Non-unique values for UUID.uuid4/0

[yukster]

An app I work on is using UUID.uuid4/0 to generate secret keys. We noticed some duplicate values in the db (yeah, I know, we should have a unique index on there).

I spun up a test to create several records and I'm seeing the same UUID on all of them. The docs say "this version uses pseudo-random bytes generated by the crypto module". Is it expected that repeat calls would not yield unique values?

Interestingly enough, if I call this function in a loop in an iex console I get different values... but it appears that records inserted in prod mode sometimes get duplicate values. Any help appreciated.

[yukster]

Oh, we're on version 1.1.8. I tried the test on 1.2.0 and I got the same result.

[devstopfix]

@yukster are you running PROD in a container? I have seen the same behaviour in a Java app where it generated identical sequence of values due to the container not providing entropy.

However, the Erlang doc says this should be detected :- https://www.erlang.org/doc/man/crypto.html#strong_rand_bytes-1

may raise exception error:low_entropy in case the random generator failed due to lack of secure "randomness"