Symfony version(s) affected

All versions

Description

In 0216e05 the TTL values switch from relative time to absolute timestamps. I wonder why this change was made.

"Memcached implements a monotonic clock to ensure it always goes forward generally when time goes forward for the computer."
memcached/memcached#278

But the internal clock can have skew in some environments. I encountered a Debian system running on VMware ESX host that actually has this. So while the OS clock is correct, the internal memcached clock is not (can be checked with the memcached stats command).

If the time drifts too far, memcached will see that entries are expired at the point you are adding them, and not add them to the store. So, your sessions are not created, logins will fail, carts can not be created, ...

As suggested here memcached/memcached#486 it "relative expiration will still work as advertised since the drift is slow".

So while this seems like an edge case and maybe should be checked on the the infrastructure level instead of in this code, it does feel like this would fix it in all situations.

How to reproduce

Only reproducible on a system that has clock skew on the memcached monotonic timer.

$ date
Mon 12 Dec 2022 08:18:37 PM CET

$ echo stats | nc 127.0.0.1 11211 | grep time
STAT time 1670876432

$ date -d @1670876432
Mon 12 Dec 2022 09:20:32 PM CET

Possible Solution

If the time() calls are removed from the MemcachedSessionHandler that would result in relative TTL's and clock skew will no longer be an issue. I'll do a MR if we agree to fix this.

Additional Context

No response