In various conditions, time.Now() returns a time with lower-than-expected resolution (500μs to 15ms). The Go driver uses time.Now() to seed some pseudo-random number generators, including the one for generating session IDs here. Due to that, it's possible to start two processes that reproduce the same sequence of session IDs if they are started at almost the same time.
Some known cases of low resolution clocks in Go:
- On Windows with versions of Go before 1.16 (see here)
See the proposal for monotonic clocks in Go for more details about how Go measures time using both wall clocks and monotonic clocks.
For seeding all pseudo-random number generators in the Go driver, replace time.Now() with an int64 read from the "crypto/rand" random source.
- is related to
-
GODRIVER-2223 Use "math/rand" instead of "crypto/rand" for UUID generator
- Closed
- related to
-
GODRIVER-2361 Investigate using "x/exp/rand" or "google/uuid" packages to improve UUID generation
- Closed