This is not making a lot of sense to me based on the code that is in the checkout success page. I'm opening a ticket for you on this so that we can do some more debugging of this. The part that has me really confused is that in the output of the code where it says
After destrying the session:
the id of the session is: 027ac7557094cbf593685e4c4fe8b665
This should not generate another session with the same id, the session_regenerate_id() function should force this to have a new unique id.