# $Id: Design,v 12.0 2004/11/17 03:44:06 bostic Exp $
Synchronization in the Locking Subsystem
This is a document that describes how we implemented fine-grain locking
in the lock manager (that is, locking on a hash bucket level instead of
locking the entire region). We found that the increase in concurrency
was not sufficient to warrant the increase in complexity or the additional
cost of performing each lock operation. Therefore, we don't use this
any more. Should we have to do fine-grain locking in a future release,
this would be a reasonable starting point.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
1. Data structures
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The lock manager maintains 3 different structures:
Objects (__db_lockobj):
Describes an object that is locked. When used with DB, this consists
of a __db_ilock (a file identifier and a page number).
Lockers (__db_locker):
Identifies a specific locker ID and maintains the head of a list of
locks held by a locker (for using during transaction commit/abort).
Locks (__db_lock):
Describes a particular object lock held on behalf of a particular
locker id.
Objects and Lockers reference Locks.
These structures are organized via two synchronized hash tables. Each
hash table consists of two physical arrays: the array of actual hash
buckets and an array of mutexes so we can lock individual buckets, rather
than the whole table.
One hash table contains Objects and the other hash table contains Lockers.
Objects contain two lists of locks, waiters and holders: holders currently
hold a lock on the Object, waiters are lock waiting to be granted.
Lockers are a single linked list that connects the Locks held on behalf
of the specific locker ID.
In the diagram below:
Locker ID #1 holds a lock on Object #1 (L1) and Object #2 (L5), and is
waiting on a lock on Object #1 (L3).
Locker ID #2 holds a lock on Object #1 (L2) and is waiting on a lock for
Object #2 (L7).
Locker ID #3 is waiting for a lock on Object #2 (L6).
OBJECT -----------------------
HASH | |
----|------------- |
________ _______ | | ________ | |
| |-->| O1 |--|---|-->| O2 | | |
|_______| |_____| | | |______| V |
| | W H--->L1->L2 W H--->L5 | holders
|_______| | | | | V
| | ------->L3 \ ------->L6------>L7 waiters
|_______| / \ \
. . / \ \
. . | \ \
. . | \ -----------
|_______| | -------------- |
| | ____|____ ___|_____ _|______
|_______| | | | | | |
| | | LID1 | | LID2 | | LID3 |
|_______| |_______| |_______| |______|
^ ^ ^
| | |
___|________________________|________|___
LOCKER | | | | | | | | |
HASH | | | | | | | | |
| | | | | | | | |
|____|____|____|____|____|____|____|____|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2. Synchronization
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
There are four types of mutexes in the subsystem.
Object mutexes;
These map one-to-one to each bucket in the Object hash table.
Holding a mutex on an Object bucket secures all the Objects in
that bucket as well as the Lock structures linked from those
Objects. All fields in the Locks EXCEPT the Locker links (the
links that attach Locks by Locker ID) are protected by these
mutexes.
Locker mutexes:
These map one-to-one to each bucket in the Locker hash table.
Holding a mutex on a Locker bucket secures the Locker structures
and the Locker links in the Locks.
Memory mutex:
This mutex allows calls to allocate/free memory, i.e. calls to
__db_shalloc and __db_shalloc_free, as well as manipulation of
the Object, Locker and Lock free lists.
Region mutex:
This mutex is currently only used to protect the locker ids.
It may also be needed later to provide exclusive access to
the region for deadlock detection.
Creating or removing a Lock requires locking both the Object lock and the
Locker lock (and eventually the shalloc lock to return the item to the
free list).
The locking hierarchy is as follows:
The Region mutex may never be acquired after any other mutex.
The Object mutex may be acquired after the Region mutex.
The Locker mutex may be acquired after the Region and Object
mutexes.
The Memory mutex may be acquired after any mutex.
So, if both and Object mutex and a Locker mutex are going to be acquired,
the Object mutex must be acquired first.
The Memory mutex may be acquired after any other mutex, but no other mutexes
can be acquired once the Memory mutex is held.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
3. The algorithms:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The locking subsystem supports four basic operations:
Get a Lock (lock_get)
Release a Lock (lock_put)
Release all the Locks on a specific Object (lock_vec)
Release all the Locks for a specific Locker (lock_vec)
Get a lock:
Acquire Object bucket mutex.
Acquire Locker bucket mutex.
Acquire Memory mutex.
If the Object does not exist
Take an Object off the freelist.
If the Locker doesn't exist
Take a Locker off the freelist.
Take a Lock off the free list.
Release Memory mutex.
Add Lock to the Object list.
Add Lock to the Locker list.
Release Locker bucket mutex
If the lock cannot be granted
Release Object bucket mutex
Acquire lock mutex (blocks)
Acquire Object bucket mutex
If lock acquisition did not succeed (e.g, deadlock)
Acquire Locker bucket mutex
If locker should be destroyed
Remove locker from hash table
Acquire Memory mutex
Return locker to free list
Release Memory mutex
Release Locker bucket mutex
If object should be released
Acquire Memory mutex
Return object to free list
Release Memory mutex
Release Object bucket mutex
Release a lock:
Acquire Object bucket mutex.
(Requires that we be able to find the Object hash bucket
without looking inside the Lock itself.)
If releasing a single lock and the user provided generation number
doesn't match the Lock's generation number, the Lock has been reused
and we return failure.
Enter lock_put_internal:
if the Lock is still on the Object's lists:
Increment Lock's generation number.
Remove Lock from the Object's list (NULL link fields).
Promote locks for the Object.
Enter locker_list_removal
Acquire Locker bucket mutex.
If Locker doesn't exist:
Release Locker bucket mutex
Release Object bucket mutex
Return error.
Else if Locker marked as deleted:
dont_release = TRUE
Else
Remove Lock from Locker list.
If Locker has no more locks
Remove Locker from table.
Acquire Memory mutex.
Return Locker to free list
Release Memory mutex
Release Locker bucket mutex.
Exit locker_list_removal
If (!dont_release)
Acquire Memory mutex
Return Lock to free list
Release Memory mutex
Exit lock_put_internal
Release Object bucket mutex
Release all the Locks on a specific Object (lock_vec, DB_PUT_ALL_OBJ):
Acquire Object bucket mutex.
For each lock on the waiter list:
lock_put_internal
For each lock on the holder list:
lock_put_internal
Release Object bucket mutex.
Release all the Locks for a specific Locker (lock_vec, DB_PUT_ALL):
Acquire Locker bucket mutex.
Mark Locker deleted.
Release Locker mutex.
For each lock on the Locker's list:
Remove from locker's list
(The lock could get put back on the free list in
lock_put and then could get reallocated and the
act of setting its locker links could clobber us.)
Perform "Release a Lock" above: skip locker_list_removal.
Acquire Locker bucket mutex.
Remove Locker
Release Locker mutex.
Acquire Memory mutex
Return Locker to free list
Release Memory mutex
Deadlock detection (lock_detect):
For each bucket in Object table
Acquire the Object bucket mutex.
create waitsfor
For each bucket in Object table
Release the Object mutex.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
FAQ:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Q: Why do you need generation numbers?
A: If a lock has been released due to a transaction abort (potentially in a
different process), and then lock is released by a thread of control
unaware of the abort, the lock might have potentially been re-allocated
to a different object. The generation numbers detect this problem.
Note, we assume that reads/writes of lock generation numbers are atomic,
if they are not, it is theoretically possible that a re-allocated lock
could be mistaken for another lock.
Q: Why is is safe to walk the Locker list without holding any mutexes at
all?
A: Locks are created with both the Object and Locker bucket mutexes held.
Once created, they removed in two ways:
a) when a specific Lock is released, in which case, the Object and
Locker bucket mutexes are again held, and
b) when all Locks for a specific Locker Id is released.
In case b), the Locker bucket mutex is held while the Locker chain is
marked as "destroyed", which blocks any further access to the Locker
chain. Then, each individual Object bucket mutex is acquired when each
individual Lock is removed.
Q: What are the implications of doing fine grain locking?
A: Since we no longer globally lock the entire region, lock_vec will no
longer be atomic. We still execute the items in a lock_vec in order,
so things like lock-coupling still work, but you can't make any
guarantees about atomicity.
Q: How do I configure for FINE_GRAIN locking?
A: We currently do not support any automatic configuration for FINE_GRAIN
locking. When we do, will need to document that atomicity discussion
listed above (it is bug-report #553).