Information Processing Letters 24 (1987) 149-152 13 February 1987

North-Holland

A NOTE ON THE TRANSACTION BACKOUT PROBLEM

Mark W. K R E N T E L

Department of Computer Science, Cornell University, 405 Upson Hall, Ithaca, NY 14853-7501, U.S.A.

Communicated by David Giles Received 10 March 1986 Revised 6 June 1986

The transaction backout problem arises in the area of distributed databases. Suppose failures partition a data-redundant distributed database, and each partition continues to function as if it were the entire database. When the network is reconnected, the transactions executed by different partitions may not be serializable, and hence it may be necessary to backout some of the transactions. The transaction backout problem is to remove the smallest set of transactions that will leave the remaining ones serializable. The general problem is NP-complete, and in this paper we show that the special case of a fixed-size database and two partitions can be solved in polynomial time by dynamic programming.

Keywords: Transaction backout, distributed database, fault-tolerance

1. Introduction

An important problem in the field of distrib- uted databases is dealing with failures. As long as every site can communicate with every other site, the database can guarantee a serializable schedule of transactions. However, site or link failures can isolate a site from the rest of the network. This site must then either suspend actions on some data items or run the risk of losing serializability. Davidson and Garcia-Molina [2] propose a solu- tion to this problem. In their solution, each site keeps a copy of each data item. If failures parti- tion the network into disconnected pieces, each partition continues to function as if it were the entire database. Each partition can guarantee that its transactions are serializable; however, if two sites are in disconnected partitions, then it is possible that their collective transactions are not serializable. For example, if T 1 and T 2 are in separate partitions and both write data item a, then T 1 and T 2 cannot coexist in any serialiTable schedule.

Each site in Davidson and Garcia-Molina's

solution keeps a log of its transactions. When the network reestablishes communication, the parti- tions broadcast their actions, determine conflicts with other sites, and then backout some transac- tions in order to reestablish serializability. This solution thus requires an algorithm for deciding which transactions to remove and which to keep. The transaction backout problem, then, is to find the largest serializable subset of transactions.

Unfortunately, this problem is NP-complete [1,2,3]. Essentially, the problem is the same as finding the largest acyclic subgraph of a given graph. The general transaction backout problem assumes no upper bound on the number of items in the database. Davidson and Garcia-Molina leave the special case of a fixed-size database as an open problem. Here, we show the theoretical result that this problem is solvable in polynomial time (the algorithm we present is hopelessly im- practical). The technique we use is similar to dy- namic programming: we first show that a bound on the number of items in the database gives a bound on the number of transactions needed to produce an unserializable result. The problem then

0020-0190/87/$3.50 © 1987, Elsevier Science Publishers B.V. (North-Holland) 149

Volume 24, Number 3 INFORMATION PROCESSING LETTERS 13 February 1987

reduces to finding the largest subset of transac- tions that does not satisfy a certain finite pattern. This last problem has a polynomial-time solution.

2. Definitions

The main result we wish to show is the poly- nomial-time algorithm for the transaction backout problem. First we define the problem and convert it to an equivalent problem in graph theory. We only consider the case of two partitions here.

In general, an edge T i ~ Tj means that T i must precede Tj in any serial schedule. In the case of a precedence or interference edge, T i reads an item that Tj later writes. A ripple edge from T i to Tj means that T i writes a value that Tj reads later. Thus, if we undo Ti, then we must also undo Tj. We say that H _ V is ripple closed if A ~ H and a ripple edge A ~ B together imply that B ~ H. In terms of graph theory, the transaction backout problem is to remove the smallest ripple closed set of transactions that leave the rest acyclic.

Definition 2.1. An instance I = (D, S 1, $2) of the transaction backout problem is defined by the fol- lowing:

(1) A set D = { a l , . . . , a K } of data items. (2) Two ordered schedules of transactions S 1 =

{T~,. . . ,T~ } and S 2 = {T2,. . . ,Tm 2 }. We assume that the two schedules are individually serializable and that we are given serial schedules for them.

(3) Two sets, Read(T), Write(T) ___ D, for each transaction T, which are the data items read and written by T. We assume that Read(T) ~ Write(T).

Given an instance I = (D, S 1, $2) where S 1 and S e are individually serializable, the transaction backout problem is to find the largest serializable subset of S 1 U S 2. We can state the problem more precisely by expressing it in terms of graph theory.

Definition 2.3. Let G = (V, E) be the precedence graph for I = ( D , S 1,$2). We say that I has a solution of size k if there exists an H c V such that:

(i) I n I ~<k, (ii) H is ripple closed in G, and

(iii) G \ H is acyclic.

That the graph-theoretic version of the transac- tion backout problem is equivalent to the previous definition follows from the following result of Davidson and Garcia-Molina.

Theorem 2.4. Let I = (D, S 1, $2) be an instance of the transaction backout problem, and let G = (V, E) be its precedence graph. Then S 1 U S 2 is serializable if and only if G is acyclic.

Definition 2.2. Let I = (D, S1, S 2 ) be an instance of the transaction backout problem, and assume that TI . . . . , T~ is a serial order for S 1 and that T2 , . . . , Tm 2 is a serial order for S 2. The precedence graph G = (V, E) associated with I is defined by the following:

(1) V = S 1 U S 2. (2) E = (ripple edges} U (precedence edges} u

{interference edges} where: (a) there is a ripple edge Ti ~ ~ T~ if Ti ~ and

Tj a are in the same partition, i < j and Read(Ti ~) n Write(Tj ~) ~= JJ,

(b) there is a precedence edge Ti ~ ~ T~ if Ti ~ and Tj a are in the same partition, i < j and Read(Ti ~) n Write(T~) ~ 9 ,

(c) there is an interference edge Ti ~ ~ Tf if T a and T~ are in different partitions and Read(Ti a) n Write(T~) 4: 9.

Our notion of a precedence graph is slightly different from the definition given by Wright [3] or by Davidson and Garcia-Molina [2]. They use a ripple edge T i ~ Tj only when there is some d Write(Ti) r~ ReaO(Tj) and d ~ Write(Tk) for all i < k < j , and similarly for interference edges. However, we can easily show that the ripple closed sets are invariant under the two definitions, and hence our notion of a precedence graph does not change the problem.

3. Main result

Davidson and Garcia-Molina [2] and Wright [3] prove the following result.

Theorem 3.1. The transition backout problem is NP-complete.

150

Volume 24, Number 3 I N F O R M A T I O N P R O C E S S I N G LETTERS 13 February 1987

The general problem assumes no upper bound on the number of items in the database. Our main result is that a bound on the size of the database puts the problem in polynomial time. The first task in proving this result is to establish a bound on the length of a cycle in the precedence graph. It turns out that if the precedence graph has a cycle, then it has a cycle of bounded length. With no bound on the number of data items, the shortest cycle in the graph could be arbitrarily long. We are able to implement the dynamic programming in polynomial time because of this bound on the length of the cycles and the fact that there is a bounded number of transaction types.

Lemma 3.2. Let G be a precedence graph, and let K = ]DI. If G contains a cycle, then it contains a cycle of length at most 4K.

Proof. Suppose A 1 ~ A 2 ~ - • • ~ A m ~ A 1 is the shortest cycle in G. Since two read-only transac- tions are not connected by an edge, at least ½m of the transactions write some value. If m > 4K, then the cycle contains more than 2K writes, and some data item is written at least three times. So, let 1 ~< i < j < k ~< m where d ~ Wr i t e (Ai ) A Write(Aj) n Write(Ak). Now, Ai, A j, and A k must all be in the same partit ion, for otherwise G contains a 2-cycle. Without loss of generality, assume A~ precedes A k in their partion. Then,

AI--~ "'" ---~Ai---~Ak---~ --- ~Am~A I is a shorter cyclc, contradicting the assumption that

m > 4K. Therefore, m ~< 4K. []

Theorem 3 . 3 . The transaction backout problem can

be solved in TIME[22~n2], where K is the size of the database, n is the number of transactions, and p is a polynomial.

Proof. Let I = (D, S1, 52) be an instance of the transaction backout problem where K = [D[. Let T1, . . . ,T~ be the sequence of transactions in S 1 followed by S 2 and let 6 a be the set of all se- quences of transaction types of length at most 4K. With K items in the database, a transaction may ignore, read, or write a given item, and may be in one of two partitions. So, there are at most 2 × 3 K distinct types of transactions, and hence 15p I< (2 × 3K) 4K ~< 2 p(K) for some polynomial p. We

build the dynamic programming table as follows. For 1 ~< i, E~< n and for a ___ 6 ° define:

/10 i f t h e r e i s a s u b s e q u e n c e ' [3'Of T i . . . . . T n of length E such that (T i . . . . . T n } \13 is ripple closed,

Ai,~,~ = and cx is the set of all sequences from 13 of length at most 4K, otherwise.

Intuitively, Ai,~, ~ is 1 if there is a serializable subsequence of transactions of T i . . . . , T n of length I such that the remaining transactions are ripple closed. Thus, we can keep • transactions out of T i . . . . , T n. The key to dynamic programming is that we can efficiently compute each entry in the table from earlier ones. In this case, we make crucial use of the facts that there is a bounded number of transaction types and that a bounded number of transactions defines a cycle in the precedence graph. For al, ot 2 c ~ , define ot I I(12 to be the collection of all subsequences of sis 2 of length at most 4K, where sl ~ ai- We can compute A as follows:

A i , e , ~ = I i f f

(i) Ai+l,e,~, = 1 and undoing T i does not violate ripple closure, or

(ii) A i + l , ~ , _ l , ~, = 1 and ~ = ( T i } ] a ' .

We compute A in the order An,0,,, Ana,=, An_l,0, ~, An_la,~, A=_1,2, ~, An_z,0, . , etc. Com- put ing A in backwards order makes checking rip- pie closure easier. Part (i.i) is straightforward and, in part (i), T i violates ripple closure if and only if there is a transaction type Tj from a where T i ~ Tj is a ripple edge.

The problem has a solution of size f if and only if there exists an a ___ 6 a and a k >~ n - ~ such that AI,R, . = 1 and a contains no cycle in the precedence graph. The lemma implies that it is sufficient to check all sequences of length up to 4K to show that the resulting set of transactions is indeed acyclic and hence serializable. Thus, by computing the dynamic programming table, we have an algorithm for the transaction backout problem. As with other dynamic programming solutions, we can keep the sequence 13 with the table A~,e, ~ and compute which transactions to remove in the solution.

151

Volume 24, Number 3 INFORMATION PROCESSING LETTERS 13 February 1987

To analyze the running time of the algorithm, we first observe that 16"1 ~< 2 p(K), SO there are at most 22¢K~ choices for et. Also, 1 ~< i, ~< n, so there are only 22¢K~n 2 entries in the dynamic pro- gramming table. We see by the formula for com- puting the entries that each new entry can be computed in constant time, hence the algorithm runs in TIM~[22~K)n 2] for some polynomial p. []

"t

Corollary 3.4. The transaction backout problem for a fixed-size database can be solved in polynomial time.

References

[1] A.V. Aho, J.E. Hopcroft and J.D. Ullman, The Design and Analysis of Computer Algorithms (Addison-Wesley, Read- ing, MA, 1974).

[2] S. Davidson and H. Garcia-Molina, Protocols for parti- tioned distributed database systems, Tech. Rept. 280, Dept. of Electrical Engineering and Computer Science, Princeton Univ., March 1981.

[3] D. Wright, Managing distributed databases in partitioned networks, Ph.D. Thesis, Dept. of Computer Science, Cornell Univ., September 1983 (also available as Tech. Rept. 83- 572).

Acknowledgment

We wish to acknowledge the efforts of Dave Wright who suggested the problem and came up with several counterexamples to earlier proofs.

152