now available for Solaris 8 (112438-01) so
I intend to apply that patch and see if the problem disappears (without the
modification to the java.security file).
###@###.### 2002-07-01
I installed Solaris 8 patch 112438-01 (/dev/random patch) and the problem went
away - I have updated bug 4708968 to request that this patch be added to the
list of pre-requisites for AS7 to ensure that SecureRandom does not hang.
Perhaps this patch should also be added to the list of pre-requisite patches
for 1.4 as the java.security file references /dev/random ?
public class RNG
{
public static void main(String[] args)
{
SecureRandom rng = new SecureRandom();
long seed = rng.nextLong();
System.out.println("nextLong: " + seed);
rng.setSeed(seed);
seed = rng.nextLong();
System.out.println("nextLong: " + seed);
}
}
This occurs on a S8 box with Jun.14 recommended patch set. See bug 4708968 for background on the original report.
This behavior has not been observed on any other of our S8 boxes. The most significant difference found is that Alan's S8 box has a /dev/random device, not part of default S8 install. I asked Alan to verify if removing the securerandom.source property from java.security changes the observed behavior; he'll update the bug with more info.
Also refer to bug 4709460. The conditions and outcome are different in that case, but the core problem seems to also be in SecureRandom internal seeding, so there could perhaps be some relation.
###@###.### 2002-06-28
--
###@###.### 2002-07-01
I cannot be entirely certain (as I have since removed the package), but I think
that /dev/random was created just after I installed the /opt/SUNWs1h2 package
(Sun ONE Single-Install Experimental Software - Solaris 8) that was produced
for Java One. This is a "single install" package of App. Server (6.5), plus
Portal Server and a few other Sun ONE products. As I have previously installed
most of the products separately (the App. Server, Directory Server and Web
Server) I suspect that it is the Portal Server which requires/creates the
/dev/random file.
I discovered that I was able to run the test case as a non-root user. After a
suggestions from Jyri I was also able to run his test case as root by commenting
out the following line in the $JAVA_HOME/jre/lib/security/java.security file:
securerandom.source=file:/dev/random
Without this modification the test case hangs indefinitely if run as root,
even though it succeeds if run as a non-root user.
This strikes me as strange because the permissions on the /dev/random file show
it is owned by root:
prw------- 1 root other 0 May 1 11:13 /dev/random
I see that a /dev/random patch is now available for Solaris 8 (112438-01) so
I intend to apply that patch and see if the problem disappears (without the
modification to the java.security file).
###@###.### 2002-07-01
I installed Solaris 8 patch 112438-01 (/dev/random patch) and the problem went
away - I have updated bug 4708968 to request that this patch be added to the
list of pre-requisites for AS7 to ensure that SecureRandom does not hang.
Perhaps this patch should also be added to the list of pre-requisite patches
for 1.4 as the java.security file references /dev/random ?
- relates to
-
-
- Closed
-