Inside SHA1PRNG, random bytes are generated in 20-byte blocks that can be consumed by multiple nextXyz() calls. For example, one nextInt() uses the first 4 bytes, and the next nextInt() will use the next 4 bytes in the same block. And, if a setSeed() is called between them, the block is not thrown away and the 2nd nextInt() still returns the old data.

This can be demonstrated by cloning a SHA1PRNG, call setSeed() on only one, and their nextInt() outputs the same value.

This is a bug because after a setSeed() the output should be totally different.