Database Systems
( 資料庫系統 )
December 20, 2004
Chapter 16
Announcement
• Assignment #9 (Sort-Merge Join) is due tomorrow.
Cool Ubicomp Project
GETA Sandals (NTU, 2004)
• Sandals that track your physical location (work both indoor & outdoor) • Completely infrastructure free
Starting point vd3 vd1 Σvdi vd4 vd2
Overview of Transaction
Management
Transaction
• Transaction =
one execution of a user program
.
– Example: transfer money from account A to account B. – A Sequence of Read & Write Operations• For good performance,
concurrent execution
of user
programs is needed.
– Disk accesses are slow and frequent, it is important to keep the CPU running by working on several user programs concurrently.
– Concurrency Control ensures that the result of concurrent execution of several transactions is the same as some serial (one at a time) execution of the same set of transactions.
• Must handle
system crash
in the middle of a transaction
(or
aborted transactions
).
Outline
• Four fundamental properties of transactions (ACID)
– Atomic, Consistency, Isolation, Durability• Schedule actions in a set of concurrent transactions
• Problems in concurrent execution of transactions
• Lock-based concurrency control (Strict 2PL)
• Performance issues with lock-based concurrency control
• Transaction support in SQL
ACID Properties
• The DBMS’s abstract view of a transaction: a sequence
of
read
and
write
actions.
• Atomic
: either all actions in a transaction are carried out
or none.
– Transfer $100 from account A to account B: R(A), A=A-100, W(A), R(B), B=B+100, W(B) => all actions or none (retry). – The system ensures this property.
– How can a transaction be incomplete? Three reasons: aborted by DBMS, system crash, or error in user program.
– How to ensure atomicity during a crash? Maintain a log of write actions in partial transactions. Read the log and undo these write actions.
ACID Properties (2)
• Consistency
: run by itself with no concurrent execution
leave the DB in a “good” state.
– This is the responsibility of the user.
– No increase in total balance during a transfer => the user makes sure that credit and debit the same amount.
• Isolation
: transactions are protected from effects of
concurrently scheduling other transactions.
– The system (concurrency control) ensures this property.
– The result of concurrent execution is the same as some order of serial execution (no interleaving).
ACID Properties (3)
• Durability
: the effect of a completed transaction should
persist across system crashes.
– The system (crash recovery) ensures durability property and atomicity property.
– What can a DBMS do ensure durability? Maintain a log of write actions in partial transactions. If system crashes before the
changes are made to disk, read the log to remember and restore changes when the system restarts.
Schedules
• A transaction is seen by DBMS as a list of
read
and
write
actions on DB objects (tuples or tables).
– Denote RT(O), WT(O) as read and write actions of transaction T on
object O.
• A transaction also need to specify a final action:
– commit action means the transaction completes successfully.
– abort action means to terminate and undo all actions
• A schedule is an execution sequence of actions (read,
write, commit, abort) from a set of transactions.
– A schedule can interleave actions from different transactions. – A serial schedule has no interleaving actions from different
Examples of Schedules
T1 T2 R(A) W(A) R(B) W(B) Commit R(C) W(C) Commit T1 T2 R(A) W(A) R(C) W(C) Commit R(B) W(B) CommitSerial Schedule
Schedule with
Interleaving Execution
Concurrent Execution of
Transactions
• Why do concurrent executions of
transactions?
– Better performance.
– Disk I/O is slow. While waiting for disk I/O on one transaction (T1), switch to another
transaction (T2) to keep the CPU busy.
• System throughput
:
the average number of transactions completed in a given time (persecond).
• Response Time
:
difference betweentransaction completion time and submission time. – Concurrent execution helps response time of
small transaction (T2). T1 T2 R(A) W(A) R(B) W(B) Commit R(C) W(C) Commit
Serializable Schedule
• A
serializable schedule
is a schedule that
produces identical result as some serial
schedule.
– A serial schedule has no interleaving actions from multiple transactions.
• We have a serializable schedule of T1 &
T2.
– Assume that T2:W(A) does not influence T1:W(B).
– It produces the same result as executing T1 then T2 (denote T1;T2). T1 T2 R(A) W(A) R(A) W(A) R(B) W(B) R(B) W(B) Commit Commit
Anomalies in Interleaved Execution
• Under what situations can an arbitrary (non-serializable)
schedule produce inconsistent results from a serial
schedule?
– It can happen in three possible situations in interleaved execution.
– Write-read (WR) conflict – Read-write (RW) conflict – Write-write (WW) conflict
WR Conflict (Dirty Read)
• Situation: T2 reads an object that has been modified by T1, but T1 has not committed. • T1 transfers $100 from A to B. T2 adds 6%
interests to A and B. A bad schedule: – Step 1: deduct $100 from A.
– Step 2: add 6% interest to A & B. – Step 3: credit $100 in B.
• Why is the problem?
– The result is different from any serial schedule -> Bank adds $6 less interest.
– Why? Inconsistent state when T2 completes. The value of A written by T1 is read by T2 before T1 completes.
• A Transaction must leave DB in a consistent
T1 T2 R(A) W(A) R(A) W(A) R(B) W(B) Commit R(B) W(B) Inconsistent State
RW Conflicts (Unrepeatable Read)
• Situation: T2 modifies A that has been read by T1, while T1 is still in progress.
– When T1 tries to read A again, it will get a different result, although it has not modified A in the meantime.
• A is the number of available copies of a book = 1. T1 wants to buy one copy. T2 wants to buy one copy. T1 gets an error.
– The result is different from any serial schedule T1 T2 R(A=1) Check if (A>0) R(A=1) Check if (A>0) W(A=0) W(A) Error! Commit Commit
WW Conflict (Overwriting
Uncommitted Data)
• Situation: T2 overwrites the value of an object A, which has already been
modified by T1, while T1 is still in progress.
• T1 wants to set salaries of Harry & Larry to ($2000, $2000). T2 wants to set them to ($1000, $1000).
– The left schedule can produce the results ($1000, $2000).
– The result is different from any serial schedule.
– This is called lost update (T2 overwrites T1’s A value, so T1’s value of A is lost.)
T1 T2 W(A) W(A) W(B) Commit W(B) Commit
Schedules with Aborted
Transactions
• Serializable schedule needs to produce the correct results under aborted transactions.
– For aborted transactions, undo all their actions as if they were never carried out (atomic property). • T1 deducts $100 from A. T2 adds 6% interests
to A. A bad schedule:
– Step 1: T1 deducts $100 from A.
– Step 2: T2 adds 6% interest to A. commit. – Step 3: T1 abort!
• Why is the problem?
– Undo T1 => T2 has read a value for A that should never been there. But T2 has committed! (may not be able to undo committed actions).
– This is called unrecoverable schedule.
T1 T2 R(A) W(A) R(A) W(A) R(B) W(B) Commit Abort
Another Problem in Undo
• Undo T1: restores value of A
to before T1’s change (A=5).
• Problem: T2’s change to A is
also lost, even if T2 has
already committed.
T1 T2 A=5 R(A) W(A) // A=6 R(A) W(A) // A=7 R(B) W(B) Commit AbortLock-Based Concurrency Control
• Concurrency control ensures that
– (1) Only serializable, recoverable schedules are allowed
– (2) Actions of committed transactions are not lost while undoing aborted transactions.
• How to guarantee safe interleaving of transactions’ actio
ns (serializable schedule)?
– Locking protocol: Strict Two-Phase Locking (Strict 2PL)
• A
lock
is a small bookkeeping object associated with a D
B object.
– Shared lock: several transactions can have shared locks on the same DB object.
– Exclusive lock: only one transaction can have an exclusive lock on a DB object.
Strict 2PL
• Rule #1: If a transaction T wants to read an object, it requests a shared lock. Denote as S(O).
• Rule #2: If a transaction T wants to write an object, it requests an exclusive lock. Denote as X(O).
• Rule #3: When a transaction is completed (aborted), it releases
all held locks. • Notes:
– A transaction suspends when DBMS cannot grant the lock.
– Why shared lock for read? (Ok for concurrent reads but no concurrent write => avoid RW/WR conflicts)
– Why exclusive lock for write? (Allow no concurrent reads/writes => avoid RW/WR/WW conflicts)
Example #1 of Strict 2PL
T1 X(A) R(A) W(A) X(B) R(B) W(B) Commit T2 X(A) R(A) W(A) X(B) R(B) W(B) Commit T1 T2 X(A) Suspend R(A) W(A) X(B) R(B) W(B) Commit // Release locks X(A) R(A) W(A) R(B) W(B)Example #2 of Strict 2PL
T1 S(A) R(A) X(C) R(C) W(C) Commit T2 S(A) R(A) X(B) R(B) W(B) Commit T1 T2 S(A) R(A) S(A) R(A) X(B) R(B) W(B) Commit X(C) R(C) W(C)Deadlocks
• T1 and T2 will make no further
progress.
• Two ways to handle deadlock:
– Prevent deadlocks from occurring.
– Detection deadlocks and resolve
them.
• Detect deadlocked transactions
by timeout (assuming they are
waiting for a lock for too long)
Abort the transactions.
T1 T2 X(A) X(B) Request X(B) Block! Request X(A) Block too!
Performance of Locking
• Lock-based schemes are designed to
resolve conflicts between transactions. It
has two mechanisms:
– Blocking: waiting for a lock.
– Aborting: waiting for too long, restarting it.
• Both have costs and may impact
throughput (# transactions completed per
second).
– More active transaction executing
concurrently, higher the probably of blocking. – Thrashing can occur when too many blocked
transactions (or aborted transactions).
# Active Transactions T hr ou gh pu t thrashing
Improve Throughput
• Prevent thrashing: monitor % blocked transactions and
reduce the number of active transactions executing
concurrently.
• Other methods to improve throughputs:
– Lock the smallest sized objects possible (reduce the likelihood of two transactions need the same lock).
– Reduce the time that transaction hold locks (reduce blocking time of other transactions)
– Reduce hot spots (hot spots = frequently accessed and modified objects).
Transaction Support in SQL
• COMMIT
• ROLLBACK
(SQL command for abort)
• SAVEPOINT <savepoint name>
– Selective roll back (undo) actions to the specified savepoint, rather than to the beginning of the transaction (as in abort).
• ROLLBACK TO SAVEPOINT <savepoint name>
– Define savepoints A, B and C in a long-running transaction. Can rollback to A, B, or C.
• What are advantages of savepoints vs. a series of
transactions?
– Rollback to any savepoint, not just the most recent transaction. – Overhead of initiating several transactions is avoided.
What to Lock in SQL?
• Option 1: table
granularity
– T1: shared lock on S – T2: exclusive lock on S – Big sized object -> low
concurrency (T1 no|| T2)
• Option 2: row
granularity
– T1: shared lock on rows with rating = 8.
– T2: exclusive lock on rows with S.name=“Joe” AND S.rating=8 – Smaller sized objects -> better
concurrency (T1 || T2)
<T1>
SELECT S.rating, MIN(S.age) FROM Sailors S
WHERE S.rating = 8 <T2>
UPDATE Sailors S
SET S.age=10
WHERE S.name=“Joe” AND S.rating=8
Locking in SQL
• Set different
isolation level
to each transaction:
– Tradeoff with concurrency• Serializable = strict 2PL
• Read committed = shared locks released immediately a
fter reading.
• Read uncommitted = no shared lock before reading.
Isolation Level Dirty Read Unrepeatable Read
Serializable (Safest) No No
Introduction to Crash Recovery
• Recovery manager
is responsible for transaction atomicity
and durability.
– Undo actions of aborted transactions.
– Actions from committed transactions can survive system crashes.
• When a DBMS is restarted after crashes, the recovery
manager must bring DB to a consistent state.
Stealing Frames and Forcing Page
• With respect to writing objects to disk, two questions:
– Can the changes made to an object O in the buffer pool by T1be written to disk before T1 commits? Say T2 wants to bring a new page, and buffer pool replace the frame containing O. If yes, we have a steal (T2 steals a frame from T1.).
– When T1 commits, do we ensure that all changes T1 has made are immediately forced to disk? If yes, we have a force
approach.
• No-steal, yes-force policies for simple crash recovery.
– No-steal: no need to undo actions from aborted transactions. – Yes-force: no need to redo the changes of committedtransactions
Steal, No-Force Policies
• No-steal requires that all pages modified by active
transactions can fit on the buffer pool.
– Not realistic in large transactions (payroll processing).
• Yes-force results in excessive disk I/O costs given hot
spots.
– 20 transactions all update the same page, need to write 20 times.
• Most systems use steal, no-force approach for
performance reason.
– Modified pages may be written to disk before a transaction commits. – Modified pages may not be written to disk after a transaction
Write-Ahead Log
• Keep a log of the state (modifications) of the DB (before
crash)
– Log is often duplexed and archived on stable storage.
• The following actions are recorded in the log:
– Ti writes an object – Ti commits or aborts
•
Recovery needs to know which updates are (not) written to
the disk from which transactions are (not) committed.
•
The amount of work in recovery is proportional to the
changes made by committed transactions that have not
been written to disk.
ARIES (Steal, No-Force
Policies)
• There are 3 phases in the Aries recovery algorithm:
– Analysis: Scan the log forward (from the most recent
checkpoint) to identify all Transactions that were active, and all dirty pages in the buffer pool at the time of the crash.
– Redo: Redoes all updates to dirty pages in the buffer pool, as
needed, to ensure that all logged updates are in fact carried out and written to disk.
– Undo: The writes of all transactions that were active at the
crash are undone (by restoring the before value of the update, which is in the log record for the update), working backwards in the log. (Some care must be taken to handle the case of a crash occurring during the recovery process!)