KAFKA-19367: Fix InitProducerId with TV2 double-increments epoch if ongoing transaction is aborted #19910
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
triage
core/src/main/scala/kafka/coordinator/transaction/TransactionCoordinator.scala
Outdated
Show resolved
Hide resolved
jolshan
reviewed
Jun 6, 2025
core/src/main/scala/kafka/coordinator/transaction/TransactionCoordinator.scala
Outdated
Show resolved
Hide resolved
core/src/main/scala/kafka/coordinator/transaction/TransactionCoordinator.scala
Outdated
Show resolved
Hide resolved
jolshan
reviewed
Jun 11, 2025
core/src/test/scala/unit/kafka/coordinator/transaction/TransactionCoordinatorTest.scala
Outdated
Show resolved
Hide resolved
|
Will pick to 4.0 and 4.1 |
jolshan
pushed a commit
that referenced
this pull request
Jun 12, 2025
…ngoing transaction is aborted (#19910) When InitProducerId is handled on the transaction coordinator, the producer epoch is incremented (so that we fence stale requests), then if a transaction was ongoing during this time, it's aborted. With transaction version 2 (a.k.a. KIP-890 part 2), abort increments the producer epoch again (it's the part of the new abort / commit protocol), so the epoch ends up incremented twice. In most cases, this is benign, but in the case where the epoch of the ongoing transaction is 32766, it's incremented to 32767, which is the maximum value for short. Then, when it's incremented for the second time, it goes negative, causing an illegal argument exception. To fix this we just avoid bumping the epoch a second time. Reviewers: Justine Olshan <jolshan@confluent.io>, Artem Livshits <alivshits@confluent.io>
rreddy-22
added a commit
to rreddy-22/kafka-rreddy
that referenced
this pull request
Jun 12, 2025
…ngoing transaction is aborted (apache#19910) When InitProducerId is handled on the transaction coordinator, the producer epoch is incremented (so that we fence stale requests), then if a transaction was ongoing during this time, it's aborted. With transaction version 2 (a.k.a. KIP-890 part 2), abort increments the producer epoch again (it's the part of the new abort / commit protocol), so the epoch ends up incremented twice. In most cases, this is benign, but in the case where the epoch of the ongoing transaction is 32766, it's incremented to 32767, which is the maximum value for short. Then, when it's incremented for the second time, it goes negative, causing an illegal argument exception. To fix this we just avoid bumping the epoch a second time. Reviewers: Justine Olshan <jolshan@confluent.io>, Artem Livshits <alivshits@confluent.io>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When InitProducerId is handled on the transaction coordinator, the
producer epoch is incremented (so that we fence stale requests), then if
a transaction was ongoing during this time, it's aborted. With
transaction version 2 (a.k.a. KIP-890 part 2), abort increments the
producer epoch again (it's the part of the new abort / commit protocol),
so the epoch ends up incremented twice.
In most cases, this is benign, but in the case where the epoch of the
ongoing transaction is 32766, it's incremented to 32767, which is the
maximum value for short. Then, when it's incremented for the second
time, it goes negative, causing an illegal argument exception.
To fix this we just avoid bumping the epoch a second time.
Reviewers: Justine Olshan jolshan@confluent.io, Artem Livshits
alivshits@confluent.io