Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 171 Chapter 17: Coping with System Failures (Slides by Hector Garcia-Molina,

Published byAlexandrina Charles Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 171 Chapter 17: Coping with System Failures (Slides by Hector Garcia-Molina,"— Presentation transcript:

1 Chapter 171 Chapter 17: Coping with System Failures (Slides by Hector Garcia-Molina, http://www-db.stanford.edu/~hector/cs245/notes.htm)

2 Chapter 172 Integrity or correctness of data Would like data to be “accurate” or “correct” at all times EMP Name White Green Gray Age 52 3421 1

3 Chapter 173 Integrity or consistency constraints Predicates data must satisfy Examples: - x is key of relation R - x  y holds in R - Domain(x) = {Red, Blue, Green}  is valid index for attribute x of R - no employee should make more than twice the average salary

4 Chapter 174 Definition: Consistent state: satisfies all constraints Consistent DB: DB in consistent state

5 Chapter 175 Observation: DB cannot be consistent always! Example: a 1 + a 2 +…. a n = TOT ( constraint ) Deposit $100 in a 2 : a 2  a 2 + 100 TOT  TOT + 100

6 Chapter 176 a 2 TOT.... 50.... 1000.... 150.... 1000.... 150.... 1100 Example: a 1 + a 2 +…. a n = TOT ( constraint ) Deposit $100 in a 2 : a 2  a 2 + 100 TOT  TOT + 100

7 Chapter 177 Transaction: collection of actions that preserve consistency Consistent DB Consistent DB’ T

8 Chapter 178 Big assumption: If T starts with consistent state + T executes in isolation  T leaves consistent state

9 Chapter 179 Correctness (informally) If we stop running transactions, DB left consistent Each transaction sees a consistent DB

10 Chapter 1710 How can constraints be violated? Transaction bug DBMS bug Hardware failure e.g., disk crash alters balance of account Data sharing e.g.: T1: give 10% raise to programmers T2: change programmers  systems analysts

11 Chapter 1711 We will not consider: How to write correct transactions How to write correct DBMS Constraint checking & repair That is, solutions studied here do not need to know constraints

12 Chapter 1712 Exercise Given a consistency constraint –0 <= A <=B Which of the transactions preserves consistency? –A := A+B; B := A+B –B := A+B; A := A+B –A := B+1; B := A+1

13 Chapter 1713 Chapter 17Recovery Management First order of business: Failure Model

14 Chapter 1714 Events Desired Undesired Expected Unexpected

15 Chapter 1715 Our failure model processor memory disk CPU M D

16 Chapter 1716 Desired events: see product manuals…. Undesired expected events: System crash - memory lost - cpu halts, resets Undesired Unexpected: Everything else! that’s it!!

17 Chapter 1717 Examples: Disk data is lost Memory lost without CPU halt CPU implodes wiping out universe…. Undesired Unexpected: Everything else!

18 Chapter 1718 Is this model reasonable? Approach: Add low level checks + redundancy to increase probability model holds E.g., Replicate disk storage (stable store) Memory parity CPU checks

19 Chapter 1719 Second order of business: Storage hierarchy Memory Disk x x

20 Chapter 1720 Operations: Input (x): block with x  memory Output (x): block with x  disk Read (x,t): do input(x) if necessary t  value of x in block Write (x,t): do input(x) if necessary value of x in block  t

21 Chapter 1721 Exercise Consider transaction –A := A+B; B := A+B Assume initially A=5 and B=10 Add read- and write-actions to the computation Show the effects of the steps on main memory and disk

22 Chapter 1722 Key problem Unfinished transaction ExampleConstraint: A=B T 1 : A  A  2 B  B  2

23 Chapter 1723 T 1 :Read (A,t); t  t  2 Write (A,t); Read (B,t); t  t  2 Write (B,t); Output (A); Output (B); A: 8 B: 8 A: 8 B: 8 memory disk 16 failure!

24 Chapter 1724 Need atomicity: execute all actions of a transaction or none at all

25 Chapter 1725 One solution: undo logging (immediate modification) due to: Hansel and Gretel, 782 AD Improved in 784 AD to durable undo logging

26 Chapter 1726 T 1 :Read (A,t); t  t  2 A=B Write (A,t); Read (B,t); t  t  2 Write (B,t); Output (A); Output (B); A:8 B:8 A:8 B:8 memory disk log Undo logging (Immediate modification) 16 16 16

27 Chapter 1727 One “complication” Log is first written in memory Not written to disk on every action memory DB Log A: 8 16 B: 8 16 Log: A: 8 B: 8 16 BAD STATE # 1

28 Chapter 1728 One “complication” Log is first written in memory Not written to disk on every action memory DB Log A: 8 16 B: 8 16 Log: A: 8 B: 8 16 BAD STATE # 2...

29 Chapter 1729 Undo logging rules (1) For every action generate undo log record (containing old value) (2) Before x is modified on disk, log records pertaining to x must be on disk (write ahead logging: WAL) (3) Before commit is flushed to log, all writes of transaction must be reflected on disk

30 Chapter 1730 Recovery rules: Undo logging (1) Let S = set of transactions with in log, but no (or ) record in log (2) For each in log, in reverse order (latest  earliest) do: - if Ti  S then - write (X, v) - output (X) (3) For each Ti  S do - write to log

31 Chapter 1731 Exercise Consider the following undo-log records by two transactions T and U: – ; ;, ; ; ; ; ; –Suppose there is a crash and the last log record on disk is. –Describe the actions of the recovery manager. –What if the last log record on disk is ?

32 Chapter 1732 What if failure during recovery? No problem!  Undo idempotent

33 Chapter 1733 Redo logging (deferred modification) T 1: Read(A,t); t t  2; write (A,t); Read(B,t); t t  2; write (B,t); Output(A); Output(B) A: 8 B: 8 A: 8 B: 8 memory DB LOG 16 output 16

34 Chapter 1734 Redo logging rules (1) For every action, generate redo log record (containing new value) (2) Before X is modified on disk (DB), all log records for transaction that modified X (including commit) must be on disk (3) Flush log at commit

35 Chapter 1735 (1) Let S = set of transactions with in log (2) For each in log, in forward order (earliest  latest) do: - if Ti  S then Write(X, v) Output(X) optional Recovery rules: Redo logging

36 Chapter 1736 Exercise Consider the following redo-log records by two transactions T and U: – ; ;, ; ; ; ; ; –Suppose there is a crash and the last log record on disk is. –Describe the actions of the recovery manager. –What if the last log record on disk is ?

37 Chapter 1737 Recovery is very, very SLOW ! Redo log: FirstT1 wrote A,BLast RecordCommitted a year agoRecord (1 year ago)--> STILL, Need to redo after crash!!... Crash

38 Chapter 1738 Solution: Checkpoint (simple version) Periodically: (1) Do not accept new transactions (2) Wait until all transactions finish (3) Flush all log records to disk (log) (4) Flush all buffers to disk (DB) (do not discard buffers) (5) Write “checkpoint” record on disk (log) (6) Resume transaction processing

39 Chapter 1739 Example: what to do at recovery? Redo log (disk): Checkpoint Crash...

40 Chapter 1740 Comparison of undo and redo logging Key drawbacks: Undo logging: must flush data to disk immediately after a transaction finishes –Why is it bad? Redo logging: need to keep all modified blocks in memory until commit –Why is it bad?

41 Chapter 1741 Solution: undo/redo logging! Update  page X

42 Chapter 1742 Rules Page X can be flushed before or after Ti commit Log record flushed before corresponding updated page (WAL) Flush at commit (log only)

43 Chapter 1743 Recovery process: Backwards pass (end of log  latest checkpoint start) –construct set S of committed transactions –undo actions of transactions not in S Forward pass (latest checkpoint start  end of log) –redo actions of S transactions backward pass forward pass

44 Chapter 1744 Exercise Consider undo/redo log records by two transactions T and U: – ; ; ; ; ; ; ; ; ; –Suppose there is a crash and the last log record on disk is. –Describe the actions of the recovery manager.

45 Chapter 1745 Non-quiescent checkpoint L O G for undodirty buffer pool pages flushed Start-ckpt active TR: Ti,T2,... end ckpt...

46 Chapter 1746 Examples what to do at recovery time? no T1 commit L O G T 1,- a... Ckpt T 1... Ckpt end... T1-bT1-b  Undo T 1 (undo a,b)

47 Chapter 1747 Example LOGLOG... T1aT1a T1bT1b T1cT1c T 1 cmt... ckpt- end ckpt-s T 1  Redo T1: (redo b,c)

48 Chapter 1748 Nonquiescent checkpoint The rules: section 17.4.3 Example 17.12 p. 906

49 Chapter 1749 Real world actions E.g., dispense cash at ATM Ti = a 1 a 2 …... a j …... a n $

50 Chapter 1750 Solution execute real-world actions after commit

51 Chapter 1751 ATM Give$$ (amt, Tid, time) $ give(amt) lastTid: time:

52 Chapter 1752 Media failure (loss of non-volatile storage) A: 16 Solution: Make copies of data!

53 Chapter 1753 Example 1 Triple modular redundancy Keep 3 copies on separate disks Output(X) --> three outputs Input(X) --> three inputs + vote X1X2 X3

54 Chapter 1754 Example #2 Redundant writes, Single reads Keep N copies on separate disks Output(X) --> N outputs Input(X) --> Input one copy - if ok, done - else try another one  Assumes bad data can be detected

55 Chapter 1755 Example #3: DB Dump + Log backup database active database log If active database is lost, – restore active database from backup – bring up-to-date using redo entries in log

56 Chapter 1756 When can log be discarded? check- point db dump last needed undo not needed for media recovery not needed for undo after system failure not needed for redo after system failure log time

57 Chapter 1757 Summary Consistency of data One source of problems: failures - Logging - Redundancy Another source of problems: Data Sharing..... Next: Chapter 18

Download ppt "Chapter 171 Chapter 17: Coping with System Failures (Slides by Hector Garcia-Molina,"

Similar presentations

1 CS411 Database Systems 12: Recovery obama and eric schmidt sysadmin song

1 CS411 Database Systems 12: Recovery obama and eric schmidt sysadmin song
Recovery Amol Deshpande CMSC424.

Recovery Amol Deshpande CMSC424.
ICS 214A: Database Management Systems Fall 2002

ICS 214A: Database Management Systems Fall 2002
Crash Recovery John Ortiz. Lecture 22Crash Recovery2 Review: The ACID properties  Atomicity: All actions in the transaction happen, or none happens 

Crash Recovery John Ortiz. Lecture 22Crash Recovery2 Review: The ACID properties  Atomicity: All actions in the transaction happen, or none happens 
1 CPS216: Data-intensive Computing Systems Failure Recovery Shivnath Babu.

1 CPS216: Data-intensive Computing Systems Failure Recovery Shivnath Babu.
CS 245Notes 081 CS 245: Database System Principles Notes 08: Failure Recovery Hector Garcia-Molina.

CS 245Notes 081 CS 245: Database System Principles Notes 08: Failure Recovery Hector Garcia-Molina.
Chapter 20: Recovery. 421B: Database Systems - Recovery 2 Failure Types q Transaction Failures: local recovery q System Failure: Global recovery I Main.

Chapter 20: Recovery. 421B: Database Systems - Recovery 2 Failure Types q Transaction Failures: local recovery q System Failure: Global recovery I Main.
1 Failure Recovery Checkpointing Undo/Redo Logging Source: slides by Hector Garcia-Molina.

1 Failure Recovery Checkpointing Undo/Redo Logging Source: slides by Hector Garcia-Molina.
Transactions A process that reads or modifies the DB is called a transaction. It is a unit of execution of database operations. Basic JDBC transaction.

Transactions A process that reads or modifies the DB is called a transaction. It is a unit of execution of database operations. Basic JDBC transaction.
Cs44321 CS4432: Database Systems II Lecture #19 Database Consistency and Transactions Professor Elke A. Rundensteiner.

Cs44321 CS4432: Database Systems II Lecture #19 Database Consistency and Transactions Professor Elke A. Rundensteiner.
Recovery from Crashes. Transactions A process that reads or modifies the DB is called a transaction. It is a unit of execution of database operations.

Recovery from Crashes. Transactions A process that reads or modifies the DB is called a transaction. It is a unit of execution of database operations.
Crash Recovery. Review: The ACID properties A A tomicity: All actions in the Xaction happen, or none happen. C C onsistency: If each Xaction is consistent,

Crash Recovery. Review: The ACID properties A A tomicity: All actions in the Xaction happen, or none happen. C C onsistency: If each Xaction is consistent,
Recovery from Crashes. ACID A transaction is atomic -- all or none property. If it executes partly, an invalid state is likely to result. A transaction,

Recovery from Crashes. ACID A transaction is atomic -- all or none property. If it executes partly, an invalid state is likely to result. A transaction,
1 ICS 214A: Database Management Systems Fall 2002 Lecture 16: Crash Recovery Professor Chen Li.

1 ICS 214A: Database Management Systems Fall 2002 Lecture 16: Crash Recovery Professor Chen Li.
ACID A transaction is atomic -- all or none property. If it executes partly, an invalid state is likely to result. A transaction, may change the DB from.

ACID A transaction is atomic -- all or none property. If it executes partly, an invalid state is likely to result. A transaction, may change the DB from.
1 Failure Recovery Introduction Undo Logging Redo Logging Source: slides by Hector Garcia-Molina.

1 Failure Recovery Introduction Undo Logging Redo Logging Source: slides by Hector Garcia-Molina.
1 Lecture 12: Transactions: Recovery. 2 Outline Recovery Undo Logging Redo Logging Undo/Redo Logging Book Section 15.1, 15.2, 23, 24, 25.

1 Lecture 12: Transactions: Recovery. 2 Outline Recovery Undo Logging Redo Logging Undo/Redo Logging Book Section 15.1, 15.2, 23, 24, 25.
CS 277 – Spring 2002Notes 081 CS 277: Database System Implementation Notes 08: Failure Recovery Arthur Keller.

CS 277 – Spring 2002Notes 081 CS 277: Database System Implementation Notes 08: Failure Recovery Arthur Keller.
1 Θεμελίωση Βάσεων Δεδομένων Notes 09: Failure Recovery Βασίλης Βασσάλος.

1 Θεμελίωση Βάσεων Δεδομένων Notes 09: Failure Recovery Βασίλης Βασσάλος.
Cs4432recovery1 CS4432: Database Systems II Database Consistency and Violations?

Cs4432recovery1 CS4432: Database Systems II Database Consistency and Violations?

Similar presentations

Ads by Google