KAFKA-9727: cleanup the state store for standby task dirty close and check null for changelogs

[abbccdda]

This PR fixes three things:

1. the state should be closed when standby task is restoring as well
2. the EOS standby task should also wipe out state under dirty close
3. the changelog reader should check for null as well

The sequence to reproduce the system test failure:

1. Stream job close uncleanly, leaving active task 0_0 no committed offset
2. The task 0_0 switch from active to standby task, which never logs anything in checkpoint under EOS
3. Task 0_0 gets illegal state for not finding checkpoints, throwing task corrupted exception
4. Exception were caught and the task was closed, however the state store was already registered, and not released.
5. Next iteration we shall hit lock not available as it never gets released.
6. We shall also hit a NPE in the changelog removal as well since it gets removed in the first time handling corruption of the standby task.

Committer Checklist (excluded from commit message)

• Verify design and implementation
• Verify test coverage and CI build status
• Verify documentation (including upgrade notes)

[abbccdda]

fix 3

[guozhangwang]

Nice catch, this is indeed possible.

[abbccdda]

fix 1

[guozhangwang]

Standby task should never be in RESTORING since we always transit from CREATED -> RUNNING -> RESTORING in one call. Did you observe this was not the case from failed system tests? Even in unclean close case you described I did not see why it could be possible..

[abbccdda]

fix 2

[guozhangwang]

I think this is what the below TODO (191) was added for, Thanks :) Please feel free to remove that TODO marker then.

[guozhangwang]

LGTM! I agree that 2)/3) are bugs, not sure about 1) -- we can discuss more about this.

Could you add some tests as well?

[guozhangwang]

Standby task should never be in RESTORING since we always transit from CREATED -> RUNNING -> RESTORING in one call. Did you observe this was not the case from failed system tests? Even in unclean close case you described I did not see why it could be possible..

[guozhangwang]

I think this is what the below TODO (191) was added for, Thanks :) Please feel free to remove that TODO marker then.

[guozhangwang]

Nice catch, this is indeed possible.

[guozhangwang]

test this please

[abbccdda]

Discussed offline with @guozhangwang , the fix 1 was not correct and the true issue was due to the state transition. We call registerStateStores before transiting from CREATED to RUNNING, and if we throw corrupted exceptions there, the task shall not go over the closeStateManager call during close() in the current trunk logic. The proper fix is to trigger closeStateManager for CREATED state as well.

[guozhangwang]

test this please

[vvcephei]

test this please

[guozhangwang]

Not for this PR: we can clean up the task-manager code to not pass in the checkpoint at all.

[guozhangwang]

This part will have some conflicts with @mjsax 's PR, just a note.

[abbccdda]

Yea, one of us probably needs to rebase

[guozhangwang]

For my own education: before the fix, this integration test will fail when instance-2 is started?

[abbccdda]

Yes, actually either instance-1 or instance-2 would fail, depending on which box gets standby assignment. There would be a IllegalState + NPE exception sequence happening.