raft: fix panic when campaign with snapshot

[BusyJay]

If a node starts campaign without applying the snapshot data, loading entries can fail. This can happen when testing transfer leader after snapshot.

This commit is extracted from #12134. Should also fix the issue reported in comment.

@xiang90 PTAL

[xiang90]

If a node starts campaign without applying the snapshot data, loading entries can fail. This can happen when testing transfer leader after snapshot.

is this a problem of the test case or it can also happen in real world case? if a node has not applied the most recent snapshot, shall we even allow it to start a campaign?

[BusyJay]

is this a problem of the test case?

The test case should advance the snapshot before sending out any messages.

it can also happen in real world case?

If implementer follows the implicit rule that don't send any messages and tick until snapshot is advanced, then this can't happen in real world. Otherwise, the raft can still start campaign when there is a pending snapshot. In my opinion, allow campaign here is OK as the raft machine has latest configuration restored from snapshot. As long as there is no pending configuration in following committed entries, it should be safe for it to campaign. Before the request vote messages are sent, the snapshot should be written into disk according to the contract of handling ready, so it's safe even the raft crashes and restarts.

Though I'm also OK to prevent it from campaigning. It should reduce corner cases.

[xiang90]

Though I'm also OK to prevent it from campaigning. It should reduce corner cases.

I would suggest this if you agree.

[BusyJay]

Updated. Two affected test cases are also updated.

[xiang90]

lgtm