token_metadata: document that update_normal_tokens is unsafe

Currently, if token_metadata_impl::update_normal_tokens throws an exception before it's done, it leaves the token_metadata_impl members partially updated and we have no way of recovering from that. The existing use cases take that into account and always call it on a cloned, temporary copy of the token metadata, so if it throws, the temporary copy is tossed away without being applied back. So just cement this, by adding cautions in the token_metadata class declaration. Closes #11127 Signed-off-by: Benny Halevy <bhalevy@scylladb.com> Message-Id: <20220728144821.130518-1-bhalevy@scylladb.com>
2022-07-28 17:48:21 +03:00
parent c3bad157e5
commit cf47db2bdb
1 changed files with 6 additions and 0 deletions
--- a/locator/token_metadata.hh
+++ b/locator/token_metadata.hh
@@ -156,9 +156,15 @@ public:
    const std::vector<token>& sorted_tokens() const;
    // Update token->endpoint mappings for a given \c endpoint.
    // \c tokens are all the tokens that are now owned by \c endpoint.
+    //
+    // Note: the function is not exception safe!
+    // It must be called only on a temporary copy of the token_metadata
    future<> update_normal_tokens(std::unordered_set<token> tokens, inet_address endpoint);
    // Batch update token->endpoint mappings for the given endpoints.
    // The \c endpoint_tokens map contains the set of tokens currently owned by each respective endpoint.
+    //
+    // Note: the function is not exception safe!
+    // It must be called only on a temporary copy of the token_metadata
    future<> update_normal_tokens(const std::unordered_map<inet_address, std::unordered_set<token>>& endpoint_tokens);
    const token& first_token(const token& start) const;
    size_t first_token_index(const token& start) const;