[SERVER-15166] Cursors should never be timed-out but should be closed at disconnection Created: 08/Sep/14  Updated: 24/Dec/19  Resolved: 24/Dec/19

Status: Closed
Project: Core Server
Component/s: Networking, Querying
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: PHO Assignee: DO NOT USE - Backlog - Platform Team
Resolution: Done Votes: 2
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:

 Description   

The current behavior of cursors regarding timeouts has these three problems:

  • If a cursor is created without NoCursorTimeout option, it can suddenly disappear if the client is running slowly. And there is no way to change its TTL (10 minutes).
  • If a cursor is created with NoCursorTimeout option, and the client crashes before closing it, the cursor lasts forever because no one knows its cursorID at this point.
  • Any cursors can be killed with OP_KILL_CURSORS request, even if the cursors to be killed weren't created by the requestor. This can be a security issue.

So I propose these changes:

  • Do not time-out cursors on server side. Make NoCursorTimeout option deprecated.
  • Make cursorID be local to connections, and automatically close them when the connection is closed. OP_KILL_CURSORS should ignore any cursorIDs that were not created on the connection requested it.
  • Introduce a new server command {killAllCursors: 1}

    that closes any cursors created on the connection that issued the command. Drivers can use it to clean up cursors without disconnecting.



 Comments   
Comment by Spencer Jackson [ 24/Dec/19 ]

Logical sessions does solve most of this request, and I believe changes to the authorization system makes it possible to kill your own cursors resolving the rest.

Comment by Shane Harvey [ 07/Dec/18 ]
  • If a cursor is created without NoCursorTimeout option, it can suddenly disappear if the client is running slowly. And there is no way to change its TTL (10 minutes).
  • If a cursor is created with NoCursorTimeout option, and the client crashes before closing it, the cursor lasts forever because no one knows its cursorID at this point.

These two problems have been fixed by the introduction of sessions in MongoDB 3.6 server and drivers. You can now write client side code that keeps a cursors alive as long as you want and the server will automatically clean up the cursor 30 minutes after the client crashes. See DOCS-11255 for an explanation.

Generated at Thu Feb 08 03:37:09 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.