/**
* Test that an attempt to kill a pinned cursor succeeds with more than one client.
*/
TEST_F(CursorManagerTest, ShouldBeAbleToKillPinnedCursorMultiClient) {
CursorManager* cursorManager = useCursorManager();
const bool shouldAudit = false;
OperationContext* const pinningOpCtx = _opCtx.get();
// Pin the cursor from one client.
auto cursorPin = cursorManager->registerCursor(pinningOpCtx,
{makeFakePlanExecutor(),
kTestNss,
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
auto cursorId = cursorPin.getCursor()->cursorid();
// Set up another client to kill the cursor.
auto killCursorClientOwned = getGlobalServiceContext()->makeClient("killCursorClient");
// Keep around a raw pointer for when we transfer ownership of killingClientOwned to the global
// current client.
Client* killCursorClient = killCursorClientOwned.get();
// Need to swap the current client in order to make an operation context.
auto pinningClient = Client::releaseCurrent();
Client::setCurrent(std::move(killCursorClientOwned));
auto killCursorOpCtx = killCursorClient->makeOperationContext();
invariant(killCursorOpCtx);
ASSERT_OK(cursorManager->killCursor(killCursorOpCtx.get(), cursorId, shouldAudit));
// The original operation should have been interrupted since the cursor was pinned.
ASSERT_EQ(pinningOpCtx->checkForInterruptNoAssert(), ErrorCodes::CursorKilled);
}
/**
* Test that a cursor cannot be timed out while in use, and that it's time of last use is updated
* when it is unpinned.
*/
TEST_F(CursorManagerTest, CursorShouldNotTimeOutUntilIdleForLongEnoughAfterBeingUnpinned) {
CursorManager* cursorManager = useCursorManager();
auto clock = useClock();
// Register a cursor which we will look at again.
auto cursorPin = cursorManager->registerCursor(_opCtx.get(),
{makeFakePlanExecutor(),
kTestNss,
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
// Advance the clock to simulate time passing.
clock->advance(getDefaultCursorTimeoutMillis() + Milliseconds(1));
// Make sure the pinned cursor does not time out, before or after unpinning it.
ASSERT_EQ(1UL, cursorManager->numCursors());
ASSERT_EQ(0UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(1UL, cursorManager->numCursors());
cursorPin.release();
ASSERT_EQ(1UL, cursorManager->numCursors());
ASSERT_EQ(0UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(1UL, cursorManager->numCursors());
// Advance the clock to simulate more time passing, then assert that the now-inactive cursor
// times out.
clock->advance(getDefaultCursorTimeoutMillis() + Milliseconds(1));
ASSERT_EQ(1UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(0UL, cursorManager->numCursors());
}
void CursorManager::doFrame()
{
CursorManager* manager = get();
if (manager->mCurrentCursor != nullptr && manager->isCursorShown())
{
manager->mCurrentCursor->setCurrentFrame();
}
}
TEST_F(CursorManagerTest,
CursorsFromCollectionCursorManagerShouldNotReportBeingManagedByGlobalCursorManager) {
CursorManager* cursorManager = useCursorManager();
auto opCtx = cc().makeOperationContext();
for (int i = 0; i < 1000; i++) {
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(), {makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
ASSERT_FALSE(CursorManager::isGloballyManagedCursor(cursorPin.getCursor()->cursorid()));
}
}
/**
* Test that using a cursor updates its time of last use.
*/
TEST_F(CursorManagerTest, UsingACursorShouldUpdateTimeOfLastUse) {
CursorManager* cursorManager = useCursorManager();
auto clock = useClock();
// Register a cursor which we will look at again.
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(), {makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
auto usedCursorId = cursorPin.getCursor()->cursorid();
cursorPin.release();
// Register a cursor to immediately forget about, to make sure it will time out on a normal
// schedule.
cursorManager->registerCursor(_opCtx.get(),
{makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
// Advance the clock to simulate time passing.
clock->advance(Milliseconds(1));
// Touch the cursor with id 'usedCursorId' to advance its time of last use.
cursorManager->pinCursor(_opCtx.get(), usedCursorId).status_with_transitional_ignore();
// We should be able to time out the unused cursor, but the one we used should stay alive.
ASSERT_EQ(2UL, cursorManager->numCursors());
clock->advance(getDefaultCursorTimeoutMillis() - Milliseconds(1));
ASSERT_EQ(1UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(1UL, cursorManager->numCursors());
// We should be able to time out the used cursor after one more millisecond.
clock->advance(Milliseconds(1));
ASSERT_EQ(1UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(0UL, cursorManager->numCursors());
}
/**
* Test that pinned cursors do not get timed out.
*/
TEST_F(CursorManagerTest, InactivePinnedCursorShouldNotTimeout) {
CursorManager* cursorManager = useCursorManager();
auto clock = useClock();
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(),
{makeFakePlanExecutor(), NamespaceString{"test.collection"}, {}, false, BSONObj()});
// The pin is still in scope, so it should not time out.
clock->advance(getDefaultCursorTimeoutMillis());
ASSERT_EQ(0UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
}
/**
* Test that an attempt to kill a pinned cursor fails and produces an appropriate assertion.
*/
TEST_F(CursorManagerTest, ShouldNotBeAbleToKillPinnedCursor) {
CursorManager* cursorManager = useCursorManager();
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(), {makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
auto cursorId = cursorPin.getCursor()->cursorid();
const bool shouldAudit = false;
ASSERT_EQ(cursorManager->eraseCursor(_opCtx.get(), cursorId, shouldAudit),
ErrorCodes::OperationFailed);
}
/**
* Test that client cursors time out and get deleted.
*/
TEST_F(CursorManagerTest, InactiveCursorShouldTimeout) {
CursorManager* cursorManager = useCursorManager();
auto clock = useClock();
cursorManager->registerCursor(_opCtx.get(),
{makeFakePlanExecutor(),
NamespaceString{"test.collection"},
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
ASSERT_EQ(0UL, cursorManager->timeoutCursors(_opCtx.get(), Date_t()));
clock->advance(getDefaultCursorTimeoutMillis());
ASSERT_EQ(1UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(0UL, cursorManager->numCursors());
cursorManager->registerCursor(_opCtx.get(),
{makeFakePlanExecutor(),
NamespaceString{"test.collection"},
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
ASSERT_EQ(1UL, cursorManager->timeoutCursors(_opCtx.get(), Date_t::max()));
ASSERT_EQ(0UL, cursorManager->numCursors());
}
TEST_F(CursorManagerTest,
AllCursorsFromCollectionCursorManagerShouldContainIdentical32BitPrefixes) {
CursorManager* cursorManager = useCursorManager();
boost::optional<uint32_t> prefix;
for (int i = 0; i < 1000; i++) {
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(), {makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
auto cursorId = cursorPin.getCursor()->cursorid();
if (prefix) {
ASSERT_EQ(*prefix, extractLeading32Bits(cursorId));
} else {
prefix = extractLeading32Bits(cursorId);
}
}
}
/**
* Test that an attempt to kill a pinned cursor succeeds.
*/
TEST_F(CursorManagerTest, ShouldBeAbleToKillPinnedCursor) {
CursorManager* cursorManager = useCursorManager();
const bool shouldAudit = false;
OperationContext* const pinningOpCtx = _opCtx.get();
auto cursorPin = cursorManager->registerCursor(pinningOpCtx,
{makeFakePlanExecutor(),
kTestNss,
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
auto cursorId = cursorPin.getCursor()->cursorid();
ASSERT_OK(cursorManager->killCursor(_opCtx.get(), cursorId, shouldAudit));
// The original operation should have been interrupted since the cursor was pinned.
ASSERT_EQ(pinningOpCtx->checkForInterruptNoAssert(), ErrorCodes::CursorKilled);
}
/**
* Test that client cursors which have been marked as killed but are still pinned *do not* time out.
*/
TEST_F(CursorManagerTest, InactiveKilledCursorsThatAreStillPinnedShouldNotTimeout) {
CursorManager* cursorManager = useCursorManager();
auto clock = useClock();
// Make a cursor from the plan executor, and immediately kill it.
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(),
{makeFakePlanExecutor(), NamespaceString{"test.collection"}, {}, false, BSONObj()});
const bool collectionGoingAway = false;
cursorManager->invalidateAll(
_opCtx.get(), collectionGoingAway, "KilledCursorsShouldTimeoutTest");
// Advance the clock to simulate time passing.
clock->advance(getDefaultCursorTimeoutMillis());
// The pin is still in scope, so it should not time out.
ASSERT_EQ(0UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
}
/**
* Test that client cursors which have been marked as killed time out and get deleted.
*/
TEST_F(CursorManagerTest, InactiveKilledCursorsShouldTimeout) {
CursorManager* cursorManager = useCursorManager();
auto clock = useClock();
// Make a cursor from the plan executor, and immediately kill it.
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(),
{makeFakePlanExecutor(), NamespaceString{"test.collection"}, {}, false, BSONObj()});
cursorPin.release();
const bool collectionGoingAway = false;
cursorManager->invalidateAll(
_opCtx.get(), collectionGoingAway, "KilledCursorsShouldTimeoutTest");
// Advance the clock to simulate time passing.
clock->advance(Milliseconds(CursorManager::kDefaultCursorTimeoutMinutes));
ASSERT_EQ(1UL, cursorManager->timeoutCursors(_opCtx.get(), clock->now()));
ASSERT_EQ(0UL, cursorManager->numCursors());
}
/**
* Tests that invalidating a cursor while it is in use will deregister it from the cursor manager,
* transferring ownership to the pinned cursor.
*/
TEST_F(CursorManagerTest, InvalidatePinnedCursor) {
CursorManager* cursorManager = useCursorManager();
auto cursorPin = cursorManager->registerCursor(_opCtx.get(),
{makeFakePlanExecutor(),
kTestNss,
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
// If the cursor is pinned, it sticks around, even after invalidation.
ASSERT_EQUALS(1U, cursorManager->numCursors());
const std::string invalidateReason("InvalidatePinned Test");
cursorManager->invalidateAll(_opCtx.get(), false, invalidateReason);
ASSERT_EQUALS(0U, cursorManager->numCursors());
// The invalidation should have killed the plan executor.
BSONObj objOut;
ASSERT_EQUALS(PlanExecutor::DEAD, cursorPin.getCursor()->getExecutor()->getNext(&objOut, NULL));
ASSERT(WorkingSetCommon::isValidStatusMemberObject(objOut));
const Status status = WorkingSetCommon::getMemberObjectStatus(objOut);
ASSERT(status.reason().find(invalidateReason) != std::string::npos);
cursorPin.release();
ASSERT_EQUALS(0U, cursorManager->numCursors());
}
/**
* Tests that invalidating a cursor without dropping the collection while the cursor is not in use
* will keep the cursor registered. After being invalidated, pinning the cursor should take
* ownership of the cursor and calling getNext() on its PlanExecutor should return an error
* including the error message.
*/
TEST_F(CursorManagerTest, InvalidateCursor) {
CursorManager* cursorManager = useCursorManager();
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(), {makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
auto cursorId = cursorPin.getCursor()->cursorid();
cursorPin.release();
ASSERT_EQUALS(1U, cursorManager->numCursors());
auto invalidateReason = "Invalidate Test";
const bool collectionGoingAway = false;
cursorManager->invalidateAll(_opCtx.get(), collectionGoingAway, invalidateReason);
// Since the collection is not going away, the cursor should remain open, but be killed.
ASSERT_EQUALS(1U, cursorManager->numCursors());
// Pinning a killed cursor should result in an error and clean up the cursor.
ASSERT_EQ(ErrorCodes::QueryPlanKilled,
cursorManager->pinCursor(_opCtx.get(), cursorId).getStatus());
ASSERT_EQUALS(0U, cursorManager->numCursors());
}
/**
* Tests that invalidating a cursor and dropping the collection while the cursor is not in use will
* not keep the cursor registered.
*/
TEST_F(CursorManagerTest, InvalidateCursorWithDrop) {
CursorManager* cursorManager = useCursorManager();
auto cursorPin = cursorManager->registerCursor(
_opCtx.get(), {makeFakePlanExecutor(), kTestNss, {}, false, BSONObj()});
auto cursorId = cursorPin.getCursor()->cursorid();
cursorPin.release();
ASSERT_EQUALS(1U, cursorManager->numCursors());
auto invalidateReason = "Invalidate Test";
const bool collectionGoingAway = true;
cursorManager->invalidateAll(_opCtx.get(), collectionGoingAway, invalidateReason);
// Since the collection is going away, the cursor should not remain open.
ASSERT_EQ(ErrorCodes::CursorNotFound,
cursorManager->pinCursor(_opCtx.get(), cursorId).getStatus());
ASSERT_EQUALS(0U, cursorManager->numCursors());
}
/**
* Called by db/instance.cpp. This is the getMore entry point.
*
* pass - when QueryOption_AwaitData is in use, the caller will make repeated calls
* when this method returns an empty result, incrementing pass on each call.
* Thus, pass == 0 indicates this is the first "attempt" before any 'awaiting'.
*/
QueryResult::View getMore(OperationContext* txn,
const char* ns,
int ntoreturn,
long long cursorid,
CurOp& curop,
int pass,
bool& exhaust,
bool* isCursorAuthorized) {
// For testing, we may want to fail if we receive a getmore.
if (MONGO_FAIL_POINT(failReceivedGetmore)) {
invariant(0);
}
exhaust = false;
const NamespaceString nss(ns);
// Depending on the type of cursor being operated on, we hold locks for the whole getMore,
// or none of the getMore, or part of the getMore. The three cases in detail:
//
// 1) Normal cursor: we lock with "ctx" and hold it for the whole getMore.
// 2) Cursor owned by global cursor manager: we don't lock anything. These cursors don't
// own any collection state.
// 3) Agg cursor: we lock with "ctx", then release, then relock with "unpinDBLock" and
// "unpinCollLock". This is because agg cursors handle locking internally (hence the
// release), but the pin and unpin of the cursor must occur under the collection lock.
// We don't use our AutoGetCollectionForRead "ctx" to relock, because
// AutoGetCollectionForRead checks the sharding version (and we want the relock for the
// unpin to succeed even if the sharding version has changed).
//
// Note that we declare our locks before our ClientCursorPin, in order to ensure that the
// pin's destructor is called before the lock destructors (so that the unpin occurs under
// the lock).
boost::scoped_ptr<AutoGetCollectionForRead> ctx;
boost::scoped_ptr<Lock::DBLock> unpinDBLock;
boost::scoped_ptr<Lock::CollectionLock> unpinCollLock;
CursorManager* cursorManager;
CursorManager* globalCursorManager = CursorManager::getGlobalCursorManager();
if (globalCursorManager->ownsCursorId(cursorid)) {
cursorManager = globalCursorManager;
}
else {
ctx.reset(new AutoGetCollectionForRead(txn, nss));
Collection* collection = ctx->getCollection();
uassert( 17356, "collection dropped between getMore calls", collection );
cursorManager = collection->getCursorManager();
}
LOG(5) << "Running getMore, cursorid: " << cursorid << endl;
// This checks to make sure the operation is allowed on a replicated node. Since we are not
// passing in a query object (necessary to check SlaveOK query option), the only state where
// reads are allowed is PRIMARY (or master in master/slave). This function uasserts if
// reads are not okay.
Status status = repl::getGlobalReplicationCoordinator()->checkCanServeReadsFor(
txn,
nss,
true);
uassertStatusOK(status);
// A pin performs a CC lookup and if there is a CC, increments the CC's pin value so it
// doesn't time out. Also informs ClientCursor that there is somebody actively holding the
// CC, so don't delete it.
ClientCursorPin ccPin(cursorManager, cursorid);
ClientCursor* cc = ccPin.c();
// If we're not being called from DBDirectClient we want to associate the RecoveryUnit
// used to create the execution machinery inside the cursor with our OperationContext.
// If we throw or otherwise exit this method in a disorderly fashion, we must ensure
// that further calls to getMore won't fail, and that the provided OperationContext
// has a valid RecoveryUnit. As such, we use RAII to accomplish this.
//
// This must be destroyed before the ClientCursor is destroyed.
std::auto_ptr<ScopedRecoveryUnitSwapper> ruSwapper;
// These are set in the QueryResult msg we return.
int resultFlags = ResultFlag_AwaitCapable;
int numResults = 0;
int startingResult = 0;
const int InitialBufSize =
512 + sizeof(QueryResult::Value) + MaxBytesToReturnToClientAtOnce;
BufBuilder bb(InitialBufSize);
bb.skip(sizeof(QueryResult::Value));
if (NULL == cc) {
cursorid = 0;
resultFlags = ResultFlag_CursorNotFound;
}
else {
// Check for spoofing of the ns such that it does not match the one originally
// there for the cursor.
uassert(ErrorCodes::Unauthorized,
str::stream() << "Requested getMore on namespace " << ns << ", but cursor "
<< cursorid << " belongs to namespace " << cc->ns(),
ns == cc->ns());
*isCursorAuthorized = true;
// Restore the RecoveryUnit if we need to.
if (txn->getClient()->isInDirectClient()) {
if (cc->hasRecoveryUnit())
invariant(txn->recoveryUnit() == cc->getUnownedRecoveryUnit());
}
else {
if (!cc->hasRecoveryUnit()) {
// Start using a new RecoveryUnit
cc->setOwnedRecoveryUnit(
getGlobalServiceContext()->getGlobalStorageEngine()->newRecoveryUnit());
}
// Swap RecoveryUnit(s) between the ClientCursor and OperationContext.
ruSwapper.reset(new ScopedRecoveryUnitSwapper(cc, txn));
}
// Reset timeout timer on the cursor since the cursor is still in use.
cc->setIdleTime(0);
// If the operation that spawned this cursor had a time limit set, apply leftover
// time to this getmore.
curop.setMaxTimeMicros(cc->getLeftoverMaxTimeMicros());
txn->checkForInterrupt(); // May trigger maxTimeAlwaysTimeOut fail point.
if (0 == pass) {
cc->updateSlaveLocation(txn);
}
if (cc->isAggCursor()) {
// Agg cursors handle their own locking internally.
ctx.reset(); // unlocks
}
// If we're replaying the oplog, we save the last time that we read.
Timestamp slaveReadTill;
// What number result are we starting at? Used to fill out the reply.
startingResult = cc->pos();
// What gives us results.
PlanExecutor* exec = cc->getExecutor();
const int queryOptions = cc->queryOptions();
// Get results out of the executor.
exec->restoreState(txn);
BSONObj obj;
PlanExecutor::ExecState state;
while (PlanExecutor::ADVANCED == (state = exec->getNext(&obj, NULL))) {
// Add result to output buffer.
bb.appendBuf((void*)obj.objdata(), obj.objsize());
// Count the result.
++numResults;
// Possibly note slave's position in the oplog.
if (queryOptions & QueryOption_OplogReplay) {
BSONElement e = obj["ts"];
if (Date == e.type() || bsonTimestamp == e.type()) {
slaveReadTill = e.timestamp();
}
}
if (enoughForGetMore(ntoreturn, numResults, bb.len())) {
break;
}
}
if (PlanExecutor::DEAD == state || PlanExecutor::FAILURE == state) {
// Propagate this error to caller.
if (PlanExecutor::FAILURE == state) {
scoped_ptr<PlanStageStats> stats(exec->getStats());
error() << "Plan executor error, stats: "
<< Explain::statsToBSON(*stats);
uasserted(17406, "getMore executor error: " +
WorkingSetCommon::toStatusString(obj));
}
// In the old system tailable capped cursors would be killed off at the
// cursorid level. If a tailable capped cursor is nuked the cursorid
// would vanish.
//
// In the new system they die and are cleaned up later (or time out).
// So this is where we get to remove the cursorid.
if (0 == numResults) {
resultFlags = ResultFlag_CursorNotFound;
}
}
const bool shouldSaveCursor =
shouldSaveCursorGetMore(state, exec, isCursorTailable(cc));
// In order to deregister a cursor, we need to be holding the DB + collection lock and
// if the cursor is aggregation, we release these locks.
if (cc->isAggCursor()) {
invariant(NULL == ctx.get());
unpinDBLock.reset(new Lock::DBLock(txn->lockState(), nss.db(), MODE_IS));
unpinCollLock.reset(new Lock::CollectionLock(txn->lockState(), nss.ns(), MODE_IS));
}
// Our two possible ClientCursorPin cleanup paths are:
// 1) If the cursor is not going to be saved, we call deleteUnderlying() on the pin.
// 2) If the cursor is going to be saved, we simply let the pin go out of scope. In
// this case, the pin's destructor will be invoked, which will call release() on the
// pin. Because our ClientCursorPin is declared after our lock is declared, this
// will happen under the lock.
if (!shouldSaveCursor) {
ruSwapper.reset();
ccPin.deleteUnderlying();
// cc is now invalid, as is the executor
cursorid = 0;
cc = NULL;
curop.debug().cursorExhausted = true;
LOG(5) << "getMore NOT saving client cursor, ended with state "
<< PlanExecutor::statestr(state)
<< endl;
}
else {
// Continue caching the ClientCursor.
cc->incPos(numResults);
exec->saveState();
LOG(5) << "getMore saving client cursor ended with state "
<< PlanExecutor::statestr(state)
<< endl;
if (PlanExecutor::IS_EOF == state && (queryOptions & QueryOption_CursorTailable)) {
if (!txn->getClient()->isInDirectClient()) {
// Don't stash the RU. Get a new one on the next getMore.
ruSwapper->dismiss();
}
if ((queryOptions & QueryOption_AwaitData)
&& (numResults == 0)
&& (pass < 1000)) {
// Bubble up to the AwaitData handling code in receivedGetMore which will
// try again.
return NULL;
}
}
// Possibly note slave's position in the oplog.
if ((queryOptions & QueryOption_OplogReplay) && !slaveReadTill.isNull()) {
cc->slaveReadTill(slaveReadTill);
}
exhaust = (queryOptions & QueryOption_Exhaust);
// If the getmore had a time limit, remaining time is "rolled over" back to the
// cursor (for use by future getmore ops).
cc->setLeftoverMaxTimeMicros( curop.getRemainingMaxTimeMicros() );
}
}
QueryResult::View qr = bb.buf();
qr.msgdata().setLen(bb.len());
qr.msgdata().setOperation(opReply);
qr.setResultFlags(resultFlags);
qr.setCursorId(cursorid);
qr.setStartingFrom(startingResult);
qr.setNReturned(numResults);
bb.decouple();
LOG(5) << "getMore returned " << numResults << " results\n";
return qr;
}
bool run(OperationContext* txn,
const std::string& dbname,
BSONObj& cmdObj,
int options,
std::string& errmsg,
BSONObjBuilder& result) override {
// Counted as a getMore, not as a command.
globalOpCounters.gotGetMore();
if (txn->getClient()->isInDirectClient()) {
return appendCommandStatus(result,
Status(ErrorCodes::IllegalOperation,
"Cannot run getMore command from eval()"));
}
StatusWith<GetMoreRequest> parseStatus = GetMoreRequest::parseFromBSON(dbname, cmdObj);
if (!parseStatus.isOK()) {
return appendCommandStatus(result, parseStatus.getStatus());
}
const GetMoreRequest& request = parseStatus.getValue();
// Depending on the type of cursor being operated on, we hold locks for the whole
// getMore, or none of the getMore, or part of the getMore. The three cases in detail:
//
// 1) Normal cursor: we lock with "ctx" and hold it for the whole getMore.
// 2) Cursor owned by global cursor manager: we don't lock anything. These cursors
// don't own any collection state.
// 3) Agg cursor: we lock with "ctx", then release, then relock with "unpinDBLock" and
// "unpinCollLock". This is because agg cursors handle locking internally (hence the
// release), but the pin and unpin of the cursor must occur under the collection
// lock. We don't use our AutoGetCollectionForRead "ctx" to relock, because
// AutoGetCollectionForRead checks the sharding version (and we want the relock for
// the unpin to succeed even if the sharding version has changed).
//
// Note that we declare our locks before our ClientCursorPin, in order to ensure that
// the pin's destructor is called before the lock destructors (so that the unpin occurs
// under the lock).
std::unique_ptr<AutoGetCollectionForRead> ctx;
std::unique_ptr<Lock::DBLock> unpinDBLock;
std::unique_ptr<Lock::CollectionLock> unpinCollLock;
CursorManager* cursorManager;
CursorManager* globalCursorManager = CursorManager::getGlobalCursorManager();
if (globalCursorManager->ownsCursorId(request.cursorid)) {
cursorManager = globalCursorManager;
}
else {
ctx.reset(new AutoGetCollectionForRead(txn, request.nss));
Collection* collection = ctx->getCollection();
if (!collection) {
return appendCommandStatus(result,
Status(ErrorCodes::OperationFailed,
"collection dropped between getMore calls"));
}
cursorManager = collection->getCursorManager();
}
ClientCursorPin ccPin(cursorManager, request.cursorid);
ClientCursor* cursor = ccPin.c();
if (!cursor) {
// We didn't find the cursor.
return appendCommandStatus(result, Status(ErrorCodes::CursorNotFound, str::stream()
<< "Cursor not found, cursor id: " << request.cursorid));
}
if (request.nss.ns() != cursor->ns()) {
return appendCommandStatus(result, Status(ErrorCodes::Unauthorized, str::stream()
<< "Requested getMore on namespace '" << request.nss.ns()
<< "', but cursor belongs to a different namespace"));
}
const bool hasOwnMaxTime = CurOp::get(txn)->isMaxTimeSet();
// Validation related to awaitData.
if (isCursorAwaitData(cursor)) {
invariant(isCursorTailable(cursor));
if (!hasOwnMaxTime) {
Status status(ErrorCodes::BadValue,
str::stream() << "Must set maxTimeMS on a getMore if the initial "
<< "query had 'awaitData' set: " << cmdObj);
return appendCommandStatus(result, status);
}
if (cursor->isAggCursor()) {
Status status(ErrorCodes::BadValue,
"awaitData cannot be set on an aggregation cursor");
return appendCommandStatus(result, status);
}
}
// On early return, get rid of the cursor.
ScopeGuard cursorFreer = MakeGuard(&GetMoreCmd::cleanupCursor, txn, &ccPin, request);
if (!cursor->hasRecoveryUnit()) {
// Start using a new RecoveryUnit.
cursor->setOwnedRecoveryUnit(
getGlobalServiceContext()->getGlobalStorageEngine()->newRecoveryUnit());
}
// Swap RecoveryUnit(s) between the ClientCursor and OperationContext.
ScopedRecoveryUnitSwapper ruSwapper(cursor, txn);
// Reset timeout timer on the cursor since the cursor is still in use.
cursor->setIdleTime(0);
// If there is no time limit set directly on this getMore command, but the operation
// that spawned this cursor had a time limit set, then we have to apply any leftover
// time to this getMore.
if (!hasOwnMaxTime) {
CurOp::get(txn)->setMaxTimeMicros(cursor->getLeftoverMaxTimeMicros());
}
txn->checkForInterrupt(); // May trigger maxTimeAlwaysTimeOut fail point.
if (cursor->isAggCursor()) {
// Agg cursors handle their own locking internally.
ctx.reset(); // unlocks
}
PlanExecutor* exec = cursor->getExecutor();
exec->restoreState(txn);
// If we're tailing a capped collection, retrieve a monotonically increasing insert
// counter.
uint64_t lastInsertCount = 0;
if (isCursorAwaitData(cursor)) {
invariant(ctx->getCollection()->isCapped());
lastInsertCount = ctx->getCollection()->getCappedInsertNotifier()->getCount();
}
CursorId respondWithId = 0;
BSONArrayBuilder nextBatch;
BSONObj obj;
PlanExecutor::ExecState state;
int numResults = 0;
Status batchStatus = generateBatch(cursor, request, &nextBatch, &state, &numResults);
if (!batchStatus.isOK()) {
return appendCommandStatus(result, batchStatus);
}
// If this is an await data cursor, and we hit EOF without generating any results, then
// we block waiting for new oplog data to arrive.
if (isCursorAwaitData(cursor) && state == PlanExecutor::IS_EOF && numResults == 0) {
// Retrieve the notifier which we will wait on until new data arrives. We make sure
// to do this in the lock because once we drop the lock it is possible for the
// collection to become invalid. The notifier itself will outlive the collection if
// the collection is dropped, as we keep a shared_ptr to it.
auto notifier = ctx->getCollection()->getCappedInsertNotifier();
// Save the PlanExecutor and drop our locks.
exec->saveState();
ctx.reset();
// Block waiting for data.
Microseconds timeout(CurOp::get(txn)->getRemainingMaxTimeMicros());
notifier->waitForInsert(lastInsertCount, timeout);
notifier.reset();
ctx.reset(new AutoGetCollectionForRead(txn, request.nss));
exec->restoreState(txn);
// We woke up because either the timed_wait expired, or there was more data. Either
// way, attempt to generate another batch of results.
batchStatus = generateBatch(cursor, request, &nextBatch, &state, &numResults);
if (!batchStatus.isOK()) {
return appendCommandStatus(result, batchStatus);
}
}
if (shouldSaveCursorGetMore(state, exec, isCursorTailable(cursor))) {
respondWithId = request.cursorid;
exec->saveState();
// If maxTimeMS was set directly on the getMore rather than being rolled over
// from a previous find, then don't roll remaining micros over to the next
// getMore.
if (!hasOwnMaxTime) {
cursor->setLeftoverMaxTimeMicros(CurOp::get(txn)->getRemainingMaxTimeMicros());
}
cursor->incPos(numResults);
if (isCursorTailable(cursor) && state == PlanExecutor::IS_EOF) {
// Rather than swapping their existing RU into the client cursor, tailable
// cursors should get a new recovery unit.
ruSwapper.dismiss();
}
}
else {
CurOp::get(txn)->debug().cursorExhausted = true;
}
appendGetMoreResponseObject(respondWithId, request.nss.ns(), nextBatch.arr(), &result);
if (respondWithId) {
cursorFreer.Dismiss();
// If we are operating on an aggregation cursor, then we dropped our collection lock
// earlier and need to reacquire it in order to clean up our ClientCursorPin.
if (cursor->isAggCursor()) {
invariant(NULL == ctx.get());
unpinDBLock.reset(
new Lock::DBLock(txn->lockState(), request.nss.db(), MODE_IS));
unpinCollLock.reset(
new Lock::CollectionLock(txn->lockState(), request.nss.ns(), MODE_IS));
}
}
return true;
}
/**
* Called by db/instance.cpp. This is the getMore entry point.
*/
Message getMore(OperationContext* opCtx,
const char* ns,
int ntoreturn,
long long cursorid,
bool* exhaust,
bool* isCursorAuthorized) {
invariant(ntoreturn >= 0);
CurOp& curOp = *CurOp::get(opCtx);
curOp.ensureStarted();
// For testing, we may want to fail if we receive a getmore.
if (MONGO_FAIL_POINT(failReceivedGetmore)) {
MONGO_UNREACHABLE;
}
*exhaust = false;
const NamespaceString nss(ns);
// Cursors come in one of two flavors:
// - Cursors owned by the collection cursor manager, such as those generated via the find
// command. For these cursors, we hold the appropriate collection lock for the duration of the
// getMore using AutoGetCollectionForRead.
// - Cursors owned by the global cursor manager, such as those generated via the aggregate
// command. These cursors either hold no collection state or manage their collection state
// internally, so we acquire no locks.
//
// While we only need to acquire locks in the case of a cursor which is *not* globally owned, we
// need to create an AutoStatsTracker in either case. This is responsible for updating
// statistics in CurOp and Top. We avoid using AutoGetCollectionForReadCommand because we may
// need to drop and reacquire locks when the cursor is awaitData, but we don't want to update
// the stats twice.
//
// Note that we acquire our locks before our ClientCursorPin, in order to ensure that the pin's
// destructor is called before the lock's destructor (if there is one) so that the cursor
// cleanup can occur under the lock.
UninterruptibleLockGuard noInterrupt(opCtx->lockState());
boost::optional<AutoGetCollectionForRead> readLock;
boost::optional<AutoStatsTracker> statsTracker;
CursorManager* cursorManager;
if (CursorManager::isGloballyManagedCursor(cursorid)) {
cursorManager = CursorManager::getGlobalCursorManager();
if (boost::optional<NamespaceString> nssForCurOp = nss.isGloballyManagedNamespace()
? nss.getTargetNSForGloballyManagedNamespace()
: nss) {
AutoGetDb autoDb(opCtx, nssForCurOp->db(), MODE_IS);
const auto profilingLevel = autoDb.getDb()
? boost::optional<int>{autoDb.getDb()->getProfilingLevel()}
: boost::none;
statsTracker.emplace(opCtx, *nssForCurOp, Top::LockType::NotLocked, profilingLevel);
auto view = autoDb.getDb()
? autoDb.getDb()->getViewCatalog()->lookup(opCtx, nssForCurOp->ns())
: nullptr;
uassert(
ErrorCodes::CommandNotSupportedOnView,
str::stream() << "Namespace " << nssForCurOp->ns()
<< " is a view. OP_GET_MORE operations are not supported on views. "
<< "Only clients which support the getMore command can be used to "
"query views.",
!view);
}
} else {
readLock.emplace(opCtx, nss);
const int doNotChangeProfilingLevel = 0;
statsTracker.emplace(opCtx,
nss,
Top::LockType::ReadLocked,
readLock->getDb() ? readLock->getDb()->getProfilingLevel()
: doNotChangeProfilingLevel);
Collection* collection = readLock->getCollection();
uassert(
ErrorCodes::OperationFailed, "collection dropped between getMore calls", collection);
cursorManager = collection->getCursorManager();
// This checks to make sure the operation is allowed on a replicated node. Since we are not
// passing in a query object (necessary to check SlaveOK query option), we allow reads
// whether we are PRIMARY or SECONDARY.
uassertStatusOK(
repl::ReplicationCoordinator::get(opCtx)->checkCanServeReadsFor(opCtx, nss, true));
}
LOG(5) << "Running getMore, cursorid: " << cursorid;
// A pin performs a CC lookup and if there is a CC, increments the CC's pin value so it
// doesn't time out. Also informs ClientCursor that there is somebody actively holding the
// CC, so don't delete it.
auto ccPin = cursorManager->pinCursor(opCtx, cursorid);
// These are set in the QueryResult msg we return.
int resultFlags = ResultFlag_AwaitCapable;
int numResults = 0;
int startingResult = 0;
const int InitialBufSize =
512 + sizeof(QueryResult::Value) + FindCommon::kMaxBytesToReturnToClientAtOnce;
BufBuilder bb(InitialBufSize);
bb.skip(sizeof(QueryResult::Value));
if (!ccPin.isOK()) {
if (ccPin == ErrorCodes::CursorNotFound) {
cursorid = 0;
resultFlags = ResultFlag_CursorNotFound;
} else {
uassertStatusOK(ccPin.getStatus());
}
} else {
ClientCursor* cc = ccPin.getValue().getCursor();
// Check for spoofing of the ns such that it does not match the one originally
// there for the cursor.
uassert(ErrorCodes::Unauthorized,
str::stream() << "Requested getMore on namespace " << ns << ", but cursor "
<< cursorid
<< " belongs to namespace "
<< cc->nss().ns(),
nss == cc->nss());
// A user can only call getMore on their own cursor. If there were multiple users
// authenticated when the cursor was created, then at least one of them must be
// authenticated in order to run getMore on the cursor.
uassert(ErrorCodes::Unauthorized,
str::stream() << "cursor id " << cursorid
<< " was not created by the authenticated user",
AuthorizationSession::get(opCtx->getClient())
->isCoauthorizedWith(cc->getAuthenticatedUsers()));
*isCursorAuthorized = true;
const auto replicationMode = repl::ReplicationCoordinator::get(opCtx)->getReplicationMode();
opCtx->recoveryUnit()->setReadConcernLevelAndReplicationMode(cc->getReadConcernLevel(),
replicationMode);
// TODO SERVER-33698: Remove kSnapshotReadConcern clause once we can guarantee that a
// readConcern level snapshot getMore will have an established point-in-time WiredTiger
// snapshot.
if (replicationMode == repl::ReplicationCoordinator::modeReplSet &&
(cc->getReadConcernLevel() == repl::ReadConcernLevel::kMajorityReadConcern ||
cc->getReadConcernLevel() == repl::ReadConcernLevel::kSnapshotReadConcern)) {
uassertStatusOK(opCtx->recoveryUnit()->obtainMajorityCommittedSnapshot());
}
uassert(40548,
"OP_GET_MORE operations are not supported on tailable aggregations. Only clients "
"which support the getMore command can be used on tailable aggregations.",
readLock || !cc->isAwaitData());
// If the operation that spawned this cursor had a time limit set, apply leftover
// time to this getmore.
if (cc->getLeftoverMaxTimeMicros() < Microseconds::max()) {
uassert(40136,
"Illegal attempt to set operation deadline within DBDirectClient",
!opCtx->getClient()->isInDirectClient());
opCtx->setDeadlineAfterNowBy(cc->getLeftoverMaxTimeMicros());
}
opCtx->checkForInterrupt(); // May trigger maxTimeAlwaysTimeOut fail point.
// What number result are we starting at? Used to fill out the reply.
startingResult = cc->pos();
uint64_t notifierVersion = 0;
std::shared_ptr<CappedInsertNotifier> notifier;
if (cc->isAwaitData()) {
invariant(readLock->getCollection()->isCapped());
// Retrieve the notifier which we will wait on until new data arrives. We make sure
// to do this in the lock because once we drop the lock it is possible for the
// collection to become invalid. The notifier itself will outlive the collection if
// the collection is dropped, as we keep a shared_ptr to it.
notifier = readLock->getCollection()->getCappedInsertNotifier();
// Must get the version before we call generateBatch in case a write comes in after
// that call and before we call wait on the notifier.
notifierVersion = notifier->getVersion();
}
PlanExecutor* exec = cc->getExecutor();
exec->reattachToOperationContext(opCtx);
uassertStatusOK(exec->restoreState());
auto planSummary = Explain::getPlanSummary(exec);
{
stdx::lock_guard<Client> lk(*opCtx->getClient());
curOp.setPlanSummary_inlock(planSummary);
// Ensure that the original query object is available in the slow query log, profiler
// and currentOp. Upconvert _query to resemble a getMore command, and set the original
// command or upconverted legacy query in the originatingCommand field.
curOp.setOpDescription_inlock(upconvertGetMoreEntry(nss, cursorid, ntoreturn));
curOp.setOriginatingCommand_inlock(cc->getOriginatingCommandObj());
}
PlanExecutor::ExecState state;
// We report keysExamined and docsExamined to OpDebug for a given getMore operation. To
// obtain these values we need to take a diff of the pre-execution and post-execution
// metrics, as they accumulate over the course of a cursor's lifetime.
PlanSummaryStats preExecutionStats;
Explain::getSummaryStats(*exec, &preExecutionStats);
generateBatch(ntoreturn, cc, &bb, &numResults, &state);
// If this is an await data cursor, and we hit EOF without generating any results, then
// we block waiting for new data to arrive.
if (cc->isAwaitData() && state == PlanExecutor::IS_EOF && numResults == 0) {
// Save the PlanExecutor and drop our locks.
exec->saveState();
readLock.reset();
// Block waiting for data for up to 1 second. Time spent blocking is not counted towards
// the total operation latency.
curOp.pauseTimer();
Seconds timeout(1);
notifier->waitUntil(notifierVersion,
opCtx->getServiceContext()->getPreciseClockSource()->now() +
timeout);
notifier.reset();
curOp.resumeTimer();
// Reacquiring locks.
readLock.emplace(opCtx, nss);
uassertStatusOK(exec->restoreState());
// We woke up because either the timed_wait expired, or there was more data. Either
// way, attempt to generate another batch of results.
generateBatch(ntoreturn, cc, &bb, &numResults, &state);
}
PlanSummaryStats postExecutionStats;
Explain::getSummaryStats(*exec, &postExecutionStats);
postExecutionStats.totalKeysExamined -= preExecutionStats.totalKeysExamined;
postExecutionStats.totalDocsExamined -= preExecutionStats.totalDocsExamined;
curOp.debug().setPlanSummaryMetrics(postExecutionStats);
// We do not report 'execStats' for aggregation or other globally managed cursors, both in
// the original request and subsequent getMore. It would be useful to have this information
// for an aggregation, but the source PlanExecutor could be destroyed before we know whether
// we need execStats and we do not want to generate for all operations due to cost.
if (!CursorManager::isGloballyManagedCursor(cursorid) && curOp.shouldDBProfile()) {
BSONObjBuilder execStatsBob;
Explain::getWinningPlanStats(exec, &execStatsBob);
curOp.debug().execStats = execStatsBob.obj();
}
// Our two possible ClientCursorPin cleanup paths are:
// 1) If the cursor is not going to be saved, we call deleteUnderlying() on the pin.
// 2) If the cursor is going to be saved, we simply let the pin go out of scope. In this
// case, the pin's destructor will be invoked, which will call release() on the pin.
// Because our ClientCursorPin is declared after our lock is declared, this will happen
// under the lock if any locking was necessary.
if (!shouldSaveCursorGetMore(state, exec, cc->isTailable())) {
ccPin.getValue().deleteUnderlying();
// cc is now invalid, as is the executor
cursorid = 0;
cc = nullptr;
curOp.debug().cursorExhausted = true;
LOG(5) << "getMore NOT saving client cursor, ended with state "
<< PlanExecutor::statestr(state);
} else {
// Continue caching the ClientCursor.
cc->incPos(numResults);
exec->saveState();
exec->detachFromOperationContext();
LOG(5) << "getMore saving client cursor ended with state "
<< PlanExecutor::statestr(state);
*exhaust = cc->queryOptions() & QueryOption_Exhaust;
// We assume that cursors created through a DBDirectClient are always used from their
// original OperationContext, so we do not need to move time to and from the cursor.
if (!opCtx->getClient()->isInDirectClient()) {
// If the getmore had a time limit, remaining time is "rolled over" back to the
// cursor (for use by future getmore ops).
cc->setLeftoverMaxTimeMicros(opCtx->getRemainingMaxTimeMicros());
}
}
}
QueryResult::View qr = bb.buf();
qr.msgdata().setLen(bb.len());
qr.msgdata().setOperation(opReply);
qr.setResultFlags(resultFlags);
qr.setCursorId(cursorid);
qr.setStartingFrom(startingResult);
qr.setNReturned(numResults);
LOG(5) << "getMore returned " << numResults << " results\n";
return Message(bb.release());
}
/**
* Called by db/instance.cpp. This is the getMore entry point.
*/
Message getMore(OperationContext* txn,
const char* ns,
int ntoreturn,
long long cursorid,
bool* exhaust,
bool* isCursorAuthorized) {
invariant(ntoreturn >= 0);
CurOp& curOp = *CurOp::get(txn);
// For testing, we may want to fail if we receive a getmore.
if (MONGO_FAIL_POINT(failReceivedGetmore)) {
invariant(0);
}
*exhaust = false;
const NamespaceString nss(ns);
// Depending on the type of cursor being operated on, we hold locks for the whole getMore,
// or none of the getMore, or part of the getMore. The three cases in detail:
//
// 1) Normal cursor: we lock with "ctx" and hold it for the whole getMore.
// 2) Cursor owned by global cursor manager: we don't lock anything. These cursors don't own
// any collection state. These cursors are generated either by the listCollections or
// listIndexes commands, as these special cursor-generating commands operate over catalog
// data rather than targeting the data within a collection.
// 3) Agg cursor: we lock with "ctx", then release, then relock with "unpinDBLock" and
// "unpinCollLock". This is because agg cursors handle locking internally (hence the
// release), but the pin and unpin of the cursor must occur under the collection lock.
// We don't use our AutoGetCollectionForRead "ctx" to relock, because
// AutoGetCollectionForRead checks the sharding version (and we want the relock for the
// unpin to succeed even if the sharding version has changed).
//
// Note that we declare our locks before our ClientCursorPin, in order to ensure that the
// pin's destructor is called before the lock destructors (so that the unpin occurs under
// the lock).
unique_ptr<AutoGetCollectionForRead> ctx;
unique_ptr<Lock::DBLock> unpinDBLock;
unique_ptr<Lock::CollectionLock> unpinCollLock;
CursorManager* cursorManager;
if (nss.isListIndexesCursorNS() || nss.isListCollectionsCursorNS()) {
// List collections and list indexes are special cursor-generating commands whose
// cursors are managed globally, as they operate over catalog data rather than targeting
// the data within a collection.
cursorManager = CursorManager::getGlobalCursorManager();
} else {
ctx = stdx::make_unique<AutoGetCollectionOrViewForRead>(txn, nss);
auto viewCtx = static_cast<AutoGetCollectionOrViewForRead*>(ctx.get());
if (viewCtx->getView()) {
uasserted(
ErrorCodes::CommandNotSupportedOnView,
str::stream() << "Namespace " << nss.ns()
<< " is a view. OP_GET_MORE operations are not supported on views. "
<< "Only clients which support the getMore command can be used to "
"query views.");
}
Collection* collection = ctx->getCollection();
uassert(17356, "collection dropped between getMore calls", collection);
cursorManager = collection->getCursorManager();
}
LOG(5) << "Running getMore, cursorid: " << cursorid;
// This checks to make sure the operation is allowed on a replicated node. Since we are not
// passing in a query object (necessary to check SlaveOK query option), the only state where
// reads are allowed is PRIMARY (or master in master/slave). This function uasserts if
// reads are not okay.
Status status = repl::getGlobalReplicationCoordinator()->checkCanServeReadsFor(txn, nss, true);
uassertStatusOK(status);
// A pin performs a CC lookup and if there is a CC, increments the CC's pin value so it
// doesn't time out. Also informs ClientCursor that there is somebody actively holding the
// CC, so don't delete it.
auto ccPin = cursorManager->pinCursor(cursorid);
// These are set in the QueryResult msg we return.
int resultFlags = ResultFlag_AwaitCapable;
int numResults = 0;
int startingResult = 0;
const int InitialBufSize =
512 + sizeof(QueryResult::Value) + FindCommon::kMaxBytesToReturnToClientAtOnce;
BufBuilder bb(InitialBufSize);
bb.skip(sizeof(QueryResult::Value));
if (!ccPin.isOK()) {
invariant(ccPin == ErrorCodes::CursorNotFound);
cursorid = 0;
resultFlags = ResultFlag_CursorNotFound;
} else {
ClientCursor* cc = ccPin.getValue().getCursor();
// Check for spoofing of the ns such that it does not match the one originally
// there for the cursor.
uassert(ErrorCodes::Unauthorized,
str::stream() << "Requested getMore on namespace " << ns << ", but cursor "
<< cursorid
<< " belongs to namespace "
<< cc->ns(),
ns == cc->ns());
*isCursorAuthorized = true;
if (cc->isReadCommitted())
uassertStatusOK(txn->recoveryUnit()->setReadFromMajorityCommittedSnapshot());
// Reset timeout timer on the cursor since the cursor is still in use.
cc->resetIdleTime();
// If the operation that spawned this cursor had a time limit set, apply leftover
// time to this getmore.
if (cc->getLeftoverMaxTimeMicros() < Microseconds::max()) {
uassert(40136,
"Illegal attempt to set operation deadline within DBDirectClient",
!txn->getClient()->isInDirectClient());
txn->setDeadlineAfterNowBy(cc->getLeftoverMaxTimeMicros());
}
txn->checkForInterrupt(); // May trigger maxTimeAlwaysTimeOut fail point.
cc->updateSlaveLocation(txn);
if (cc->isAggCursor()) {
// Agg cursors handle their own locking internally.
ctx.reset(); // unlocks
}
// If we're replaying the oplog, we save the last time that we read.
Timestamp slaveReadTill;
// What number result are we starting at? Used to fill out the reply.
startingResult = cc->pos();
uint64_t notifierVersion = 0;
std::shared_ptr<CappedInsertNotifier> notifier;
if (isCursorAwaitData(cc)) {
invariant(ctx->getCollection()->isCapped());
// Retrieve the notifier which we will wait on until new data arrives. We make sure
// to do this in the lock because once we drop the lock it is possible for the
// collection to become invalid. The notifier itself will outlive the collection if
// the collection is dropped, as we keep a shared_ptr to it.
notifier = ctx->getCollection()->getCappedInsertNotifier();
// Must get the version before we call generateBatch in case a write comes in after
// that call and before we call wait on the notifier.
notifierVersion = notifier->getVersion();
}
PlanExecutor* exec = cc->getExecutor();
exec->reattachToOperationContext(txn);
exec->restoreState();
auto planSummary = Explain::getPlanSummary(exec);
{
stdx::lock_guard<Client>(*txn->getClient());
curOp.setPlanSummary_inlock(planSummary);
// Ensure that the original query or command object is available in the slow query log,
// profiler and currentOp.
curOp.setQuery_inlock(cc->getQuery());
}
PlanExecutor::ExecState state;
// We report keysExamined and docsExamined to OpDebug for a given getMore operation. To
// obtain these values we need to take a diff of the pre-execution and post-execution
// metrics, as they accumulate over the course of a cursor's lifetime.
PlanSummaryStats preExecutionStats;
Explain::getSummaryStats(*exec, &preExecutionStats);
generateBatch(ntoreturn, cc, &bb, &numResults, &slaveReadTill, &state);
// If this is an await data cursor, and we hit EOF without generating any results, then
// we block waiting for new data to arrive.
if (isCursorAwaitData(cc) && state == PlanExecutor::IS_EOF && numResults == 0) {
// Save the PlanExecutor and drop our locks.
exec->saveState();
ctx.reset();
// Block waiting for data for up to 1 second.
Seconds timeout(1);
notifier->wait(notifierVersion, timeout);
notifier.reset();
// Set expected latency to match wait time. This makes sure the logs aren't spammed
// by awaitData queries that exceed slowms due to blocking on the CappedInsertNotifier.
curOp.setExpectedLatencyMs(durationCount<Milliseconds>(timeout));
// Reacquiring locks.
ctx = make_unique<AutoGetCollectionForRead>(txn, nss);
exec->restoreState();
// We woke up because either the timed_wait expired, or there was more data. Either
// way, attempt to generate another batch of results.
generateBatch(ntoreturn, cc, &bb, &numResults, &slaveReadTill, &state);
}
PlanSummaryStats postExecutionStats;
Explain::getSummaryStats(*exec, &postExecutionStats);
postExecutionStats.totalKeysExamined -= preExecutionStats.totalKeysExamined;
postExecutionStats.totalDocsExamined -= preExecutionStats.totalDocsExamined;
curOp.debug().setPlanSummaryMetrics(postExecutionStats);
// We do not report 'execStats' for aggregation, both in the original request and
// subsequent getMore. The reason for this is that aggregation's source PlanExecutor
// could be destroyed before we know whether we need execStats and we do not want to
// generate for all operations due to cost.
if (!cc->isAggCursor() && curOp.shouldDBProfile()) {
BSONObjBuilder execStatsBob;
Explain::getWinningPlanStats(exec, &execStatsBob);
curOp.debug().execStats = execStatsBob.obj();
}
// We have to do this before re-acquiring locks in the agg case because
// shouldSaveCursorGetMore() can make a network call for agg cursors.
//
// TODO: Getting rid of PlanExecutor::isEOF() in favor of PlanExecutor::IS_EOF would mean
// that this network operation is no longer necessary.
const bool shouldSaveCursor = shouldSaveCursorGetMore(state, exec, isCursorTailable(cc));
// In order to deregister a cursor, we need to be holding the DB + collection lock and
// if the cursor is aggregation, we release these locks.
if (cc->isAggCursor()) {
invariant(NULL == ctx.get());
unpinDBLock = make_unique<Lock::DBLock>(txn->lockState(), nss.db(), MODE_IS);
unpinCollLock = make_unique<Lock::CollectionLock>(txn->lockState(), nss.ns(), MODE_IS);
}
// Our two possible ClientCursorPin cleanup paths are:
// 1) If the cursor is not going to be saved, we call deleteUnderlying() on the pin.
// 2) If the cursor is going to be saved, we simply let the pin go out of scope. In
// this case, the pin's destructor will be invoked, which will call release() on the
// pin. Because our ClientCursorPin is declared after our lock is declared, this
// will happen under the lock.
if (!shouldSaveCursor) {
ccPin.getValue().deleteUnderlying();
// cc is now invalid, as is the executor
cursorid = 0;
cc = NULL;
curOp.debug().cursorExhausted = true;
LOG(5) << "getMore NOT saving client cursor, ended with state "
<< PlanExecutor::statestr(state);
} else {
// Continue caching the ClientCursor.
cc->incPos(numResults);
exec->saveState();
exec->detachFromOperationContext();
LOG(5) << "getMore saving client cursor ended with state "
<< PlanExecutor::statestr(state);
// Possibly note slave's position in the oplog.
if ((cc->queryOptions() & QueryOption_OplogReplay) && !slaveReadTill.isNull()) {
cc->slaveReadTill(slaveReadTill);
}
*exhaust = cc->queryOptions() & QueryOption_Exhaust;
// If the getmore had a time limit, remaining time is "rolled over" back to the
// cursor (for use by future getmore ops).
cc->setLeftoverMaxTimeMicros(txn->getRemainingMaxTimeMicros());
}
}
QueryResult::View qr = bb.buf();
qr.msgdata().setLen(bb.len());
qr.msgdata().setOperation(opReply);
qr.setResultFlags(resultFlags);
qr.setCursorId(cursorid);
qr.setStartingFrom(startingResult);
qr.setNReturned(numResults);
LOG(5) << "getMore returned " << numResults << " results\n";
return Message(bb.release());
}
TEST_F(CursorManagerTestCustomOpCtx,
KillAllCursorsForTransactionRemovesCorrectEntryFromTransactionMap) {
CursorManager* cursorManager = CursorManager::getGlobalCursorManager();
// Create 3 sets of cursors, each with a unique LogicalSessionId/TxnNumber pair, but each
// sharing either LogicalSessionId or TxnNumber with another set.
auto lsid1 = makeLogicalSessionIdForTest();
TxnNumber txnNumber1 = 0;
{
auto opCtx = _queryServiceContext->makeOperationContext(lsid1, txnNumber1);
auto pinned = cursorManager->registerCursor(opCtx.get(),
{makeFakePlanExecutor(),
NamespaceString{"test.collection"},
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
pinned.release();
}
auto lsid2 = lsid1;
TxnNumber txnNumber2 = 1;
{
auto opCtx = _queryServiceContext->makeOperationContext(lsid2, txnNumber2);
auto pinned = cursorManager->registerCursor(opCtx.get(),
{makeFakePlanExecutor(),
NamespaceString{"test.collection"},
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
pinned.release();
}
auto lsid3 = makeLogicalSessionIdForTest();
TxnNumber txnNumber3 = txnNumber1;
{
auto opCtx = _queryServiceContext->makeOperationContext(lsid3, txnNumber3);
// Create 2 cursors for the third set to confirm multiple cursor deregistration.
auto pinned = cursorManager->registerCursor(opCtx.get(),
{makeFakePlanExecutor(),
NamespaceString{"test.collection"},
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
pinned.release();
pinned = cursorManager->registerCursor(opCtx.get(),
{makeFakePlanExecutor(),
NamespaceString{"test.collection"},
{},
repl::ReadConcernLevel::kLocalReadConcern,
BSONObj()});
pinned.release();
}
auto opCtx = _queryServiceContext->makeOperationContext();
// Transaction reference exists for all 3 sets.
ASSERT_TRUE(cursorManager->hasTransactionCursorReference(lsid1, txnNumber1));
ASSERT_TRUE(cursorManager->hasTransactionCursorReference(lsid2, txnNumber2));
ASSERT_TRUE(cursorManager->hasTransactionCursorReference(lsid3, txnNumber3));
// Transaction reference does not exist for LogicalSessionId/TxnNumber that has no cursors.
ASSERT_FALSE(cursorManager->hasTransactionCursorReference(makeLogicalSessionIdForTest(), 99));
// Kill cursors for set 1.
ASSERT_EQ(1ul, cursorManager->killAllCursorsForTransaction(opCtx.get(), lsid1, txnNumber1));
ASSERT_FALSE(cursorManager->hasTransactionCursorReference(lsid1, txnNumber1));
ASSERT_TRUE(cursorManager->hasTransactionCursorReference(lsid2, txnNumber2));
ASSERT_TRUE(cursorManager->hasTransactionCursorReference(lsid3, txnNumber3));
// Kill cursors for set 2.
ASSERT_EQ(1ul, cursorManager->killAllCursorsForTransaction(opCtx.get(), lsid2, txnNumber2));
ASSERT_FALSE(cursorManager->hasTransactionCursorReference(lsid2, txnNumber2));
ASSERT_TRUE(cursorManager->hasTransactionCursorReference(lsid3, txnNumber3));
// Kill cursors for set 3.
ASSERT_EQ(2ul, cursorManager->killAllCursorsForTransaction(opCtx.get(), lsid3, txnNumber3));
ASSERT_FALSE(cursorManager->hasTransactionCursorReference(lsid3, txnNumber3));
}
/**
* Generates the next batch of results for a ClientCursor.
*
* TODO: Do we need to support some equivalent of OP_REPLY responseFlags?
*
* TODO: Is it possible to support awaitData?
*/
bool run(OperationContext* txn,
const std::string& dbname,
BSONObj& cmdObj,
int options,
std::string& errmsg,
BSONObjBuilder& result) override {
// Counted as a getMore, not as a command.
globalOpCounters.gotGetMore();
if (txn->getClient()->isInDirectClient()) {
return appendCommandStatus(result,
Status(ErrorCodes::IllegalOperation,
"Cannot run getMore command from eval()"));
}
StatusWith<GetMoreRequest> parseStatus = GetMoreRequest::parseFromBSON(dbname, cmdObj);
if (!parseStatus.isOK()) {
return appendCommandStatus(result, parseStatus.getStatus());
}
const GetMoreRequest& request = parseStatus.getValue();
// Depending on the type of cursor being operated on, we hold locks for the whole
// getMore, or none of the getMore, or part of the getMore. The three cases in detail:
//
// 1) Normal cursor: we lock with "ctx" and hold it for the whole getMore.
// 2) Cursor owned by global cursor manager: we don't lock anything. These cursors
// don't own any collection state.
// 3) Agg cursor: we lock with "ctx", then release, then relock with "unpinDBLock" and
// "unpinCollLock". This is because agg cursors handle locking internally (hence the
// release), but the pin and unpin of the cursor must occur under the collection
// lock. We don't use our AutoGetCollectionForRead "ctx" to relock, because
// AutoGetCollectionForRead checks the sharding version (and we want the relock for
// the unpin to succeed even if the sharding version has changed).
//
// Note that we declare our locks before our ClientCursorPin, in order to ensure that
// the pin's destructor is called before the lock destructors (so that the unpin occurs
// under the lock).
std::unique_ptr<AutoGetCollectionForRead> ctx;
std::unique_ptr<Lock::DBLock> unpinDBLock;
std::unique_ptr<Lock::CollectionLock> unpinCollLock;
CursorManager* cursorManager;
CursorManager* globalCursorManager = CursorManager::getGlobalCursorManager();
if (globalCursorManager->ownsCursorId(request.cursorid)) {
cursorManager = globalCursorManager;
}
else {
ctx.reset(new AutoGetCollectionForRead(txn, request.nss));
Collection* collection = ctx->getCollection();
if (!collection) {
return appendCommandStatus(result,
Status(ErrorCodes::OperationFailed,
"collection dropped between getMore calls"));
}
cursorManager = collection->getCursorManager();
}
ClientCursorPin ccPin(cursorManager, request.cursorid);
ClientCursor* cursor = ccPin.c();
if (!cursor) {
// We didn't find the cursor.
return appendCommandStatus(result, Status(ErrorCodes::CursorNotFound, str::stream()
<< "Cursor not found, cursor id: " << request.cursorid));
}
if (request.nss.ns() != cursor->ns()) {
return appendCommandStatus(result, Status(ErrorCodes::Unauthorized, str::stream()
<< "Requested getMore on namespace '" << request.nss.ns()
<< "', but cursor belongs to a different namespace"));
}
// On early return, get rid of the the cursor.
ScopeGuard cursorFreer = MakeGuard(&ClientCursorPin::deleteUnderlying, ccPin);
if (!cursor->hasRecoveryUnit()) {
// Start using a new RecoveryUnit.
cursor->setOwnedRecoveryUnit(
getGlobalServiceContext()->getGlobalStorageEngine()->newRecoveryUnit());
}
// Swap RecoveryUnit(s) between the ClientCursor and OperationContext.
ScopedRecoveryUnitSwapper ruSwapper(cursor, txn);
// Reset timeout timer on the cursor since the cursor is still in use.
cursor->setIdleTime(0);
// If the operation that spawned this cursor had a time limit set, apply leftover
// time to this getmore.
txn->getCurOp()->setMaxTimeMicros(cursor->getLeftoverMaxTimeMicros());
txn->checkForInterrupt(); // May trigger maxTimeAlwaysTimeOut fail point.
if (cursor->isAggCursor()) {
// Agg cursors handle their own locking internally.
ctx.reset(); // unlocks
}
PlanExecutor* exec = cursor->getExecutor();
exec->restoreState(txn);
// TODO: Handle result sets larger than 16MB.
BSONArrayBuilder nextBatch;
BSONObj obj;
PlanExecutor::ExecState state;
int numResults = 0;
while (PlanExecutor::ADVANCED == (state = exec->getNext(&obj, NULL))) {
// Add result to output buffer.
nextBatch.append(obj);
numResults++;
if (enoughForGetMore(request.batchSize, numResults, nextBatch.len())) {
break;
}
}
// If we are operating on an aggregation cursor, then we dropped our collection lock
// earlier and need to reacquire it in order to clean up our ClientCursorPin.
//
// TODO: We need to ensure that this relock happens if we release the pin above in
// response to PlanExecutor::getNext() throwing an exception.
if (cursor->isAggCursor()) {
invariant(NULL == ctx.get());
unpinDBLock.reset(new Lock::DBLock(txn->lockState(), request.nss.db(), MODE_IS));
unpinCollLock.reset(
new Lock::CollectionLock(txn->lockState(), request.nss.ns(), MODE_IS));
}
// Fail the command if the PlanExecutor reports execution failure.
if (PlanExecutor::FAILURE == state) {
const std::unique_ptr<PlanStageStats> stats(exec->getStats());
error() << "GetMore executor error, stats: " << Explain::statsToBSON(*stats);
return appendCommandStatus(result,
Status(ErrorCodes::OperationFailed,
str::stream() << "GetMore executor error: "
<< WorkingSetCommon::toStatusString(obj)));
}
CursorId respondWithId = 0;
if (shouldSaveCursorGetMore(state, exec, isCursorTailable(cursor))) {
respondWithId = request.cursorid;
exec->saveState();
cursor->setLeftoverMaxTimeMicros(txn->getCurOp()->getRemainingMaxTimeMicros());
cursor->incPos(numResults);
if (isCursorTailable(cursor) && state == PlanExecutor::IS_EOF) {
// Rather than swapping their existing RU into the client cursor, tailable
// cursors should get a new recovery unit.
ruSwapper.dismiss();
}
}
else {
txn->getCurOp()->debug().cursorExhausted = true;
}
appendGetMoreResponseObject(respondWithId, request.nss.ns(), nextBatch.arr(), &result);
if (respondWithId) {
cursorFreer.Dismiss();
}
return true;
}
