[SERVER-42852] buildStages() STAGE_SHARDING_FILTER block should hold child stage tree by unique_ptr Created: 16/Aug/19  Updated: 29/Oct/23  Resolved: 04/Sep/19

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: 4.2.0, 4.3.1
Fix Version/s: 4.3.1, 4.2.10

Type: Bug Priority: Major - P3
Reporter: James Wahlin Assignee: David Storch
Resolution: Fixed Votes: 0
Labels: query-44-grooming
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v4.2
Participants:
Linked BF Score: 72

 Description   

When building a ShardFilterStage we will do the following:

1) Build the child stage tree, and hold by raw pointer

2) Get a CollectionShardingState object and use it to retrieve an orphans filter via call to CollectionShardingState::getOrphansFilter().

3) Create and return the ShardFilterStage

The call to CollectionShardingState::get() can dassert and the call to CollectionShardingState::getOrphansFilter() can uassert. In either case we will leak the child stage tree.

We should change this block to hold the child stage tree by unique_ptr and not release until after acquiring the orphans filter.



 Comments   
Comment by David Storch [ 24/Aug/20 ]

I've merged a custom, targeted fix to the 4.2 branch. The narrow fix on 4.2 applies specifically to the memory leak in the description of this ticket which can result when the StageBuilder is constructing a ShardFilterStage.

Comment by Githook User [ 24/Aug/20 ]

Author:

{'name': 'David Storch', 'email': 'david.storch@mongodb.com', 'username': 'dstorch'}

Message: SERVER-42852 Hold ShardFilterStage by unique_ptr while obtaining ScopedCollectionMetadata

This is a minimal backport of the fixes present on more
recent branches. It is designed to prevent a rare memory
leak that can occur when obtaining the
ScopedCollectionMetadata triggers a uassert.
Branch: v4.2
https://github.com/mongodb/mongo/commit/cef23d286f5f9af1295d8097b33df764cc2201fe

Comment by David Storch [ 04/Sep/19 ]

As james.wahlin suggested above, the patch merged for this ticket ensures that in all contexts PlanStage pointers are held as unique_ptr rather than raw pointer. The fix is therefore not a narrow one which applies only to STAGE_SHARDING_FILTER, but rather a broad one which cuts across the code for the PlanStage query execution tree.

Comment by Githook User [ 04/Sep/19 ]

Author:

{'name': 'David Storch', 'email': 'david.storch@mongodb.com'}

Message: SERVER-42852 Make PlanStage consistently hold children by unique_ptr.
Branch: master
https://github.com/mongodb/mongo/commit/b13188206e74dbeb66c4b663d83ed1d1f97c286b

Comment by James Wahlin [ 16/Aug/19 ]

At present stage_builder.cpp has a mix of holding child stage trees (returned by recursive buildStages() call) by raw pointer and unique_ptr. We could consider using this ticket to change all remaining places where we hold by raw pointer.

Generated at Thu Feb 08 05:01:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.