[BugFix] Fix UpdateTabletSchemaTask signature collision across alter jobs

[wxl24life]

Why I'm doing:

When multiple ALTER TABLE jobs operate on the same table/partition in quick succession, UpdateTabletSchemaTask produces identical AgentTaskQueue signatures because the signature is computed as tablets.hashCode(). Since different alter jobs on the same table operate on the same tablet set, they get the same signature, leading to a race condition:

1. Task rejection: AgentTaskQueue rejects the new task while the old task with the same signature is still queued
2. Task mismatch: After the old task is removed from FE queue (job timeout/cancel), the new task enters the queue with the same signature. When BE finishes executing the old task and reports completion, FE matches it to the new job's task by (backendId, taskType, signature) — matching the wrong job
3. Publish failure: The new job proceeds to publish with a txnId whose txn log was never written by BE, resulting in a 404 error on object storage

This was observed in production where two consecutive ALTER TABLE ADD COLUMN statements on the same table caused the second job to get stuck in FINISHED_REWRITING state, continuously failing to publish with "404 Not Found" on txn log.

What I'm doing:

Override setTxnId() in UpdateTabletSchemaTask to update the signature to Objects.hash(tablets, txnId), ensuring different alter jobs produce different signatures even when operating on the same tablet set.

This is safe because in the LakeTableAlterMetaJobBase.sendAgentTask() call chain, setTxnId(watershedTxnId) is always called before AgentTaskQueue.addBatchTask(), so the signature includes the txnId before the task enters the queue.

Changed files:

• TabletMetadataUpdateAgentTaskFactory.java: Added setTxnId() override in UpdateTabletSchemaTask inner class
• AgentTaskQueueSignatureCollisionTest.java: Added 4 test cases covering signature divergence, queue coexistence, race condition prevention, and dedup preservation

What type of PR is this:

• BugFix
• Feature
• Enhancement
• Refactor
• UT
• Doc
• Tool

Does this PR entail a change in behavior?

• Yes, this PR will result in a change in behavior.
• No, this PR will not result in a change in behavior.

If yes, please specify the type of change:

• Interface/UI changes: syntax, type conversion, expression evaluation, display information
• Parameter changes: default values, similar parameters but with different default values
• Policy changes: use new policy to replace old one, functionality automatically enabled
• Feature removed
• Miscellaneous: upgrade & downgrade compatibility, etc.

Checklist:

• I have added test cases for my bug fix or my new feature
• This pr needs user documentation (for new or modified features or behaviors)
  • I have added documentation for my new feature or new function
  • This pr needs auto generate documentation
• This is a backport pr

Bugfix cherry-pick branch check:

• I have checked the version labels which the pr will be auto-backported to the target branch
  • 4.1
  • 4.0
  • 3.5
  • 3.4

[CelerData-Reviewer]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. You're on a roll.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[github-actions]

[Java-Extensions Incremental Coverage Report]

✅ pass : 0 / 0 (0%)

[github-actions]

[FE Incremental Coverage Report]

✅ pass : 3 / 3 (100.00%)

file detail

	path	covered_line	new_line	coverage	not_covered_line_detail
🔵	com/starrocks/task/TabletMetadataUpdateAgentTaskFactory.java	3	3	100.00%	[]

[github-actions]

[BE Incremental Coverage Report]

✅ pass : 0 / 0 (0%)

[sonarqubecloud]

Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

Fixes a task-signature collision in FE’s UpdateTabletSchemaTask that can occur when multiple ALTER jobs act on the same tablet set, by incorporating txnId into the AgentTaskQueue signature to prevent cross-job task dedup/mismatch.

Changes:

• Override UpdateTabletSchemaTask.setTxnId() to recompute signature as Objects.hash(tablets, txnId).
• Add a new FE unit test class covering signature divergence/coexistence and the previously observed race scenario.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
fe/fe-core/src/main/java/com/starrocks/task/TabletMetadataUpdateAgentTaskFactory.java	Updates UpdateTabletSchemaTask signature derivation to include txnId, avoiding signature collisions across alter jobs on the same tablets.
fe/fe-core/src/test/java/com/starrocks/task/AgentTaskQueueSignatureCollisionTest.java	Adds unit tests validating signature uniqueness across txnIds and queue behavior under the collision/race scenario.

[Copilot]

testSameTxnIdProducesSameSignature claims to verify AgentTaskQueue deduplication for retries, but it never actually attempts to enqueue task2 (and therefore doesn’t assert the expected rejection). As written, the test would pass even if deduplication were broken.

Add an explicit AgentTaskQueue.addTask(task2) call and assert it returns false (and optionally assert the queue still returns task1 for that signature).

[kevincai]

why only override UpdateTabletSchemaTask, how about other tasks that can also set transaction id?

[kevincai]

the other question is the backwards compatibility. Will an upgrade cause all agentTasks for this type invalid due to signature changed.