UNIT-4

TRANSACTION MANAGEMENT
 UNIT-4 Syllabus
• Transaction Concept,
• Transaction State,
• Implementation of Atomicity and Durability,
• Chapter-15
Concurrent Executions,
Transactio
• Serializability, ns
• Recoverability,
• Implementation of Isolation,
• Testing for serializability,
• Lock Based Protocols, Chapter-16
• Timestamp Based Protocols, Concurrency
• Validation- Based Protocols, Control
• Multiple Granularity,
Chapter-17
• Recovery and Atomicity, Recovery
• Log–Based Recovery, System
• Recovery with Concurrent Transactions.
 Transaction Concept
• A transaction is a unit of program execution that accesses and
possibly updates various data items.
• A transaction is a set of operations or very small unit of a program to do
a logical task.
• E.g., transaction to transfer $50 from account A to account B:
1. read(A)
2. A := A – 50
3. write(A)
4. read(B)
5. B := B + 50
6. write(B)

• A transaction must see a consistent database.

• During transaction execution the database may be temporarily
inconsistent.
• When the transaction completes successfully (is committed), the
database must be consistent.
• After a transaction commits, the changes it has made to the database
persist, even if there are system failures.
• Multiple transactions can execute in parallel.
• Two main issues to deal with:
– Failures of various kinds, such as hardware failures and system crashes
– Concurrent execution of multiple transactions
 ACID Properties
A transaction is a unit of program execution that accesses and possibly
updates various data items.To preserve the integrity of data the database
system must ensure:
• Atomicity. Either all operations of the transaction are properly
reflected in the database or none are.
• Consistency. Execution of a transaction in isolation preserves
the consistency of the database.
• Isolation. Although multiple transactions may execute
concurrently, each transaction must be unaware of other
concurrently executing transactions. Intermediate transaction
results must be hidden from other concurrently executed
transactions.
– That is, for every pair of transactions Ti and Tj, it appears to Ti that
either Tj, finished execution before Ti started, or Tj started execution
after Ti finished.
• Durability. After a transaction completes successfully, the
changes it has made to the database persist, even if there are
 Example of Fund Transfer
• Transaction to transfer $50 from account A to account B:
1. read(A)
2. A := A – 50
3. write(A)
4. read(B)
5. B := B + 50
6. write(B)
• Atomicity requirement
– If the transaction fails after step 3 and before step 6, money will be “lost”
leading to an inconsistent database state
• Failure could be due to software or hardware
– The system should ensure that updates of a partially executed transaction
are not reflected in the database

• Durability requirement — once the user has been notified that the transaction
has completed (i.e., the transfer of the $50 has taken place), the updates to the
database by the transaction must persist even if there are software or hardware
failures.
 Example of Fund Transfer (Cont.)
• Consistency requirement in above example:
– The sum of A and B is unchanged by the execution of the
transaction
• In general, consistency requirements include
– Explicitly specified integrity constraints such as primary keys and
foreign keys
– Implicit integrity constraints
• e.g., sum of balances of all accounts, minus sum of loan
amounts must equal value of cash-in-hand
– A transaction must see a consistent database.
– During transaction execution the database may be temporarily
inconsistent.
– When the transaction completes successfully the database must
be consistent
• Erroneous transaction logic can lead to inconsistency
Example of Fund Transfer (Cont.)
• Isolation requirement — if between steps 3 and 6,
another transaction T2 is allowed to access the partially
updated database, it will see an inconsistent database
(the sum A + B will be less than it should be).

T1 T2
1. read(A)
2. A := A – 50
3. write(A)
read(A), read(B), print(A+B)
4. read(B)
5. B := B + 50
6. write(B

• Isolation can be ensured trivially by running

transactions serially
– That is, one after the other.
• However, executing multiple transactions concurrently
has significant benefits, as we will see later.
 Transaction State
• Active – the initial state; the transaction stays in
this state while it is executing
• Partially committed – after the final statement has
been executed.
• Failed -- after the discovery that normal execution
can no longer proceed.
• Aborted – after the transaction has been rolled
back and the database restored to its state prior to
the start of the transaction. Two options after it has
been aborted:
– Restart the transaction
• Can be done only if no internal logical error
– Kill the transaction
• Committed – after successful completion.
Transaction State (Cont.)
 Implementation of Atomicity and Durability
• The recovery-management component of a
database system implements the support for
atomicity and durability.
• The shadow-copy scheme:
– assume that only one transaction is active at a time.
– a pointer called db_pointer always points to the current
consistent copy of the database.
– all updates are made on a shadow copy of the
database, and db_pointer is made to point to the
updated shadow copy only after the transaction
reaches partial commit and all updated pages have
been flushed to disk.
– in case transaction fails, old consistent copy pointed to
by db_pointer can be used, and the shadow copy can
be deleted.
 Implementation of Atomicity and Durability (Cont.)
The shadow-copy
scheme:

• Assumes disks do not fail

• Extremely inefficient for large databases
• Does not handle concurrent transactions
 Concurrent Executions
• Multiple transactions are allowed to run
concurrently in the system. Advantages are:
– increased processor and disk utilization, leading
to better transaction throughput:
one transaction can be using the CPU while
another is reading from or writing to the disk
– reduced average response time for transactions:
short transactions need not wait behind long ones.
• Concurrency control schemes – mechanisms
to achieve isolation; that is, to control the
interaction among the concurrent transactions
in order to prevent them from destroying the
consistency of the database
 Schedules
• Schedule – a sequences of instructions that specify
the chronological order in which instructions of
concurrent transactions are executed
– a schedule for a set of transactions must consist of all
instructions of those transactions
– must preserve the order in which the instructions appear
in each individual transaction.
• A transaction that successfully completes its
execution will have a commit instructions as the last
statement (will be omitted if it is obvious)
• A transaction that fails to successfully complete its
execution will have an abort instructions as the last
statement (will be omitted if it is obvious)
 Schedule 1
• Let T1 transfer $50 from A to B, and T2 transfer 10% of the
balance from A to B.
• A serial schedule in which T1 is followed by T2:
 Schedule 2
• A serial schedule where T2 is followed by T1
•
Schedule 3
Let T1 and T2 be the transactions defined previously. The
following schedule is not a serial schedule, but it is equivalent to
Schedule 1.

In Schedules 1, 2 and 3, the sum A + B is preserved.

 Schedule 4
• The following concurrent schedule does not
preserve the value of (A + B).
 Serializability
• Basic Assumption – Each transaction preserves database
consistency.
• Thus serial execution of a set of transactions preserves database
consistency.
• A schedule s of n transactions is serializable
if it is equivalent to some serial schedule of
the same n transactions.
• A (possibly concurrent) schedule is serializable if it is equivalent to
a serial schedule. Different forms of schedule equivalence give
rise to the notions of:

1.Conflict serializability
2. View serializability

• We ignore operations other than read and write instructions, and

we assume that transactions may perform arbitrary computations
on data in local buffers in between reads and writes. Our simplified
schedules consist of only read and write instructions.
 Conflicting Instructions
• Instructions li and lj of transactions Ti and Tj
respectively, conflict if and only if there exists some
item Q accessed by both li and lj, and at least one of
these instructions wrote Q.
1. li = read(Q), lj = read(Q). li and lj don’t conflict.
2. li = read(Q), lj = write(Q). They conflict.
3. li = write(Q), lj = read(Q). They conflict
4. li = write(Q), lj = write(Q). They conflict
• Intuitively, a conflict between li and lj forces a (logical)
temporal order between them.
– If li and lj are consecutive in a schedule and they do not
conflict, their results would remain the same even if they
had been interchanged in the schedule.
 Conflict Serializability
• If a schedule S can be transformed into
a schedule S´ by a series of swaps of
non-conflicting instructions, we say that
S and S´ are conflict equivalent.
• We say that a schedule S is conflict
serializable if it is conflict equivalent to
a serial schedule
Conflict Serializability (Cont.)
• Schedule 3 can be transformed into Schedule 6, a serial
schedule where T2 follows T1, by series of swaps of non-
conflicting instructions.
– Therefore Schedule 3 is conflict serializable.

Schedule Schedule
3 6
Conflict Serializability (Cont.)
• Example of a schedule that is not conflict serializable:

• We are unable to swap instructions in the above

schedule to obtain either the serial schedule < T3, T4
>, or the serial schedule < T4, T3 >.
 View Serializability
• Let S and S´ be two schedules with the same set of
transactions. S and S´ are view equivalent if the
following three conditions are met:
1. For each data item Q, if transaction Ti reads the initial value
of Q in schedule S, then transaction Ti must, in schedule S
´, also read the initial value of Q.
2. For each data item Q if transaction Ti executes read(Q) in
schedule S, and that value was produced by transaction Tj
(if any), then transaction Ti must in schedule S´ also read
the value of Q that was produced by transaction Tj .
3. For each data item Q, the transaction (if any) that performs
the final write(Q) operation in schedule S must perform the
final write(Q) operation in schedule S´.
As can be seen, view equivalence is also based purely on
reads and writes alone.
 View Serializability (Cont.)
• A schedule S is view serializable it is view equivalent to a
serial schedule.
• Every conflict serializable schedule is also view serializable.
• Below is a schedule which is view-serializable but not conflict
serializable.

• What serial schedule is above equivalent to?

• Every view serializable schedule that is not conflict
serializable has blind writes.
 Example of view serializability
S1 S2( Serial Schedule)
T1 T2 T1 T2
READ(A) READ(A)
WRITE(A) WRITE(A)
READ(A) READ(B)
WRITE(A) WRITE(B)
READ(B) READ(A)
WRITE(B) WRITE(A)
READ(B) READ(B)
WRITE(B) WRITE(B)

S1 is View Equivalent
to S2
 Example of view serializability
S1 S2( Serial Schedule)
T1 T2 T1 T2
READ(A) READ(A)
WRITE(A) WRITE(A)
READ(A) READ(B)
WRITE(A) WRITE(B)
READ(B) READ(A)
WRITE(B) WRITE(A)
READ(B) READ(B)
WRITE(B) WRITE(B)

S1 is not View Equivalent

to S2
 Testing for Serializability
• A simple and efficient method for determining conflict
serializability of a schedule.
• Consider a schedule S. We construct a directed graph,
called a precedence graph, from S. This graph consists of
a pair G = (V, E), where
– V is a set of vertices and E is a set of edges. The set of vertices
consists of all the transactions participating in the schedule.
– The set of edges consists of all edges Ti →Tj for which one of three
conditions holds:
1. Ti executes write(Q) before Tj executes read(Q).
2. Ti executes read(Q) before Tj executes write(Q).
3. Ti executes write(Q) before Tj executes write(Q).

• If the precedence graph for S has a cycle, then schedule S is

not conflict serializable.

• If the graph contains no cycles, then the schedule S is conflict

serializable.
 Test For Serializability
• Precedence Graph:

T T
1 2

• Precedence Graph:

T T
2 1
• The precedence graph contains the edge T1 →T2, because T1
executes read(A) before T2 executes write(A).
• It also contains the edge T2→T1, because T2 executes read(B)
before T1 executes write(B).
•The graph contains a cycle, this schedule is not conflict serialzable
 Example1: Check for Conflict
Serializability
Schedule
T1 T2 T3
READ(X)
READ(Z) T2
READ(Z)
READ(X)
READ(Y) z y
WRITE(X) Acycli
c
READ(Y) X
WRITE(Z) T1 T3
WRITE(Y)

Schedule is Conflict
Serializable
 Example2: Check for Conflict
Serializability
Schedule
T1 T2 T3
READ(X)
READ(X) T2
WRITE(X)
WRITE(X)
READ(X) x x

Cycli
Xc
T1 T3

Schedule is not a conflict

serializable
Example Schedule (Schedule A) + Precedence Graph
T1 T2 T3 T4
T5
read(X)
read(Y)
read(Z)
read(V)
read(W) T1 T2
read(W)
read(Y)
write(Y)
write(Z)
read(U)
read(Y)
write(Y)
T3 T4
read(Z)
write(Z)
read(U)
write(U)
Test for Conflict Serializability
• A schedule is conflict serializable if
and only if its precedence graph is
acyclic.
• Cycle-detection algorithms exist which
take order n2 time, where n is the
number of vertices in the graph.
– (Better algorithms take order n + e
where e is the number of edges.)
• If precedence graph is acyclic, the
serializability order can be obtained
by a topological sorting of the graph.
– This is a linear order consistent with
the partial order of the graph.
– For example, a serializability order for
Schedule A would be
T5 → T1 → T3 → T2 → T4
• Are there others?
 Test for View Serializability
• The precedence graph test for conflict serializability
cannot be used directly to test for view serializability.
– Extension to test for view serializability has cost
exponential in the size of the precedence graph.
• The problem of checking if a schedule is view
serializable falls in the class of NP-complete problems.
– Thus existence of an efficient algorithm is extremely
unlikely.
• However practical algorithms that just check some
sufficient conditions for view serializability can still
be used.
 Recoverability:
Recoverable Schedules

• Need to address the effect of transaction failures on concurrently

running transactions.

• Recoverable schedule — if a transaction Tj reads a data item

previously written by a transaction Ti , then the commit operation
of Ti appears before the commit operation of Tj.
• The following schedule (Schedule 11) is not recoverable if T9
commits immediately after the read

• If T8 should abort, T9 would have read (and possibly shown to

the user) an inconsistent database state. Hence, database must
ensure that schedules are recoverable.
 Cascading Rollbacks
• Cascading rollback – a single transaction failure leads to
a series of transaction rollbacks. Consider the following
schedule where none of the transactions has yet committed
(so the schedule is recoverable)

If T10 fails, T11 and T12 must also be rolled back.

• Can lead to the undoing of a significant amount of work
 Cascadeless Schedules
• Cascadeless schedules — cascading
rollbacks cannot occur; for each pair of
transactions Ti and Tj such that Tj reads a data
item previously written by Ti, the commit
operation of Ti appears before the read
operation of Tj.
• Every cascadeless schedule is also recoverable
• It is desirable to restrict the schedules to those
that are cascadeless
 Implementation of Isolation
• Locking
– Lock on whole database vs lock on items
– How long to hold lock?
– Shared vs exclusive locks
• Timestamps
– Transaction timestamp assigned e.g. when a
transaction begins
– Data items store two timestamps
• Read timestamp
• Write timestamp
– Timestamps are used to detect out of order accesses
• Multiple versions of each data item
– Allow transactions to read from a “snapshot” of the
database
 Lock-Based Protocols
• A lock is a mechanism to control concurrent access
to a data item
• Data items can be locked in two modes :
1. exclusive (X) mode. Data item can be both
read as well as written. X-lock is requested using
lock-X instruction.
2. shared (S) mode. Data item can only be read.
S-lock is requested using lock-S instruction.
• Lock requests are made to concurrency-control
manager. Transaction can proceed only after
request is granted.
 Lock-Based Protocols (Cont.)
• Lock-compatibility matrix

• A transaction may be granted a lock on an item if the

requested lock is compatible with locks already held on the
item by other transactions
• Any number of transactions can hold shared locks on an item,
– but if any transaction holds an exclusive on the item no other
transaction may hold any lock on the item.
• If a lock cannot be granted, the requesting transaction is
made to wait till all incompatible locks held by other
transactions have been released. The lock is then granted.
T1: lock-X(B); T2: lock-S(A);
read(B); read(A);
B := B − 50; unlock(A);
write(B); lock-S(B);
unlock(B); read(B);
lock-X(A); unlock(B);
read(A); display(A + B).
A := A + 50;
write(A);
unlock(A).

Transaction T1. Transaction T2.

Lock-Based Protocols (Cont.)
• Example of a transaction performing locking:
T2: lock-S(A);
read (A);
unlock(A);
lock-S(B);
read (B);
unlock(B);
display(A+B)
• Locking as above is not sufficient to guarantee serializability —
if A and B get updated in-between the read of A and B, the
displayed sum would be wrong.
• A locking protocol is a set of rules followed by all transactions
while requesting and releasing locks. Locking protocols restrict
the set of possible schedules.
 Schedule With Lock Grants
• Grants omitted in rest
of chapter
– Assume grant
happens just before
the next instruction
following lock request
• This schedule is not
serializable (why?)
• A locking protocol
is a set of rules
followed by all
transactions while
requesting and
releasing locks.
• Locking protocols
enforce serializability
by restricting the set
of possible schedules.
 Pitfalls of Lock-Based Protocols:Deadlock
• Consider the partial schedule

• Neither T3 nor T4 can make progress — executing lock-

S(B) causes T4 to wait for T3 to release its lock on B,
while executing lock-X(A) causes T3 to wait for T4 to
release its lock on A.
• Such a situation is called a deadlock.
– To handle a deadlock one of T3 or T4 must be rolled back
and its locks released.
Pitfalls of Lock-Based Protocols:Starvation
• Starvation is also possible if concurrency control manager
is badly designed. For example:
– A transaction may be waiting for an X-lock on an item, while a
sequence of other transactions request and are granted an S-
lock on the same item.
– The same transaction is repeatedly rolled back due to
deadlocks.
• Concurrency control manager can be designed to prevent
starvation.
• We can avoid starvation of transactions by granting locks
in the following manner: When a transaction Ti requests a
lock on a data item Q in a particular mode M, the
concurrency-control manager grants the lock provided that:
– 1. There is no other transaction holding a lock on Q in a
mode that conflicts with M.
– 2. There is no other transaction that is waiting for a lock on
Q and that made its lock request before Ti
The Two-Phase Locking Protocol
• A protocol which ensures conflict-
serializable schedules.
• Phase 1: Growing Phase

Locks
– Transaction may obtain locks
– Transaction may not release locks
• Phase 2: Shrinking Phase
– Transaction may release locks
Time
– Transaction may not obtain locks
• The protocol assures
serializability. It can be proved that
the transactions can be serialized
in the order of their lock points
(i.e., the point where a transaction
acquired its final lock).
Cascading rollback may occur under two-phase locking.
As an illustration, consider the partial schedule of below Figure . Each
transaction
observes the two-phase locking protocol, but the failure of T5 after the
read(A)
step of T7 leads to cascading rollback of T6 and T7.
The Two-Phase Locking Protocol (Cont.)
• Two-phase locking does not ensure freedom from
deadlocks
• Extensions to basic two-phase locking needed to
ensure recoverability of freedom from cascading
roll-back
– Strict two-phase locking: a transaction must hold all
its exclusive locks till it commits/aborts.
• Ensures recoverability and avoids cascading roll-backs
– Rigorous two-phase locking: a transaction must hold
all locks till commit/abort.
• Transactions can be serialized in the order in which they
commit.
• Most databases implement rigorous two-phase
locking, but refer to it as simply two-phase locking
T3: lock-X(B); T4: lock-S(A);
read(B); read(A);
B := B − 50; lock-S(B);
write(B); read(B);
lock-X(A); display(A + B);
read(A); unlock(A);
A := A + 50;
unlock(B).
write(A);
unlock(B);
unlock(A).
Transaction T4 (transaction
Transaction T3 (transaction
T1 with unlocking delayed).
T2 with unlocking
delayed).
 The Two-Phase Locking Protocol
(Cont.)
• Two-phase locking is not a
necessary condition for
serializability
– There are conflict serializable
schedules that cannot be obtained if
the two-phase locking protocol is
used.
• In the absence of extra information
(e.g., ordering of access to data),
two-phase locking is necessary for
conflict serializability in the following
sense:
– Given a transaction Ti that does not
follow two-phase locking, we can find
a transaction Tj that uses two-phase
locking, and a schedule for Ti and Tj
that is not conflict serializable.
 Locking Protocols
• Given a locking protocol (such as 2PL)
– A schedule S is legal under a locking
protocol if it can be generated by a set of
transactions that follow the protocol
– A protocol ensures serializability if all
legal schedules under that protocol are
serializable
 Lock Conversions
• Two-phase locking protocol with lock
conversions:
• Growing Phase:
– can acquire a lock-S on item
– can acquire a lock-X on item
– can convert a lock-S to a lock-X (upgrade)
• Shrinking Phase:
– can release a lock-S
– can release a lock-X
– can convert a lock-X to a lock-S (downgrade)
• This protocol ensures serializability
Automatic Acquisition of Locks
• A transaction Ti issues the standard read/write
instruction, without explicit locking calls.
• The operation read(D) is processed as:
if Ti has a lock on D
then
read(D)
else begin
if necessary wait until no other
transaction has a lock-X on
D
grant Ti a lock-S on D;
read(D)
end
Automatic Acquisition of Locks (Cont.)
• The operation write(D) is processed as:
if Ti has a lock-X on D
then
write(D)
else begin
if necessary wait until no other trans. has
any lock on D,
if Ti has a lock-S on D
then
upgrade lock on D to lock-X
else
grant Ti a lock-X on D
write(D)
end;
• All locks are released after commit or abort
 Implementation of Locking
• A lock manager can be implemented as a separate
process to which transactions send lock and unlock
requests
• The lock manager replies to a lock request by sending a
lock grant messages (or a message asking the
transaction to roll back, in case of a deadlock)
• The requesting transaction waits until its request is
answered
• The lock manager maintains a data-structure called a
lock table to record granted locks and pending
requests
• The lock table is usually implemented as an in-memory
hash table indexed on the name of the data item being
locked
Lock Table
• Black rectangles indicate granted
locks, white ones indicate waiting
requests
• Lock table also records the type of
lock granted or requested
• New request is added to the end of
the queue of requests for the data
item, and granted if it is compatible
with all earlier locks
• Unlock requests result in the
request being deleted, and later
requests are checked to see if they
Grante can now be granted
d • If transaction aborts, all waiting or
Waitin granted requests of the transaction
g are deleted
– lock manager may keep a list of
locks held by each transaction,
to implement this efficiently
 Graph-Based Protocols
• Graph-based protocols are an alternative to
two-phase locking
• Impose a partial ordering → on the set D = {d1,
d2 ,..., dh} of all data items.
– If di → dj then any transaction accessing both di
and dj must access di before accessing dj.
– Implies that the set D may now be viewed as a
directed acyclic graph, called a database graph.
• The tree-protocol is a simple kind of graph
protocol.
 Tree Protocol

In the tree protocol, the only lock

instruction allowed is lock-X. Each
transaction Ti can lock a data item at most
once, and must observe the following rules:

1. Only exclusive locks are allowed.

2. The first lock by Ti may be on any data item. Subsequently, a data Q
can be locked by Ti only if the parent of Q is currently locked by Ti.
3. Data items may be unlocked at any time.
4. A data item that has been locked and unlocked by Ti cannot
subsequently be relocked by Ti
 Graph-Based Protocols (Cont.)
• The tree protocol ensures conflict serializability as well
as freedom from deadlock.
• Unlocking may occur earlier in the tree-locking protocol
than in the two-phase locking protocol.
– shorter waiting times, and increase in concurrency
– protocol is deadlock-free, no rollbacks are required
• Drawbacks
– Protocol does not guarantee recoverability or cascade
freedom
• Need to introduce commit dependencies to ensure recoverability
– Transactions may have to lock data items that they do not
access.
• increased locking overhead, and additional waiting time
• potential decrease in concurrency
• Schedules not possible under two-phase locking are
possible under tree protocol, and vice versa.
 Timestamp-Based Protocols
• Each transaction is issued a timestamp when it enters the
system. If an old transaction Ti has time-stamp TS(Ti), a
new transaction Tj is assigned time-stamp TS(Tj) such that
TS(Ti) <TS(Tj).
• The protocol manages concurrent execution such that the
time-stamps determine the serializability order.
• In order to assure such behavior, the protocol maintains for
each data Q two timestamp values:
– W-timestamp(Q) is the largest time-stamp of any transaction
that executed write(Q) successfully.
– R-timestamp(Q) is the largest time-stamp of any transaction
that executed read(Q) successfully.
Timestamp-Based Protocols (Cont.)
• The timestamp ordering protocol ensures that any
conflicting read and write operations are
executed in timestamp order. This protocol
operates as follows:
• Suppose a transaction Ti issues a read(Q)
1. If TS(Ti) < W-timestamp(Q), then Ti needs to read a
value of Q that was already overwritten.
● Hence, the read operation is rejected, and Ti is rolled back.
2. If TS(Ti)≥ W-timestamp(Q), then the read operation is
executed, and R-timestamp(Q) is set to max(R-
timestamp(Q), TS(Ti)).
Timestamp-Based Protocols (Cont.)
• Suppose that transaction Ti issues write(Q).
1. If TS(Ti) < R-timestamp(Q), then the value of Q that Ti is
producing was needed previously, and the system
assumed that that value would never be produced.
● Hence, the write operation is rejected, and Ti is rolled back.
2. If TS(Ti) < W-timestamp(Q), then Ti is attempting to write
an obsolete value of Q.
● Hence, this write operation is rejected, and Ti is rolled back.
3. Otherwise, the write operation is executed, and W-
timestamp(Q) is set to TS(Ti).
Example Use of the Protocol

The above schedule possible under the time stamp

protocol
 Example Use of the Protocol
• A partial schedule for several data items
for transactions with timestamps 1, 2, 3, 4,
5
T1 T2 T3 T4 T5
read(X)
read(Y
read(Y )
) write(Y)
write(Z)
read(Z)
read(X)
abort
read(X)
write(Z)
abort
write(Y)
write(Z)
 Correctness of Timestamp-Ordering Protocol
• The timestamp-ordering protocol guarantees
serializability since all the arcs in the precedence
graph are of the form:

transaction transaction
with smaller with larger
timestamp timestamp

Thus, there will be no cycles in the precedence

graph
• Timestamp protocol ensures freedom from
deadlock as no transaction ever waits.
• But the schedule may not be cascade-free, and
may not even be recoverable.
 Recoverability and Cascade Freedom
• Problem with timestamp-ordering protocol:
– Suppose Ti aborts, but Tj has read a data item written by Ti
– Then Tj must abort; if Tj had been allowed to commit earlier, the
schedule is not recoverable.
– Further, any transaction that has read a data item written by Tj
must abort
– This can lead to cascading rollback --- that is, a chain of rollbacks
• Solution 1:
– A transaction is structured such that its writes are all performed
at the end of its processing
– All writes of a transaction form an atomic action; no transaction
may execute while a transaction is being written
– A transaction that aborts is restarted with a new timestamp
• Solution 2: Limited form of locking: wait for data to be
committed before reading it
• Solution 3: Use commit dependencies to ensure
recoverability
 Thomas’ Write Rule
• Modified version of the timestamp-ordering protocol in which
obsolete write operations may be ignored under certain
circumstances.
• When Ti attempts to write data item Q, if TS(Ti) < W-timestamp(Q),
then Ti is attempting to write an obsolete value of {Q}.
– Rather than rolling back Ti as the timestamp ordering protocol would
have done, this {write} operation can be ignored.
• Otherwise this protocol is the same as the timestamp ordering
protocol.
• Thomas' Write Rule allows greater potential concurrency.
– Allows some view-serializable schedules that are not conflict-
serializable.
 Validation-Based Protocol
• Execution of transaction Ti is done in three phases.
1. Read and execution phase: Transaction Ti writes only to
temporary local variables
2. Validation phase: Transaction Ti performs a ``validation test''
to determine if local variables can be written without violating
serializability.
3. Write phase: If Ti is validated, the updates are applied to the
database; otherwise, Ti is rolled back.
• The three phases of concurrently executing transactions can be
interleaved, but each transaction must go through the three
phases in that order.
– Assume for simplicity that the validation and write phase occur
together, atomically and serially
• I.e., only one transaction executes validation/write at a time.
• Also called as optimistic concurrency control since
transaction executes fully in the hope that all will go well during
validation
Validation-Based Protocol (Cont.)
• Each transaction Ti has 3 timestamps
– Start(Ti) : the time when Ti started its execution
– Validation(Ti): the time when Ti entered its validation phase
– Finish(Ti) : the time when Ti finished its write phase
• Serializability order is determined by timestamp given at
validation time, to increase concurrency.
– Thus TS(Ti) is given the value of Validation(Ti).
• This protocol is useful and gives greater degree of
concurrency if probability of conflicts is low.
– because the serializability order is not pre-decided, and
– relatively few transactions will have to be rolled back.
Validation Test for Transaction Tj
• If for all Ti with TS (Ti) < TS (Tj) either one of the following
condition holds:
– finish(Ti) < start(Tj)
– start(Tj) < finish(Ti) < validation(Tj) and the set of data items
written by Ti does not intersect with the set of data items read by Tj.

then validation succeeds and Tj can be committed.

Otherwise, validation fails and Tj is aborted.
• Justification: Either the first condition is satisfied, and there is
no overlapped execution, or the second condition is satisfied
and
● the writes of Tj do not affect reads of Ti since they occur after Ti has
finished its reads.
● the writes of Ti do not affect reads of Tj since Tj does not read any
item written by Ti.
Schedule Produced by Validation
• Example of schedule produced using
validation
T T
14 15

read(B
) read(B)
B:= B-50
read(A)
A:= A+50
read(A)
(validate)
display
(A+B) (validate
)
write (B)
write (A)
 Multiple Granularity
• Allow data items to be of various sizes and define a
hierarchy of data granularities, where the small granularities
are nested within larger ones
• Can be represented graphically as a tree (but don't confuse
with tree-locking protocol)
• When a transaction locks a node in the tree explicitly, it
implicitly locks all the node's descendents in the same
mode.
• Granularity of locking (level in tree where locking is done):
– fine granularity (lower in tree): high concurrency, high locking
overhead
– coarse granularity (higher in tree): low locking overhead, low
concurrency
Example of Granularity Hierarchy

The levels, starting from the coarsest (top) level are

– database
– area
– file
– record
 Intention Lock Modes
• In addition to S and X lock modes, there are three
additional lock modes with multiple granularity:
– intention-shared (IS): indicates explicit locking at a lower
level of the tree but only with shared locks.
– intention-exclusive (IX): indicates explicit locking at a lower
level with exclusive or shared locks
– shared and intention-exclusive (SIX): the subtree rooted by
that node is locked explicitly in shared mode and explicit
locking is being done at a lower level with exclusive-mode
locks.
• intention locks allow a higher level node to be locked in
S or X mode without having to check all descendent
nodes.
 Compatibility Matrix with
Intention Lock Modes

• The compatibility matrix for all lock

modes is:
IS IX S S IX X
IS ✔ ✔ ✔ ✔ ×

IX ✔ ✔ × × ×

S ✔ × ✔ × ×

S IX ✔ × × × ×

X × × × × ×
Multiple Granularity Locking Scheme
• Transaction Ti can lock a node Q, using the following
rules:
1. The lock compatibility matrix must be observed.
2. The root of the tree must be locked first, and may be locked in
any mode.
3. A node Q can be locked by Ti in S or IS mode only if the
parent of Q is currently locked by Ti in either IX or IS mode.
4. A node Q can be locked by Ti in X, SIX, or IX mode only if the
parent of Q is currently locked by Ti in either IX or SIX mode.
5. Ti can lock a node only if it has not previously unlocked any
node (that is, Ti is two-phase).
6. Ti can unlock a node Q only if none of the children of Q are
currently locked by Ti.
• Observe that locks are acquired in root-to-leaf order,
whereas they are released in leaf-to-root order.
 Recovery System
• There are various types of failure that may occur in a system
like transaction failure, system failure, disk fialure. In any
failure , information may be lost.
• The database system must take actions in advance to ensure
that the atomicity and durability properties of transactions.
• An integral part of a database system is a recovery scheme
that can restore the database to the consistent state that
existed before the failure.
• Storage structures:
– Volatile storage
– Nonvolatile storage
– Stable storage
• Stable storage plays a critical role in recovery algorithms.
 Data Access
• Physical blocks are those blocks residing on the disk.
• Buffer blocks are the blocks residing temporarily in main
memory.
• Block movements between disk and main memory are
initiated through the following two operations:
– input(B) transfers the physical block B to main memory.
– output(B) transfers the buffer block B to the disk, and
replaces the appropriate physical block there.
• Each transaction Ti has its private work-area in which
local copies of all data items accessed and updated by it
are kept.
– Ti's local copy of a data item X is called xi.
• We assume, for simplicity, that each data item fits in, and
is stored inside, a single block.
 Data Access (Cont.)
• Transaction transfers data items between system buffer
blocks and its private work-area using the following
operations :
– read(X) assigns the value of data item X to the local variable xi.
– write(X) assigns the value of local variable xi to data item {X} in
the buffer block.
– both these commands may necessitate the issue of an input(BX)
instruction before the assignment, if the block BX in which X
resides is not already in memory.
• Transactions
– Perform read(X) while accessing X for the first time;
– All subsequent accesses are to the local copy.
– After last access, transaction executes write(X).
• output(BX) need not immediately follow write(X). System
can perform the output operation when it deems fit.
Example ofbuffer
Data Access
Buffer Block A input(A
X A
)
Buffer Block Y B
B output(B)
read(X
) write(Y
)
x2
x1
y1

work area work

of T1 area
of T2
memor dis
y k
 Recovery and Atomicity
• Modifying the database without ensuring
that the transaction will commit may leave
the database in an inconsistent state.
• Consider transaction Ti that transfers $50
from account A to account B; goal is either
to perform all database modifications made
by Ti or none at all.
• Several output operations may be required
for Ti (to output A and B). A failure may
occur after one of these modifications have
been made but before all of them are made.
 Recovery and Atomicity (Cont.)
• To ensure atomicity despite failures, we
first output information describing the
modifications to stable storage without
modifying the database itself.
• We study two approaches:
– log-based recovery, and
– shadow-paging
• We assume (initially) that transactions run
serially, that is, one after the other.
 Log-Based Recovery
• A log is kept on stable storage.
– The log is a sequence of log records, and maintains a record of
update activities on the database.
• When transaction Ti starts, it registers itself by writing a
<Ti start>log record
• Before Ti executes write(X), a log record <Ti, Xj, V1, V2> is
written, where V1 is the value of X before the write, and V2 is
the value to be written to X.
– Log record notes that Ti has performed a write on data item Xj . Xj
had value V1 before the write, and will have value V2 after the write.
• When Ti finishes it last statement, the log record
<Ti commit> is written.
• We assume for now that log records are written directly to
stable storage (that is, they are not buffered)
• Two approaches using logs
– Deferred database modification
Deferred Database Modification
• The deferred database modification scheme records
all modifications to the log, but defers all the writes to
after partial commit.
• Assume that transactions execute serially
• Transaction starts by writing <Ti start> record to log.
• A write(X) operation results in a log record <T , X, V>
i

being written, where V is the new value for X

– Note: old value is not needed for this scheme
• The write is not performed on X at this time, but is
deferred.
• When Ti partially commits, <Ti commit> is written to the
log
• Finally, the log records are read and used to actually
execute the previously deferred writes.
Deferred Database Modification (Cont.)
• During recovery after a crash, a transaction needs to be
redone if and only if both <Ti start> and<Ti commit> are
there in the log.
• Redoing a transaction Ti ( redoTi) sets the value of all data
items updated by the transaction to the new values.
• Crashes can occur while
– the transaction is executing the original updates, or
– while recovery action is being taken
• example transactions T0 and T1 (T0 executes before T1):
T0: read (A) T1 : read (C)
A: - A - 50 C:- C- 100
Write (A) write (C)
read (B)
B:- B + 50
write (B)
 Deferred Database Modification
(Cont.)
• Below we show the log as it appears at three instances
of time.

• If log on stable storage at time of crash is as in case:

(a) No redo actions need to be taken
(b) redo(T0) must be performed since <T0 commit> is present
(c) redo(T0) must be performed followed by redo(T1) since
<T0 commit> and <Ti commit> are present
 Immediate Database Modification
• The immediate database modification scheme allows
database updates of an uncommitted transaction to be made as
the writes are issued
– since undoing may be needed, update logs must have both old value
and new value
• Update log record must be written before database item is written
– We assume that the log record is output directly to stable storage
– Can be extended to postpone log record output, so long as prior to
execution of an output(B) operation for a data block B, all log records
corresponding to items B must be flushed to stable storage
• Output of updated blocks can take place at any time before or
after transaction commit
• Order in which blocks are output can be different from the order
in which they are written.
 Immediate Database Modification Example

Log Write Output

<T0 start>
<T0, A, 1000, 950>
To, B, 2000, 2050
A = 950
B = 2050
<T0 commit>
<T1 start> x
<T1, C, 700, 600> BC output before
1
C = 600 T1 commits
BB, BC
<T1 commit>
BA
BA output after
• Note: BX denotes block containing X.
T0 commits
 Immediate Database Modification
(Cont.)
• Recovery procedure has two operations instead of one:
– undo(Ti) restores the value of all data items updated by Ti to
their old values, going backwards from the last log record for Ti
– redo(Ti) sets the value of all data items updated by Ti to the
new values, going forward from the first log record for Ti
• Both operations must be idempotent
– That is, even if the operation is executed multiple times the
effect is the same as if it is executed once
• Needed since operations may get re-executed during recovery
• When recovering after failure:
– Transaction Ti needs to be undone if the log contains the
record
<Ti start>, but does not contain the record <Ti commit>.
– Transaction Ti needs to be redone if the log contains both the
record <Ti start> and the record <Ti commit>.
• Undo operations are performed first, then redo operations.
Immediate DB Modification Recovery Example

Below we show the log as it appears at three instances of time.

Recovery actions in each case above are:

(a) undo (T0): B is restored to 2000 and A to 1000.
(b) undo (T1) and redo (T0): C is restored to 700, and then A and B are
set to 950 and 2050 respectively.
(c) redo (T0) and redo (T1): A and B are set to 950 and 2050
respectively. Then C is set to 600
 Checkpoints
• Problems in recovery procedure as discussed
earlier :
1. searching the entire log is time-consuming
2. we might unnecessarily redo transactions which have
already output their updates to the database.
• Streamline recovery procedure by periodically
performing checkpointing
1. Output all log records currently residing in main
memory onto stable storage.
2. Output all modified buffer blocks to the disk.
3. Write a log record < checkpoint> onto stable
storage.
 Checkpoints (Cont.)
• During recovery we need to consider only the most recent
transaction Ti that started before the checkpoint, and
transactions that started after Ti.
1. Scan backwards from end of log to find the most recent
<checkpoint> record
2. Continue scanning backwards till a record <Ti start> is found.
3. Need only consider the part of log following above start
record. Earlier part of log can be ignored during recovery, and
can be erased whenever desired.
4. For all transactions (starting from Ti or later) with no <Ti
commit>, execute undo(Ti). (Done only in case of immediate
modification.)
5. Scanning forward in the log, for all transactions starting from
Ti or later with a <Ti commit>, execute redo(Ti).
 Example of Checkpoints
Tc Tf
T1
T2
T3
T4

checkpoin system
t failure

• T1 can be ignored (updates already output to disk due to

checkpoint)
• T2 and T3 redone.
• T4 undone
Recovery With Concurrent Transactions
• We modify the log-based recovery schemes to allow multiple
transactions to execute concurrently.
– All transactions share a single disk buffer and a single log
– A buffer block can have data items updated by one or more
transactions
• We assume concurrency control using strict two-phase locking;
– i.e. the updates of uncommitted transactions should not be visible to
other transactions
• Otherwise how to perform undo if T1 updates A, then T2 updates A and
commits, and finally T1 has to abort?
• Logging is done as described earlier.
– Log records of different transactions may be interspersed in the log.
• The checkpointing technique and actions taken on recovery
have to be changed
– since several transactions may be active when a checkpoint is
performed.
 Recovery With Concurrent Transactions (Cont.)
• Checkpoints are performed as before, except that the checkpoint log record
is now of the form
< checkpoint L>
where L is the list of transactions active at the time of the checkpoint
– We assume no updates are in progress while the checkpoint is carried
out (will relax this later)
• When the system recovers from a crash, it first does the following:
1. Initialize undo-list and redo-list to empty
2. Scan the log backwards from the end, stopping when the first
<checkpoint L> record is found.
For each record found during the backward scan:
• if the record is <Ti commit>, add Ti to redo-list
• if the record is <Ti start>, then if Ti is not in redo-list, add Ti to
undo-list
3. For every Ti in L, if Ti is not in redo-list, add Ti to undo-list
 Recovery With Concurrent Transactions (Cont.)

• At this point undo-list consists of incomplete transactions

which must be undone, and redo-list consists of finished
transactions that must be redone.
• Recovery now continues as follows:
1. Scan log backwards from most recent record, stopping when
<Ti start> records have been encountered for every Ti in undo-
list.
● During the scan, perform undo for each log record that belongs to a
transaction in undo-list.
2. Locate the most recent <checkpoint L> record.
3. Scan log forwards from the <checkpoint L> record till the end
of the log.
● During the scan, perform redo for each log record that belongs to a
transaction on redo-list
 Example of Recovery
• Go over the steps of the recovery algorithm on the
following log:
<T0 start>
<T0, A, 0, 10>
<T0 commit>
<T1 start> /* Scan at step 1 comes up to here */
<T1, B, 0, 10>
<T2 start>
<T2, C, 0, 10>
<T2, C, 10, 20>
<checkpoint {T1, T2}>
<T3 start>
<T3, A, 10, 20>
<T3, D, 0, 10>
<T3 commit>