version_generator: check that get_next_version is called on shard 0

The get_next_version function can only be safely called from shard 0, but this constraint is not enforced in any way. As evidenced in the previous commit, it is easy to accidentally call it from a non-zero shard. Introduce a runtime check to get_next_version which calls on_fatal_internal_error if it detects that the function was called form the wrong shard. This will let us detect cross-shard use issues in runtime.
scylladb · Feb 23, 2024 · 54546e1 · 54546e1
1 parent 21d5d4e
commit 54546e1
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/gms/version_generator.cc b/gms/version_generator.cc
@@ -8,6 +8,12 @@
  * SPDX-License-Identifier: (AGPL-3.0-or-later and Apache-2.0)
  */
 
+#include <seastar/util/modules.hh>
+#include <seastar/core/shard_id.hh>
+#include <seastar/core/on_internal_error.hh>
+#include <seastar/core/print.hh>
+#include "log.hh"
+#include "seastarx.hh"
 #include "version_generator.hh"
 
 namespace gms {
@@ -16,8 +22,15 @@ namespace version_generator {
 // For us, we run the gossiper on a single CPU, and don't need to use atomics.
 static version_type version;
 
+static logging::logger logger("version_generator");
+
 version_type get_next_version() noexcept
 {
+    if (this_shard_id() != 0) [[unlikely]] {
+        on_fatal_internal_error(logger, format(
+                "{} can only be called on shard 0, but it was called on shard {}",
+                __FUNCTION__, this_shard_id()));
+    }
     return ++version;
 }