[
https://issues.apache.org/jira/browse/HADOOP-9857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13735138#comment-13735138
]
Chris Nauroth commented on HADOOP-9857:
---------------------------------------
This relates back to HADOOP-7335 and HADOOP-7841, which started passing
{{-Djava.security.egd=file:///dev/urandom}}. Officially, documentation says
that we're supposed to use {{file:/dev/urandom}}, but according to this
comment, that didn't work as expected on Linux:
https://issues.apache.org/jira/browse/HADOOP-7335?focusedCommentId=13042504&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13042504
Instead, we needed {{file:///dev/urandom}} to get the behavior that we want.
Unfortunately, this causes bad side effects on Windows, because the JVM tries
to do an exact string match on "file:/dev/urandom" in logic for selecting the
native entropy provider on Windows. See line 256 here:
http://hg.openjdk.java.net/jdk6/jdk6/jdk/file/ffa98eed5766/src/share/classes/sun/security/provider/SunEntries.java
Also, see the logic starting at line 96 here:
http://hg.openjdk.java.net/jdk6/jdk6/jdk/file/ffa98eed5766/src/share/classes/sun/security/provider/SeedGenerator.java
By enabling {{-Djava.security.debug=all}}, I was able to see that it was
entering the "Failed to create seed generator" code path after a 5-second delay.
The problem was made more obvious recently by the introduction of client ID in
each RPC client instance. This requires creation of a {{UUID}}, so creation of
the first RPC client instance in a test would trigger the 5-second delay.
> Tests block and sometimes timeout on Windows due to invalid entropy source.
> ---------------------------------------------------------------------------
>
> Key: HADOOP-9857
> URL: https://issues.apache.org/jira/browse/HADOOP-9857
> Project: Hadoop Common
> Issue Type: Bug
> Components: build, test
> Affects Versions: 3.0.0, 2.1.1-beta
> Reporter: Chris Nauroth
> Assignee: Chris Nauroth
>
> Tests are configured to set the entropy source to {{file:///dev/urandom}} to
> prevent blocking on machines with low entropy. We've observed that on
> Windows, this will cause tests to block for 5 seconds trying to access this
> non-existent path the first time the process does something that needs
> entropy, such as using a {{SecureRandom}} or creating a {{UUID}}. This can
> cause tests to fail due to timeouts. In addition to the initial 5-second
> blocking, this causes the JVM to fall back to a slower, non-native seed
> generation implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
