nic-6443 commented on issue #8931: URL: https://github.com/apache/apisix/issues/8931#issuecomment-4676898221
Closing the loop on this one — it's fixed on master by #13508 (commit f27d6f900). The fd leak came from the C `lua-resty-nanoid` library, which opened `/dev/urandom` on every ID generation and never closed it, exactly as you found back in 2023. Rather than patching that library, the dependency was removed entirely: the `nanoid` algorithm in `request-id` is now generated in pure Lua from `resty.random` (OpenSSL's CSPRNG), so there's no per-call file descriptor at all, and it also fixes occasional duplicate/garbled IDs from the old C code. The fix will be in the first release after 3.16.0; until then any 3.x release still carries the leak, so `uuid` is the safe algorithm choice on existing versions. This can be closed now. Thanks for the thorough investigation in this thread. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
