When clients perform a huge number of writes in a short transaction, that can result in huge change sets. For example, if a client performs 10M writes and sends that change set over, that can easily be 1GB large. The transaction manager will keep this in memory. It will also write this as an edit to the transaction log.
Assume it runs out of memory because the change set is too large. It crashes and when it restarts, it will replay the log, load that huge change set again, and crash again.
To prevent this kind of systemic failure, and to encourage developers to use long transactions when performing many writes, we can introduce two new properties in the configuration:
- change set warn threshold: if a change set exceeds this size, a warning is logged.
- change set reject threshold: if a change set exceeds this size, it is rejected (canCommit will throw an exception) and that will fail the transaction.
Both thresholds should be Long.MAX_VALUE by default, to preserve existing behavior after upgrade.