We are generating about 1M UUID4 a day, and we are getting several hundred collisions a day, such as:
[2015-08-26 21:29:19 +0200] [production-onebipws-1.apache - 17819] [DEBUG] [Request]
time_total=0.145
"request_id":"fdfb98c1-4367-4f22-b68a-d7cdaedcc069"
[2015-08-27 00:36:16 +0200] [production-onebipws-1.apache - 17819] [DEBUG] [Request]
time_total=0.016
"request_id":"fdfb98c1-4367-4f22-b68a-d7cdaedcc069"
The issue seem to be correlated with the same Apache process regenerating the same UUID after several hours. It also seem to be correlated with particular EC2 machines which presents the problem.
We checked to have openssl_random_pseudo_bytes and if it was using a strong algorithm:
root@dev-all-onebip:~/projects/.../onebip-ultimate$ (master) # php -r "var_dump(function_exists('openssl_random_pseudo_bytes'));"
bool(true)
root@dev-all-onebip:~/projects/.../onebip-ultimate$ (master) # php -r 'openssl_random_pseudo_bytes(16, $strong); var_dump($strong);'
bool(true)
How can we debug this problem?
We are generating about 1M UUID4 a day, and we are getting several hundred collisions a day, such as:
The issue seem to be correlated with the same Apache process regenerating the same UUID after several hours. It also seem to be correlated with particular EC2 machines which presents the problem.
We checked to have
openssl_random_pseudo_bytesand if it was using a strong algorithm:How can we debug this problem?