Followers may commit inconsistent entries
kuujo opened this issue · comments
Jordan Halterman commented
#261 exposed a case where a leader that becomes a follower can commit an entry from its original term that should have been overridden by entries from the new term.
Here's what happens:
- Server A is elected leader for term 1
- Server A logs commits entries up to index 9, logs an entry at index 10 and then crashes
- Server B is elected leader for term 2
- Server B logs a different entry at index 10 and then commits it via server C
- Server B sends an empty
AppendRequest
to server A withlogIndex=9
,logTerm=1
, andcommitIndex=11
but contains no entries - The log term/index check passes on server A, but it doesn't truncate its log since no entries were in the request. Server A then commits entry
10
sincecommitIndex
is11
The follower should have either truncated its log or not increased the commit index beyond the request log index plus new entries so the inconsistent entry was not applied.
Jordan Halterman commented
Here's the relevant portion of the Raft paper:
Receiver implementation:
1. Reply false if term < currentTerm (§5.1)
2. Reply false if log doesn’t contain an entry at prevLogIndex
whose term matches prevLogTerm (§5.3)
3. If an existing entry conflicts with a new one (same index
but different terms), delete the existing entry and all that
follow it (§5.3)
4. Append any new entries not already in the log
5. If leaderCommit > commitIndex, set commitIndex =
min(leaderCommit, index of last new entry)