diff --git a/core/lib/Drupal/Core/Session/SessionManager.php b/core/lib/Drupal/Core/Session/SessionManager.php
index 7981398678..3cad00ed11 100644
--- a/core/lib/Drupal/Core/Session/SessionManager.php
+++ b/core/lib/Drupal/Core/Session/SessionManager.php
@@ -255,6 +255,12 @@ class SessionManager extends NativeSessionStorage implements SessionManagerInter
    * {@inheritdoc}
    */
   public function destroy() {
+    // Symfony suggests using Session::invalidate() instead of session_destroy()
+    // however the former calls session_regenerate_id(TRUE), which while
+    // destroying the current session creates a new ID; Drupal has historically
+    // decided to only set sessions when absolutely necessary (e.g., to increase
+    // anonymous user cache hit rates) and as such we cannot use the Symfony
+    // convenience method here.
     session_destroy();
 
     // Unset the session cookies.
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index 0cc211c459..508f213754 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -1396,10 +1396,6 @@ function user_logout() {
   \Drupal::moduleHandler()->invokeAll('user_logout', [$user]);
 
   // Destroy the current session, and reset $user to the anonymous user.
-  // Note: In Symfony the session is intended to be destroyed with
-  // Session::invalidate(). Regrettably this method is currently broken and may
-  // lead to the creation of spurious session records in the database.
-  // @see https://github.com/symfony/symfony/issues/12375
   \Drupal::service('session_manager')->destroy();
   $user->setAccount(new AnonymousUserSession());
 }