Construction Process. Transactional Process Scheduler. Production Process. 2.3 Transactional Subsystems. Test. CAD Documentation. Conflict!

Similar documents
Concurrency Control and Recovery in Transactional Process Management

Lecture 18: Mix net Voting Systems

Implementing Ray Casting in Tetrahedral Meshes with Programmable Graphics Hardware (Technical Report)

Scheduling. Scheduling. EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #4 Updated March 16, 2012

4. Minimax and planning problems

The Impact of Product Development on the Lifecycle of Defects

Simple Network Management Based on PHP and SNMP

Quick Verification of Concurrent Programs by Iteratively Relaxed Scheduling

Coded Caching with Multiple File Requests

source managemen, naming, proecion, and service provisions. This paper concenraes on he basic processor scheduling aspecs of resource managemen. 2 The

PART 1 REFERENCE INFORMATION CONTROL DATA 6400 SYSTEMS CENTRAL PROCESSOR MONITOR

Test - Accredited Configuration Engineer (ACE) Exam - PAN-OS 6.0 Version

Service Oriented Solution Modeling and Variation Propagation Analysis based on Architectural Building Blocks

A Matching Algorithm for Content-Based Image Retrieval

A time-space consistency solution for hardware-in-the-loop simulation system

Sam knows that his MP3 player has 40% of its battery life left and that the battery charges by an additional 12 percentage points every 15 minutes.

Distributed Task Negotiation in Modular Robots

Design and Application of Computer-aided English Online Examination System NONG DeChang 1, a

CMPSC 274: Transac0on Processing Lecture #6: Concurrency Control Protocols

BI-TEMPORAL INDEXING

Automatic Calculation of Coverage Profiles for Coverage-based Testing

Chapter 4 Sequential Instructions

A Petri Net Approach for. Performance Oriented Parallel Program Design. A. Ferscha. Institut fur Statistik und Informatik, Universitat Wien

On the Impact of Concurrency for the Enforcement of Entailment Constraints in Process-driven SOAs

CAMERA CALIBRATION BY REGISTRATION STEREO RECONSTRUCTION TO 3D MODEL

Voltair Version 2.5 Release Notes (January, 2018)

Michiel Helder and Marielle C.T.A Geurts. Hoofdkantoor PTT Post / Dutch Postal Services Headquarters

An Implementation of the PCP, SRP, D-PCP, M-PCP, and FMLP Real-Time Synchronization Protocols in LITMUS RT

MATH Differential Equations September 15, 2008 Project 1, Fall 2008 Due: September 24, 2008

Axiomatic Foundations and Algorithms for Deciding Semantic Equivalences of SQL Queries

MOBILE COMPUTING 3/18/18. Wi-Fi IEEE. CSE 40814/60814 Spring 2018

MOBILE COMPUTING. Wi-Fi 9/20/15. CSE 40814/60814 Fall Wi-Fi:

Quantitative macro models feature an infinite number of periods A more realistic (?) view of time

EECS 487: Interactive Computer Graphics

Learning in Games via Opponent Strategy Estimation and Policy Search

Analysis of Various Types of Bugs in the Object Oriented Java Script Language Coding

Optimal Crane Scheduling

CENG 477 Introduction to Computer Graphics. Modeling Transformations

Location. Electrical. Loads. 2-wire mains-rated. 0.5 mm² to 1.5 mm² Max. length 300 m (with 1.5 mm² cable). Example: Belden 8471

STEREO PLANE MATCHING TECHNIQUE

MIC2569. Features. General Description. Applications. Typical Application. CableCARD Power Switch

Restorable Dynamic Quality of Service Routing

Network management and QoS provisioning - QoS in Frame Relay. . packet switching with virtual circuit service (virtual circuits are bidirectional);

Rule-Based Multi-Query Optimization

EVALUATING ACCURACY OF A TIME ESTIMATOR IN A PROJECT

AML710 CAD LECTURE 11 SPACE CURVES. Space Curves Intrinsic properties Synthetic curves

The Roots of Lisp paul graham

Shortest Path Algorithms. Lecture I: Shortest Path Algorithms. Example. Graphs and Matrices. Setting: Dr Kieran T. Herley.

COSC 3213: Computer Networks I Chapter 6 Handout # 7

A New Semantic Cache Management Method in Mobile Databases

Gauss-Jordan Algorithm

STRING DESCRIPTIONS OF DATA FOR DISPLAY*

IDEF3 Process Description Capture Method

Let s get physical - EDA Tools for Mobility

PROCESS AUTOMATION MANUAL TIMER RELAY KF**-DU-EX1.D ISO9001

Improving the Efficiency of Dynamic Service Provisioning in Transport Networks with Scheduled Services

MB86297A Carmine Timing Analysis of the DDR Interface

Assignment 2. Due Monday Feb. 12, 10:00pm.

On Continuity of Complex Fuzzy Functions

Performance and Availability Assessment for the Configuration of Distributed Workflow Management Systems

Packet Scheduling in a Low-Latency Optical Interconnect with Electronic Buffers

Petri Nets for Object-Oriented Modeling

Less Pessimistic Worst-Case Delay Analysis for Packet-Switched Networks

Why Waste a Perfectly Good Abstraction?

SREM: A Novel Multicast Routing Algorithm - Comprehensive Cost Analysis

MORPHOLOGICAL SEGMENTATION OF IMAGE SEQUENCES

Achieving Security Assurance with Assertion-based Application Construction

4 Error Control. 4.1 Issues with Reliable Protocols

Y. Tsiatouhas. VLSI Systems and Computer Architecture Lab

Performance Evaluation of Implementing Calls Prioritization with Different Queuing Disciplines in Mobile Wireless Networks

In this paper we discuss the automatic construction of. are Delaunay triangulations whose smallest angles are bounded and, in

tr_lisp.asc Page 1 McESE-FranzLISP: McMASTER EXPERT SYSTEM EXTENSION OF FranzLISP F. Franek Technical Report no TR-22/88

Motor Control. 5. Control. Motor Control. Motor Control

Po,,ll. I Appll I APP2 I I App3 I. Illll Illlllll II Illlll Illll Illll Illll Illll Illll Illll Illll Illll Illll Illll Illlll Illl Illl Illl

Discrete Event Systems. Lecture 14: Discrete Control. Continuous System. Discrete Event System. Discrete Control Systems.

Chapter 8 LOCATION SERVICES

SOT: Compact Representation for Triangle and Tetrahedral Meshes

An efficient approach to improve throughput for TCP vegas in ad hoc network

Towards a Realistic Model for Failure Propagation in Interdependent Networks

Video Content Description Using Fuzzy Spatio-Temporal Relations

Computer representations of piecewise

LOW-VELOCITY IMPACT LOCALIZATION OF THE COMPOSITE TUBE USING A NORMALIZED CROSS-CORRELATION METHOD

Outline. EECS Components and Design Techniques for Digital Systems. Lec 06 Using FSMs Review: Typical Controller: state

USBFC (USB Function Controller)

Troubleshooting PLCopen Block Behavior

CS 152 Computer Architecture and Engineering. Lecture 6 - Memory

Visualizing Complex Notions of Time

Network Slicing for Ultra-Reliable Low Latency Communication in Industry 4.0 Scenarios

NRMI: Natural and Efficient Middleware

Design Alternatives for a Thin Lens Spatial Integrator Array

Handling uncertainty in semantic information retrieval process

Visual Indoor Localization with a Floor-Plan Map

Verified Validation of Lazy Code Motion

Accenture Report Documentum 4i on NetApp filers Deployment Guide

/85/ $ IEEE

BEST DYNAMICS NAMICS CRM A COMPILATION OF TECH-TIPS TO HELP YOUR BUSINESS SUCCEED WITH DYNAMICS CRM

[151 A. K. Agrawala and T. G. Rauscher, Foundationg of Microprogramming, Architecture, Software and Applications. New York: Academic, 1976.

Midterm Exam Announcements

Time Expression Recognition Using a Constituent-based Tagging Scheme

Chapter 3 MEDIA ACCESS CONTROL

Transcription:

Philadelphia, Pennsylvania, USA, May 31 - June 2, 1999. Concurrency Conrol and Recovery in Transacional Process Managemen Heo Schuld Gusavo Alonso Insiue of Informaion Sysems Swiss Federal Insiue of Technology (ETH) ETH{Zenrum CH{8092 Zurich, Swizerland fschuld,alonso,schekg@inf.ehz.ch Hans-Jorg Schek Absrac The unied heory of concurrency conrol and recovery inegraes aomiciy and isolaion wihin a common framework, hereby avoiding many of he shorcomings resuling from reaing hem as orhogonal problems. This heory can be applied o he radiional read/wrie model as well as o semanically rich operaions. In his paper, we exend he unied heory by applying i o generalized process srucures, i.e., arbirary parially ordered sequences of ransacion invocaions. Using he exended unied heory, our goal is o provide a more exible handling of concurren processes while allowing as much parallelism as possible. Unle in he original unied heory, we ake ino accoun ha no all aciviies of a process migh be compensaable and he fac ha hese process srucures require ransacional properies more general han in radiional ACID ransacions. We provide a correcness crierion for ransacional processes and idenify he key poins in which he more exible srucure of ransacional processes implies dierences from radiional ransacions. 1 Inroducion In convenional daabases, concurrency conrol and recovery are well undersood problems. Unforunaely, his is no he case when ransacions are grouped ino eniies wih higher level semanics, such as ransacional processes [Alo97]. Some iniial work has been done in his direcion: sudying aomiciy (spheres of join compensaion [Ley95], or exible ransacions [ELLR90, ZNBB94]) in a single process and analyzing concurrency conrol wihou considering recovery [AAHD97]. Pracical experience, however, shows ha concurrency conrol and recovery are relaed problems and hey boh need o be solved in order o produce complee, feasible soluions. In his paper, we presen a rs aemp o develop a heoreical framework in which o reason abou concurrency Par of his work has been funded by he Swiss Naional Science Foundaion under he projec Wise (Workow based Inerne Services) of he Swiss Prioriy Programme \Informaion and Communicaion Sysems". conrol and recovery in ransacional processes. The challenge we face is o design a single correcness crierion accouning for boh concurrency conrol and recovery which, a he same ime, copes wih he added srucure found in processes. In paricular, and unle in radiional ransacions, processes inroduce ow of conrol as one of he basic semanic elemens. Thus, he correcness crieria mus ake ino consideraion ha processes already impose ordering consrains among heir dieren operaions and among heir alernaive execuions, consrains ha will play a signican role in deermining how process execuion can be inerleaved. Similarly, processes inegrae invocaions o applicaions wih dieren aomiciy properies. Therefore, we canno impose he srong requiremens used in oher models (le ConTracs [WR92, RSS97], or CREW [KR98] where he inverses of all process seps have o exis). The conribuion of he paper is hreefold. Firs, i claries he problem of concurrency conrol and recovery in ransacional processes wihou making unreasonable assumpions abou heir environmen. Second, saring wih he correcness of a single process based on exible ransacions [ELLR90, ZNBB94] i provides a correcness crierion for concurren execuion of several processes generalizing and adaping he unied unied heory of concurrency conrol and recovery [SWY93, AVA + 94, VHYBS98] o ransacional processes hereby exending he applicabiliy of hese models. In conras o oher approaches proposing a variey of ransacion models (le TSME [GHS95, GHKM94]), his paper provides a single model covering all requiremens ha arise in he applicaion areas of ransacional process managemen. Third, i discusses several realisic environmens where hese ideas are being implemened. We believe ha ransacional processes are becoming more and more imporan in applicaions such as, for insance, elecronic commerce or virual enerprises, workow managemen sysems, process suppor sysems, or specialized coordinaion ools. Therefore, we expec he resuls of his paper o be of pracical relevance in a variey of applicaions. The paper is organized as follows: In secion 2, we presen a sample applicaion scenario for ransacional processes. In secion 3, we develop a correcness crierion for ransacional processes and discuss is impac on concurrency conrol and recovery. Secion 4 concludes he paper. 2 Moivaion Compuer Inegraed Manufacuring (CIM) environmens are a good example of he use of ransacional processes o coordinae dieren subsysems [NSSW94]. In he exam- 1

CAD Consrucion Wrie BOM Tes Technical Documenaion Consrucion Process Conflic! Read BOM CNC Programs CAD Documenaion NOT compensaable Produce Producion Process Transacional Process Scheduler Check Sock Transfer o sock Human Resources Transacional Subsysems CAD Sysem PDM Sysem Business Sofware (e.g. SAP R/3) Program Reposiory Tes and Norm DBMS Produc DBMS Documen DBMS Figure 1: Concurren execuion of a consrucion process and a producion process in he CIM scenario ple shown in gure 1, wo processes are used o conrol he developmen and producion of new producs 1. In his case, producion does no follow mass-producion echniques bu aims o cusomize each one of he producs o deliver. Thus, he developmen of he produc and is manufacure are srongly ied. The consrucion process conains all developing seps from he design of a new par o he nal es and he subsequen echnical documenaion. I encompasses a CAD sysem, a produc daa managemen sysem (PDM), a es daabase as well as a echnical documenaion reposiory. The producion process includes all manufacuring seps from he ordering of maerials o he producion oor including he necessary scheduling. Thus, he producion process encompasses he PDM sysem, a business applicaion, a program reposiory and a produc DBMS. Aciviies of ransacional processes are service invocaions in hese underlying subsysems. As he bill of maerials (BOM) of a new produc generaed wihin he consrucion process provides he necessary inpu required by he producion process, dependencies beween boh processes exis. 2.1 Exending he Noion of Aomiciy The example above clearly shows why ransacional processes mus provide a more general noion of aomiciy han radiional ransacions. Consider he consrucion process in gure 1. If a failure is deeced during he es aciviy of his process, i is cerainly no desirable o undo all previous work including he long running design aciviy. I is more appropriae o undo only he PDM enry and documen he CAD drawing so as o faciliae laer reuse. This documenaion can be alernaively execued insead of he echnical documenaion of he whole par which would have been done if he es aciviy would have succeeded. The possibiliy of execuing alernaives in case of failures herefore generalizes he all-or-nohing semanics of aomiciy and leads o a more exible noion of aomiciy used for ransacional processes. 2.2 Concurrency and Inerference An addiional prerequisie is o guaranee consisen ineracion beween processes. Consider a consrucion process and a producion process being execued in parallel as depiced in gure 1. This parallelizaion is imporan in pracice as i dramaically reduces he ime o marke of new producs. As depiced in gure 1, only he wo aciviies wihin he PDM sysem do conic. For concurrency conrol purposes, he ordering of hese wo aciviies would be sucien. However, when recovery has o be considered, furher dependencies exis. As no inverse for he producion aciviy exiss, i mus no be execued before he es erminaed successfully. If he es fails, he PDM enry is compensaed wihin he consrucion process and he BOM read by he producion process is invalidaed. Therefore, all aciviies of he producion process would have o be compensaed, oo. However, if producion of pars is already performed, his would lead o severe inconsisencies as no valid consrucion and BOM of hese pars exiss. 2.3 Transacional Subsysems A ransacional process scheduler coordinaes ransacional processes on op of ransacional subsysems and ensures correcness even in case of failures. We assume hese subsysems o have funcionaliy such as he aomiciy of service invocaions, and eiher he abiliy o compensae already commied services or o suppor a wo phase commi proocol. When he applicaion does no provide such funcionaliy, i will be provided by wrapping his applicaion sysem wih a ransacional coordinaion agen. In his paper we concenrae on ransacional process managemen on op of such ransacional, possibly agen-wrapped subsysems. The problem of wrapping hese sysems by ransacional coordinaion agens is imporan bu beyond he scope of his paper. Some aspecs of his problem are discussed in [NSSW94, SST98]. 1 This example reecs he pracice followed by one of our indusrial parners in a recenly concluded research projec [SST98]. 2

3 Concurrency Conrol and Recovery in Transacional Processes In he following, we will consider ransacional processes execued by a ransacional process scheduler on op of subsysems supporing he execuion of local ransacions as shown in gure 1. In his secion, we derive a correcness crierion o reason abou correc concurrency conrol and recovery of hese ransacional processes in a single framework. 3.1 Process Model Each subsysem provides a limied se of ransacional services ha can be invoked by processes. Le ^A be he se of services (aciviies) provided by all subsysems. For each invocaion of an aciviy of ^A, reurn values are provided. As aciviies are iself ransacions in he underlying subsysems, hey are by deniion aomic and herefore erminae eiher commiing or aboring. Aciviies dier in erms of heir erminaion guaranees: hey are eiher compensaable, reriable, or pivo (as in he ex ransacion model [MRSK92, ZNBB94]). In he case of compensaable aciviies, a compensaion service is provided by he underlying subsysem, reriable aciviies are guaraneed o successfully erminae afer a nie number of invocaions, and pivo aciviies are hose which are neiher compensaable nor reriable. These dieren erminaion guaranees of aciviies will be dened more formally as follows using he noion of aciviy sequence o denoe he sequenial execuion of aciviies. Deniion 1 (Eec-free Aciviies) Le =< a i a j : : : a n > be a sequence of aciviies from ^A. The sequence is eec-free if, for all possible aciviy sequences and! from ^A, he reurn values of and! in he concaenaed aciviy sequence <! > are he same as in he aciviy sequence <! >. 2 A special case of eec-free aciviies is he sequence =< a i a?1 i > consising of a compensaable aciviy a i and is compensaing aciviy a?1. More formally, i Deniion 2 (Compensaabiliy and Compensaion) An aciviy a i 2 ^A is compensaable if an aciviy a?1 i 2 ^A exiss where he aciviy sequence =< a i a?1 > is eecfree. The aciviy a?1 i i is hen called he compensaing aciviy of a i. 2 In order o formally dene reriable aciviies, he invocaion of aciviies has o be labeled. Le a i(n) he n h invocaion of aciviy a i. To guaranee he propery of compensaabiliy, a compensaing aciviy a?1 is (i) iself no compensaable, however, i is (ii) reriable and herefore guaraneed o commi. Noe furher ha according o he ex ransacion model boh pivo aciviies and reriable 2 aciviies do no have a compensaing aciviy. Inuiively, a process is an arbirary collecion of aciviies in arbirary subsysems. For he process model, we adop and rene ideas of he ex ransacion model [ELLR90, ZNBB94]. More formally, Deniion 5 (Process) A process, P, is a riple (A; ; ), where A ^A is a se of aciviies, is a parial order over A wih (A A), and is a parial order dened over wih ( ) esablishing alernaive execuion pahs by specifying for each aciviy a 2 A an ordering on he aciviies a 0 2 A direcly following i. 2 For noaional purposes, a process is assumed o have a unique idenier, for insance, P i. Aciviies wihin P i are denoed as a c i1 ; ap i2 ; ::: ; ar in. The superscrip index denoes he propery of an aciviy, he subscrip indices denoe he process id and a unique id of he aciviy wihin he process (aciviy a r in, for insance, is an aciviy of process Pi wih id n and i is reriable). The commimen of process P i is denoed by C i, is abor by A i. If he propery of an aciviy is no relevan, we will omi his specicaion. The semanics of he precedence order wihin processes is a emporal one. This means ha for any wo aciviies, a and a il, if a a il, hen a il can only be execued afer a commied. The preference order de- ned over pairs of connecors saring boh from he same aciviy esablishes he order in which he connecors will be evaluaed. If here are wo order consrains in wih (a ih ij a ij ) (a ih a ) hen, if a is execued, eiher a ij mus have failed or boh a c ij and (ac ij )?1 mus have been execued. Also, all aciviies succeeding a c mus have been ij compensaed before a is able o be execued. Thus, as an exension of he ex ransacion model, hese furher order consrains derived from have o be respeced when execuing alernaives. However, hese alernaive execuion pahs have he same semanics as he preference order of he ex ransacion model. Noe ha boh orders, and, are irreexive, ransiive, and acyclic. To avoid indeerminism in he execuion, when, by ransiiviy, associaes several connecors, i can only dene a oal order. a c 1 3 a p 1 4 Deniion 3 (Reriable Aciviy) An aciviy a i is reriable if some m 2 N exiss wih a i(j) erminaing wih abor for 1 j < m while a i(m) is guaraneed o erminae wih commi. 2 a c 1 1 a p 1 2 a r 1 5 a r 1 6 The guaranee ha here is always one invocaion which will commi ensures ha reriable aciviies will no fail. More formally, Deniion 4 (Failure of an Aciviy) An aciviy a i has failed if invocaion a i(1) has erminaed wih abor and no m 2 N exiss where a i(m) is guaraneed o commi. 2 Figure 2: Process P 1 wih precedence and preference order 2 In he conex of ransacional process managemen, we could also consider reriable aciviies o be as well compensaable in order o give a scheduler more opions for execuing alernaives in case of failures. For he sake of simpliciy, we however follow he less general ex ransacion model here. 3

Example 1 Consider process P 1 depiced in gure 2. The precedence order of P 1 is depiced wih solid lines, he preference order of P 1 wih doed lines. Given hese orders, a r 15 and herefore also ar 16 can only be execued afer ac 13 has failed or afer a p has failed and 14 ac 13 has been compensaed by a?1. Therefore, as depiced in gure 3, four possible valid 13 execuions of P 1 exis. 2 a c 1 1 a p 1 2 Sandard execuion a c 1 1 a?1 1 1 if a p 1 2 fails a c 1 3 a p 1 4 a c 1 1 a p 1 2 a r 1 5 a r 1 6 if a c 1 3 fails a c a p 1 a c 1 1 2 1 a?1 a r a r 3 1 3 1 5 1 6 if a p 1 4 fails Figure 3: Possible execuions of process P 1 We consider a single ransacional process o be well de- ned if i has well-formed ex srucure [ZNBB94]. The basic well-formed ex srucure consiss of a se of compensaable aciviies followed by one pivo aciviy which is again followed by a se of reriable aciviies. Addiionally, he pivo aciviy can recursively be succeeded by a complee well-formed ex srucure given ha an alernaive consising only of reriable aciviies exiss for i. In [ZNBB94] i has been shown ha well-formed ex srucures always guaranee he exisence of one execuion pah ha can be execued correcly while all oher pahs will leave no eecs. In he following, processes having wellformed ex srucures are called processes wih guaraneed erminaion (his is equivalen o he \semi aomiciy" in he ex ransacion model). The guaraneed erminaion propery of ransacional processes is a generalizaion of he \all-or-nohing" semanics of radiional ACID ransacions as i ensures ha a leas one of evenually many valid execuions (specied by he alernaives) is eeced. In wha follows, we will only consider processes wih guaraneed erminaion. For noaional purposes, he rs non-compensaable aciviy of a process wih guaraneed erminaion P i will be called sae-deermining aciviy s i0 of P i. All aciviies of P i preceding s i0 are compensaable. Therefore, backward recovery can be performed by successively applying compensaion if s i0 fails or if an abor A i of P i is performed before s i0 commied. Similarly, once s i0 has erminaed successfully, forward recovery is guaraneed. From here, a process wih guaraneed erminaion can be in any of wo saes. A process, P i, is said o be forward-recoverable, F? REC, afer s i0 has been commied, oherwise P i is backwardrecoverable, B? REC. The sequence of compensaing aciviies o be execued for recovery purposes of a process in sae B? REC is is backward recovery pah. The sequence of aciviies leading from any aciviy succeeding s i0 o he well-dened erminaion of a process is he forward recovery pah. The se of aciviies of a process P i o be execued for recovery purposes (eiher forward or backward) will be called he compleion of P i denoed by C(P i). Noe ha in he case of P i being in sae B? REC, C(P i) consiss only of compensaing aciviies, while, if P i is in sae F? REC, C(P i) consiss of boh compensaing aciviies (local backward recovery o a sae-deermining elemen s ) 3, and re- 3 As we consider basic well-formed ex srucures recursively, muliple local sae-deermining aciviies si k of Pi may exis. riable aciviies. While he failure of one aciviy leads o he execuion of he nex alernaive given by he preference order, he abor A i of a process in F? REC considers only he alernaive wih lowes prioriy which consiss only of reriable aciviies and hus guaranees safe erminaion. Similarly, he abor A i of a process P i in B? REC considers only compensaion in backward order and no furher alernaive execuion pahs. The compleion C(P i) of a process P i will be an imporan noion when we dene complee process schedules below. Example 2 Consider again process P 1 depiced in gure 2. Obviously, P 1 is a process wih guaraneed erminaion as i has well-formed ex srucure. The pivo aciviy a p is 12 he sae-deermining aciviy s 1 0 of P 1. Before he successful erminaion of a p, 12 P1 is in B? REC and in his sae, he compleion C(P 1) consiss of fa?1 g if ac has been execued correcly. Afer successful erminaion of a p, 12 P 1 is in F? REC. Afer aciviy, for insance, has erminaed successfully, he compleion of P 1 evaluaes o C(P 1) = fa?1 13 ar 15 ar 16 g. 2 3.2 Process Schedules and Correcness Following [VHYBS98], he noion of conicing aciviies is dened using he reurn values of aciviies. Deniion 6 (Commuaiviy) Two aciviies a, a 2 ^A commue if for all aciviy sequences and! from ^A, he reurn values in he concaenaed aciviy sequence < a a! > are idenical o he reurn values of he aciviy sequence < a a! >. 2 Two aciviies are in conic if hey do no commue. Furhermore, we consider commuaiviy beween all aciviies of ^A o be perfec [VHYBS98]. This means ha if wo aciviies a c and aj l conic, hen we will also consider a conic beween a and a for all possible combinaions of ; 2 f?1; 1g. Oherwise, if a c and aj l commue, we will assume a and a o commue for all possible combinaions of ; 2 f?1; 1g. Given he srucure of processes wih guaraneed erminaion and he informaion abou conicing aciviies, a process schedule can be dened as follows. Deniion 7 (Process Schedule) A process schedule S is a riple (P S; A S; S) where P S is a se of processes, A S ^A is a subse of all aciviies of all processes of P S wih A S fa ij j a ij 2 A i ^ P i 2 P Sg, S is a parial order beween aciviies of A S wih S (A S A S). For he order s he following has o hold: 1. 8 P i : i S 2. 8 (a ; a ); i 6= j; such ha a and a do no commue: a S a or a S a 2 Noe ha by 7.1, a process schedule guaranees only legal execuions of each process P i 2 P S hus respecing boh P i's precedence and preference order. Formally, he above deniion of a process schedule looks le he classical deniion of a schedule. However, i implicily includes informaion abou he properies of all aciviies (compensaable, pivo or reriable) and hus, also abou he dieren saes of processes (B? REC or F? REC) and i includes he alernaive execuion of a process P i as even 4

a p 14 a p 14 a c a c P1 a r 15 a r 16 P1 a r 15 a r 16 Conic Conic Conic Conic Conic Conic a c 21 a r 25 a c 21 a r 25 P2 P2 S a c a c 21 1 2 S 0 a c a c 21 1 2 (a) (b) Figure 4: Serializable (a) and non-serializable (b) concurren execuion of processes P 1 and P 2 in a complee process schedule where all processes erminae commiing [BHG87], no necessarily all of P i's aciviies are considered. This does however no inuence he noion of serializabiliy. A process schedule is serializable if i is con- ic equivalen o a serial execuion of all processes. Hence, a serializable process schedule does no conain cyclic dependencies [BHG87]. Example 3 Consider he wo processes, P 1 and P 2, depiced in gure 4(b) being execued in parallel. As he pairs of aciviies (a c ; ac 21 ), (ap 12 ; ar 24 ), and (ar 15 ; ar ) do no commue (denoed by dashed arcs), hey have o be ordered in 25 he process schedule S 0. Also, he inra-process orders of P 1 and P 2 mus be respeced in S 0. Therefore, process schedule S 0 a ime 2 evaluaes o: S2 0 = (P S 0 ; A S 0 ; 2 2 S 0 2 ) wih he se of processes P S 0 2 = fp 1; P 2g, he se of aciviies A S 0 2 = fa c ; ap 12 ; ac 13 ; ac 21 ; ac 22 ; ap 23 ; ar g, and he order 24 S 0 2 = f(a c S 0 a p 2 12 S 0 ); (ac 21 S 0 a c 2 22 S 0 2 2 a p 23 S 0 ); (ac S 0 a c 2 21 ); (ar 24 S 0 a p )g. Obviously, 2 2 12 process schedule S2 0 is no serializable because of cyclic dependencies beween P 1 and P 2. 2 Example 4 Consider again processes P 1 and P 2, now execued as depiced in gure 4(a). A ime 2, he process schedule S 2 is serializable. Here, no cyclic dependencies beween P 1 and P 2 do exis as he order S2 evaluaes o S2 = f(a c S 2 ap 12 S 2 ac 13 ); (ac 21 S 2 ac 22 S 2 S 2 ar 24 ); (ac S 2 ac 21 ); (ap 12 S 2 ar 24 )g. 2 3.3 Compleed Process Schedules The serializabiliy of ransacional processes allows o reason abou correc concurrency conrol. In order o addiionally reason abou correc recovery when, for insance, a failure of he process scheduler occurs, we now make recovery-relaed aciviies explici by applying he unied heory of concurrency conrol and recovery [SWY93, AVA + 94, VHYBS98] o ransacional processes. Therefore, we replace each abor aciviy A i of a process P i by he aciviies of is compleion C(P i). This replacemen of abor aciviies leads o he noion of he compleed process schedule ~ S. In order o guaranee correc recovery, all acive processes P i1 ; : : : ; P in are assumed o abor, which mus be reaed joinly by using a group abor operaion A(P i1 ; : : : ; P in ). Noe ha abored processes may be in F? REC. Therefore, no only compensaion of previously execued aciviies bu all aciviies of he forward-recovery pah of abored processes have o be considered, hus leading o crucial dierences compared wih he sandard undo procedure for recovery. This is also reeced in he noion of compleed process schedule in conras o he expanded schedule of he radiional unied heory which conains only addiional compensaion compared wih he iniial schedule. The way a process schedule is compleed is depiced in gure 5. Afer A i has been replaced by all aciviies of C(P i), a process P i can be considered as commied. Process Schedule S 000000 Crash 00 00 00 00 00 00 00 00 000000 ~ Compleed Process Schedule S regular aciviies 00 aciviies of backward recovery pah 00 aciviies of forward recovery pah Figure 5: Compleion of a process schedule by aciviies of he backward recovery pah and of he forward recovery pah of all acive processes More formally, he compleed process schedule ~ S of a process schedule S is dened as follows: Deniion 8 (Compleed Process Schedule ~ S) Le S = (P S; A S; S) be a process schedule. The compleed process schedule ~ S of S, is a riple ( ~ PS; ~ AS; ~ S) where 1. For he se of processes ~ PS holds: ~ PS = P S. 2. ~ AS is a se of aciviies derived from A S in he following way: (a) For each process P i 2 P S, if a 2 A i and a is no he abor aciviy A i, hen a 2 AS. ~ (b) All acive processes are reaed as abored processes, by adding A(P n1 ; : : : ; P ns ), a se-oriened abor, a he end of S, where (P n1 ; : : : ; P ns ) are all acive processes in S. (c) For each abored process P j in P S, all aciviies a js 2 C(P j) of he compleion C(P j) of P j are in ~S (a js 2 AS). ~ An abor aciviy A j is changed o C j 2 AS. ~ 5

S2 S2 ~ S2 ~ S2 ~ S2 S 2 a c a a p a p c a 21 c 22 23 12 a r a 24 c 13 ~S 2 a c a a p a p c a 21 c 22 23 12 ac 13 a?1 13 a r a 15 r 16 ar 25 Compleion Reducion ~ S2 ~ S2 ~ S2 ~ S2 ~ S2 ~ S2 ~S 2 a c a c a a p a p 21 c 22 23 12 a r a 24 c 13 a?1 13 a r a 15 r 16 ar 25 ~S 2 a c a c a a p a p 21 c 22 23 12 a r a 15 r 16 ar 25 (a) (b) Figure 6: Compleed process schedule ~ S2 (a) and reduced process schedule ~ S2 (b) of process schedule S 2 3. The parial order, ~ S, is deermined as follows: (a) For every wo aciviies, a and a, if a S a in S, hen a ~ S a in ~ S. (b) For every wo aciviies, a and a il, of he compleion C(P i) of every process P i ha does no commi in S, if a i a il 2 C(P i), hen a ~ S a il in S. ~ (c) All aciviies of he compleion C(P i) of every process P i ha does no commi in S follow he P i original aciviies and mus precede C i in S. ~ (d) If a group abor A(P n1 ; : : : ; P ns ) 2 S, hen every pair of conicing aciviies of he compleions of hese processes, a 2 C(P i); a 2 C(P j) wih i; j 2 fn 1; : : : ; n sg; i 6= j, has o be ordered in S ~ (eiher a ~ S a or a ~ S a ). (e) Whenever a S A(P n1 ; : : : ; P ns ) S a and some aciviy a q of he compleion C(P q) of process P q 2 fp n1 ; : : : ; P ns g P S conics wih a (a ), hen i mus be rue ha a q ~ S a (a ~ S a q ). (f) Whenever A(: : : ; P i; : : :) S A(: : : ; P j; : : :) for some i 6= j, hen for all conicing aciviies a of he compleion of P i and a of he compleion of P j, a 2 C(P i) and a 2 C(P j), i mus be rue ha a ~ S a. 2 The following example presens how a given process schedule is compleed. Example 5 Consider again process schedule S 2 of example 4 wih P S2 = fp 1; P 2g as depiced in gure 4(a). When he compleed process schedule S ~ is deerminded a ime 2 where boh processes are acive, a group abor A(P 1; P 2) has o be added o S 2. The se of aciviies AS2 ~ of S2 ~ consiss of all aciviies of A S2 plus he aciviies fa?1 13 ; ar 15 ; ar 16 g of he compleion C(P 1) and fa r g of he compleion C(P2). 25 The order ~ S2 of S2 ~ is he union of S2 and f(a c ~ 13 S2 a?1 ~ 13 S2 a r 15 ~ S2 a r 16 ); ~ (ar 24 S2 a r 25 ); ~ (ar 15 S2 a r 25 )g. The compleed process schedule S2 ~ is depiced in gure 6(a). As no cyclic dependencies exis, he compleed process schedule S2 ~ is serializable. 2 3.4 Unied Theory for Processes Le in he radiional unied heory, reducibiliy provides a crierion for correc concurrency conrol and recovery once we have compleed a process schedule by making recoveryrelaed aciviies explici. The idea of he reducion of a compleed process schedule is o eliminae boh an aciviy and is compensaing aciviy if hey form an eec-free aciviy sequence as well as o eliminae aciviies of abored processes ha are hemselves eec-free. Also, consecuive aciviies may be commued if hey do no conic. More formally, Deniion 9 (Reducibiliy (RED)) A process schedule S = (P S; A S; S) is reducible (RED) if is compleed process schedule ~ S = ( ~ PS; ~ AS; ~ S) can be ransformed ino a serial process schedule ~ S = ( ~ PS; ~ AS; ~ S) by applying he following hree ransformaion rules niely many imes: 1. Commuaiviy Rule: If wo aciviies a ; a 2 ~ AS such ha a ~ S a and (a ; a ) commue and here is no oher aciviy a q 2 ~ AS wih a ~ S a q ~ S a, hen he ordering a ~ S a can be replaced by he ordering a ~ S a. 2. Compensaion Rule: If wo aciviies a ; a?1 2 AS ~ such ha a ~ S a?1 and here is no oher aciviy a 2 AS ~ wih a ~ S a ~ S a?1, hen ai k ; a?1 can be removed from S. ~ 3. Eec-free Aciviy Rule: If P i does no commi in S, hen all aciviies a ha are eec-free can be removed from S. ~ 2 Example 6 Considering again process schedule S 2 of example 4 and is compleed process schedule S2 ~ of example 5. When applying he reducion rules, only he wo consecuive aciviies and a?1 can be removed from S2 ~ in accordance 13 o he compensaion rule. The reduced process schedule S2 ~ shown in gure 6(b) is serializable as ~ S2 of S2 ~ conains aside of he iner-process orders of P 1 and P 2 only dependencies from process P 1 o process P 2. Therefore, process schedule S 2 is RED. 2 6

Example 7 Consider now process schedule S1 00 a ime 1 depiced in gure 7. When compleing S1 00, all pairs of con- icing aciviies will be in he same order and he applica- ~S 00 1 ion of he reducion rules leads o a serial process schedule. Therefore, process schedule S00 1 is RED. 2 P1 P2 S 00 a c a c 21 a c ac 21 Conic 1 a p 14 a r 15 Conic Figure 7: Prex-reducible execuion of processes P 1 and P 2 RED is no prex closed, which means, i canno be used for dynamic scheduling. In accordance o he radiional unied heory, he crierion can be furher resriced for his purpose leading o prex-reducibiliy where each prex of a process schedule has o be considered. More formally, Deniion 10 (Prex-Reducibiliy (PRED)) A process schedule S = (P S; A S; S) is prex-reducible (PRED) if every prex of S is reducible. 2 Example 8 Consider again process schedule S 2 of example 4 depiced in gure 4(a) and is prex S 1 a ime 1. In S 1, process P 2 is in F? REC while process P 1 is in B? REC. When compleing S 1, he previously execued aciviy a c of P1 has o be compensaed by a?1 while for P 2, he aciviies of he forward recovery pah have o be execued. By scheduling a?1, a conic cycle appears in ~S 1 (a c S ~ a c 1 21 S ~ a?1 ) ha canno be eliminaed 1 by he reducion rules as compensaion of a c is no available. Therefore, S 1 is no reducible and hus, S 2 is no 21 prex-reducible. The compleed process schedule S1 ~ of S 1 is depiced in gure 8. 2 a r 16 a r 25 Noe ha he above example is srongly inuenced by he fac ha aciviies wihou inverse do exis. Therefore, we have o consider no only compensaion for recovery purposes. If all inverses were available and he classical undo procedure of recovery could be applied, he prex S 1 of S 2 would be reducible. The compleion of S 1 would consider he compensaion of a 2 3 ; a2 2 ; a2 1, and a 1 1. Then, wih respec o he compensaion rule, all four aciviies and heir compensaion aciviy could be removed from S1 ~ leading o a reduced schedule S1 ~ consising only of C 1 and C 2. As reducion would be possible for all prexes of S 2 in his classical sense, S 2 would be in PRED. Therefore, when considering ransacional processes wih guaraneed erminaion propery, he order in which non-compensaable aciviies are execued is crucial as we will see in secion 3.5. Example 9 Taking again a look a process schedule S1 00 depiced in gure 7. I can be shown ha each prex S 00 0 of S00 1 wih 0 < 1 is reducible. Therefore, process schedule S1 00 is PRED. 2 However, scheduling can also bene from non-compensaable aciviies. They have he semanics of a \quasi commi" of a process, as for all aciviies a c of a process Pi preceding such a non-compensaable aciviy s i, compensaion can no longer be considered. Therefore, afer he commimen of s i, no cyclic conics can arise in he compleed process schedule by he compensaion aciviies a?1. This is shown in he following example. Example 10 Consider process schedule S wih processes P 1 and P 3 depiced in gure 9. Alhough aciviies a c and a c do conic, no conic cycle can appear by he compensaing aciviy a?1 a ime 1. As process process P1 is 31 already in F? REC, compensaion of a c is no available. Therefore, given ha no furher conics exis beween aciviies of P 3 and he aciviies of he forward recovery pah of P 1, he execuion depiced in gure 9 is correc wih respec o boh concurrency conrol and recovery. 2 P1 P3 a c Conic a c 31 a c 32 a c 33 a c 34 a p 14 a r 15 a r 16 S 1 S1 S a c ac 31 a c 32 a c 33 a c 34 1 a c a c 21 Compleion Figure 9: Correc inerleaving of processes exploiing he \quasi-commi" of non-compensaable aciviies ~ S1 ~ S1 ~S 1 a c a a r a c a c a p a?1 21 22 23 24 r 25 Figure 8: Compleed process schedule ~ S1 of S 1 3.5 Discussion of PRED of Compleed Process Schedules In he previous secions, we inroduced he formalism needed o dene prex-reducibiliy wih respec o ransacional processes having guaraneed erminaion propery. As our goal is o reason abou correc concurrency conrol and recovery, we have o prove ha each process schedule in PRED 7

is in fac boh serializable and recoverable. As we have o deal wih wo dieren saes of processes deermining he way recovery has o be performed, we have o adop he noion of recoverabiliy o he srucure of ransacional processes leading o he noion of process-recoverabiliy. More formally, Deniion (Process-Recoverabiliy (Proc-REC)) A process schedule S is process-recoverable (Proc-REC), if for each pair of conicing aciviies, a and a wih a S a 2 S he following holds: 1. C i precedes C j in S (C i S C j) 2. he nex non-compensaable aciviy a jm of P j following a succeeds in S he nex nex non-compensaable aciviy a in of P i following a (a in S a jm ). 2 Noe ha in he above deniion, he radiional case where no non-compensaable aciviies exis is conained as hen, by deniion.1, only an order beween C i and C j wih C i S C j has o be imposed. Theorem 1 If a process schedule S is PRED, hen S is boh serializable and process-recoverable. 2 The proof of heorem 1 is given in appendix A. In example 8, we have seen ha he order in which he sae-deermining elemens of conicing processes are execued is crucial as i deermines wha is o be done in case of recovery (eiher forward or backward). We now formalize and generalize his dependency. Lemma 1 For each process schedule S in PRED wih wo conicing aciviies a S a in S where process P i is acive, he following has o hold: 1. Each non-compensaable aciviy a jm of P j wih a j a jm has o succeed he commi C i of P i (C i S a jm ). 2. Aciviy a has o be compensaable (a c ). 2 The proof of lemma 1 is given in appendix B. In schedule S 1 of example 8 wih he pair of conicing aciviies (a c S 1 ac 21 ), ap is execued before 22 ap and 12 hus, P 2 is in F? REC while process P 1 is sill in B? REC leading o a conradicion of lemma 1.1 and a violaion of he PRED crierion. According o lemma 1, he commis of all non-compensaable aciviies of P j have o be deferred by he respecive subsysem unil process P i has commied (C i) if a conic beween some aciviy a and a wih a S a exiss in S. Afer P i has commied, all non-compensaable aciviies of P j are also allowed o commi as cyclic dependencies beween P i and P j can no longer appear. Thus, he commimen of all non-compensaable aciviies of P j has o be performed aomically by exploiing a wo phase commi proocol in order o ensure ha eiher all aciviies commi or none of hem. In he following, we analyze he implicaions, PRED has on he execuion of aciviies wihin he compleed process schedule. The following wo lemmas specify he resricions on he execuion of compensaing aciviies. Inuiively, all compensaing aciviies have o be in reverse order of he original aciviies. More formally: Lemma 2 For each process schedule S in PRED wih wo conicing aciviies a c and ac, if boh compensaing aciviies a?1 and a?1 are in he compleed process schedule ~ S, hen hey have o be in reverse order of he wo corresponding aciviies in S. 2 The proof of lemma 2 is given in appendix C. As we have o consider no only compensaing aciviies for recovery purposes, addiional resricions beween compensaing aciviies of C(P i) for some P i in sae B? REC and non-compensaable aciviies (a r ) of C(Pj) for some Pj in sae F? REC have o be considered. Lemma 3 For each process schedule S in PRED, if wo conicing aciviies a?1 2 C(Pi) and a non-compensaable aciviy a r 2 C(Pj) have o be execued when compleing S, hen a?1 has o precede ar in S ~ (a?1 S ~ ar ). 2 The proof of lemma 3 is given in appendix D. Coming back o he iniial CIM example presened in secion 2, we now have a formal crierion o classify he execuion depiced in gure 1 as incorrec because he PRED crierion does no hold. In order o guaranee correcness, he producion aciviy would have o be deferred unil he commimen of he consrucion process. Unle he radiional unied heory where only compensaion had o be considered for abored ransacions in he expanded schedule, here also new aciviies have o be scheduled when he compleed process schedule has o be buil. Thus, aside from already exising pairs of conicing processes (if some undo operaion is in conic wih an aciviy of anoher ransacion in he radiional model, a conic beween boh ransacions mus have been exised before compensaion has been performed), new conics beween processes may be inroduced. Therefore, unle in he radiional unied heory, he compleed process schedule S ~ has always o be considered when reasoning abou correcness of a process schedule for ransacional processes. In [AVA + 94], he crierion SOT (serializable wih ordered erminaion) has been inroduced in order o reason abou correc concurrency conrol and recovery of a schedule S wihou considering is expanded schedule S. ~ However, as he aciviies of he compleion of a process are no known in advance, a SOT-le crierion (ha relies only on informaion of a given schedule S) does no exis for ransacional processes. Arbirary conics can be inroduced o S ~ when non-compensaable aciviies of C(P i) of abored processes P i have o be considered. Therefore, when reasoning abou correc concurrency conrol and recovery of ransacional processes, he compleed process schedule S ~ has always o be considered o evaluae he PRED crierion. 3.6 Increasing Parallelism of Conicing Aciviies In he process model (deniion 5), we only allowed eiher sequenial execuion () of aciviies or unresriced parallelism. Also, in deniion 7 of a process schedule, we only considered a (srong) emporal order ( S) beween wo con- icing aciviies. In order o increase parallelism, he weak order aken from he composie sysems heory [ABFS97] could be applied wih respec o he hierarchical schedulers of he ype encounered when execuing ransacional processes on op of ransacional subsysems. In his conguraion, he oupu of he process scheduler is used as inpu o 8

several lower schedulers, he schedulers of he ransacional subsysems. Thus, his reecs he case of fork schedules described in [AFPS99]. While he srong order enforces sequenial execuion, i.e., an aciviy is invoked only afer he previous one has erminaed, he weak order beween wo aciviies is more permissive, meaning ha boh aciviies can be execued in parallel as long as he overall eec is he same as if hey would have been execued as specied by he srong order. The diereniaion beween srong and weak order can be made boh wihin processes (inra-process order) and wihin conicing aciviies of dieren processes (iner-process order). Then, all pairs of conicing aciviies have o be weakly ordered as indicaed by he composie ransacion model. The subsysem is hen responsible for keeping his weak order when execuing boh conicing aciviies in parallel. In order o ensure his weak order, a subsysem has, for insance, o provide a proocol supporing commi order serializabiliy [BBG89]. Then, he commi order can be derived from he weak order beween conicing aciviies. Oherwise (if he weak order is no suppored by he subsysem), as he weak order always conains he srong one, conicing aciviies have o be execued wih respec o a srong order. The re-invocaion of reriable aciviies now may lead o a special reamen of oher aciviies execued in parallel. Suppose wo aciviies a r and aj l, wih ar <S aj l, have o be execued wihin he same subsysem. If he local ransacion T corresponding o a r erminaes aboring afer some operaions of T have already been execued, hen, in general, he local ransacion T (which corresponds o aciviy a ) running in parallel o T (wih respec o he given weak order) has o be abored, oo. However, as his is no due o a failure of T, i mus no lead o an excepion of P j leading o an oher alernaive. Moreover, afer T is resared, T has o be resared wihin he subsysem, oo, hence guaraneeing compliance o he weak order beween boh ransacions. The inegraion of he composie sysems ideas ino he process model and he process schedule are described in deail in [SAS99]. 4 Conclusion This paper provides a framework o joinly reason abou correc concurrency conrol and recovery for ransacional processes in order o ensure boh a more general noion of aomiciy (guaraneed erminaion) by he exible handling of failures wih appropriae alernaive execuions and correc inerleavings of parallel processes. Unle oher approaches addressing only pars of his problem, we cover boh aomiciy and isolaion simulaneously and do concurrency conrol and recovery a he appropriae level, he scheduling of processes. Furhermore, wih he heory of composie sysems, we can ake ino accoun he ineracion beween hierarchical schedulers when execuing ransacional processes and increase parallelism by reaing hem according o he weak conic order. Wih PRED, we have provided a correcness crierion for ransacional processes based on he noion of compleed process schedules. We have addiionally shown ha, due o he srucure of ransacional processes, he SOT correcness crierion canno be applied. Because of he execuion of non-compensaable aciviies during he compleion of a process, reasoning abou process recovery becomes more complex han in he radiional case where only compensaion has o be applied. Therefore, he compleed process schedule has o be considered. Furhermore, we have idenied imporan prerequisies of PRED schedules ha have o be respeced due o he fac ha some aciviies migh be non-compensaable. Therefore, aside of he aomiciy of single aciviies and he compliance of orderings, he deferred commi of all non-compensaable aciviies and heir aomic commi by exploiing a wo phase commi proocol has o be provided by he subsysems. The framework esablished in his paper no only covers various applicaions such as workow managemen, process suppor sysems, and he provision of appropriae infrasrucures for elecronic commerce, virual enerprises, and he CIM scenario presened in secion 2, i is also compleely ransparen o he user. Wihin he Wise projec of ETH Zurich [AFH + 99], we have implemened a process scheduler for ransacional process managemen using a proocol which is based on he correcness crierion presened in his paper. This complemens he correcness checking of single processes wih respec o heir guaraneed erminaion propery which is also available wihin he Wise sysem. The wo ideas complee he eor o provide execuion guaranees for ransacional processes. Based on hem, we will in our fuure work expand he framework esablished in his paper o idenify ransacional execuion guaranees of subprocesses and o reason abou decoupled execuion guaranees of subprocesses. References [AAHD97] [ABFS97] [AFH + 99] [AFPS99] I. Arpinar, S. Arpinar, U. Halici, and A. Dogac. Correcness of Workows in he Presence of Concurrency. In Proceedings of he Nex Generaion Informaion Technologies and Sysems Conference (NGITS'97), Israel, June 1997. G. Alonso, S. Blo, A. Feler, and H.-J. Schek. Correcness and Parallelism in Composie Sysems. In Proceedings of he ACM Symposium on Principles of Daabase Sysems (PODS'97), Tucson, Arizona, May 12-15 1997. G. Alonso, U. Fiedler, C. Hagen, A. Lazcano, H. Schuld, and N. Weiler. WISE: Business o Business E-Commerce. In Proceedings of he 9 h Inernaional Workshop on Research Issues on Daa Engineering. Informaion Technology for Virual Enerprises (RIDE-VE'99), Sydney, Ausralia, March 1999. G. Alonso, A. Feler, G. Pardon, and H.-J. Schek. Transacions in Sack, Fork and Join Composie Sysems. In Proceedings of he 7 h Inernaional Conference on Daabase Theory (ICDT'99), Jerusalem, Israel, January 1999. [Alo97] G. Alonso. Processes + Transacions = Disribued Applicaions. In Proceedings of he High Performance Transacion Processing Workshop (HPTS'97), Asilomar, California, Sepember 1997. [AVA + 94] G. Alonso, R. Vingralek, D. Agrawal, Y. Breibar, A. El Abbadi, H.-J. Schek, and G. Weum. Unifying Concurrency Conrol and Recovery of Transacions. Informaion Sysems, 19(1):1{5, 1994. 9

[BBG89] [BHG87] C. Beeri, P.A. Bernsein, and N. Goodman. A model for concurrency in nesed ransacion sysems. Journal of he Associaion for Compuing Machinery, 36(2):230{269, April 1989. P. Bernsein, V. Hadzilacos, and N. Goodman. Concurrency Conrol and Recovery in Daabase Sysems. Addison-Wesley, 1987. [ELLR90] A. Elmagarmid, Y. Leu, W. Liwin, and M. Rusinkiewicz. A Mulidaabse Transacion Model for InerBase. In Proceedings of he 16 h VLDB Conference, pages 507{518, Brisbane, Ausralia, 1990. [Elm92] [GHKM94] [GHS95] A. Elmagarmid, edior. Daabase Transacion Models for Advanced Applicaions. Morgan Kaufmann, 1992. D. Georgakopoulos, M. Horn, P. Krychniak, and F. Manola. Specicaion and Managemen of Exended Transacions in a Programmable Transacion Environmen. In Proceeding of he 10 h Inernaional Conference on Daa Engineering (ICDE'94), pages 462{473, Houson, Texas, February 1994. D. Georgakopoulos, M. Hornick, and A. Sheh. An Overview of Workow Managemen: From Process Modeling o Workow Auomaion Infrasrucure. Disribued and Parallel Daabases, 3:9{153, 1995. [JK97] S. Jajodia and L. Kerschberg, ediors. Advanced Transacion Models and Archiecures. Kluwer Academic Publishers, 1997. [KR98] M. Kamah and K. Ramamriham. Failure Handling and Coordinaed Execuion of Concurren Workows. In Proceedings of he 14 h Inernaional Conference on Daa Engineering (ICDE'98), pages 334{341, Orlando, Florida, February 1998. [Ley95] F. Leymann. Supporing Business Transacions via Parial Backward Recovery in Work- ow Managemen Sysems. In Daenbanksyseme in Buro, Techn und Wissenschaf, pages 51{70, 1995. [MRSK92] S. Mehrora, R. Rasogi, A. Silberschaz, and H. Korh. A Transacion Model for Mulidaabase Sysems. In Proceedigs of he 12 h Inernaional Conference on Disribued Compuing Sysems (ICDCS'92), pages 56{63, Yokohama, Japan, June 1992. [NSSW94] M. Norrie, W. Schaad, H.-J. Schek, and M. Wunderli. CIM Through Daabase Coordinaion. In Proceedings of he Inernaional Conference on Daa and Knowledge Sysems, May 1994. [RSS97] [SAS99] A. Reuer, K. Schneider, and F. Schwenkreis. ConTracs Revisied, chaper 5. In: [JK97]. Kluwer Academic Publishers, 1997. H. Schuld, G. Alonso, and H.-J. Schek. Concurrency Conrol and Recovery for Transacional Processes. Technical repor, Deparmen [SST98] of Compuer Science, Swiss Federal Insiue of Technology Zurich, 1999. H. Schuld, H.-J. Schek, and M. Tresch. Coordinaion in CIM: Bringing Daabase Funcionaliy o Applicaion Sysems. In Proceedings of he 5 h European Concurren Engineering Conference (ECEC'98), Erlangen, Germany, April 1998. [SWY93] H.-J. Schek, G. Weum, and H. Ye. Towards a Unifying Theory of Concurrency Conrol and Recovery. In Proceedings of he ACM Symposium on Principles of Daabase Sysems (PODS'93), pages 300{3, June 1993. [VHYBS98] R. Vingralek, H. Hasse-Ye, Y. Breibar, and H.-J. Schek. Unifying concurrency conrol and recovery of ransacions wih semanically rich operaions. Theoreical Compuer Science, (190):363{396, 1998. [WR92] H. Wacher and A. Reuer. The ConTrac Model, chaper 7. In: [Elm92]. Morgan Kaufmann Publishers, 1992. [ZNBB94] A. Zhang, M. Nodine, B. Bhargava, and O. Bukhres. Ensuring Relaxed Aomiciy for Flexible Transacions in Mulidaabase Sysems. In Proceedings of he ACM SIGMOD Conference, pages 67{78, 1994. Appendix A Proof of Theorem 1 Serializabiliy: Assume ha process schedule S is no serializable. Then, a conic cycle has o exis of he form P i S P j S : : : S P i in he commied projecion of S. Therefore, his cycle also exiss in he compleed process schedule S. ~ Thus, i follows ha S canno be reducible and herefore also no PRED. Process-Recoverabiliy: Assume ha process schedule S is no process-recoverable. This can occur because one of he following four cases. In all hese cases, he nex non-compensaable aciviy of P i succeeding a is denoed by a in and a jm is he nex noncompensaable aciviy of P j succeeding a : Case 1: a S a S a in S a jm S C j S C i. Consider he prex S 0 of S ha excludes C i. The compleion C(P i) of P i may conain an aciviy of he forward recovery pah conicing wih any aciviy of process P j. As hese aciviies of C(P i) are no known in advance, new conics are possible leading o S no being in PRED. Case 2: a S a S a in S a jm S C j S A i. Consider he prex S 0 of S ha excludes A i. This prex is exacly he same as we considered in case 1. Thus, for he same reasons, a conradicion o he assumpion of S being PRED arises. Case 3: a S a S a in S a jm S A i S C j. Consider he compleed process schedule ~ S of S. The compleion C(P i) of P i may conain an aciviy of he forward recovery pah conicing wih 10

any aciviy of process P j. As hese aciviies of C(P i) are no known in advance, new conics wih non-compensaable aciviies of P j are possible leading o S no being in PRED. Case 4: a S a S a jm S a in. Consider he prex S 0 of S ha excludes a in. Then, if a is compensaable, he compensaion a?1 of a has o be execued in he compleed process schedule S ~ 0 of S 0. This leads o a conic cycle in S ~ 0 which canno be eliminaed as compensaion of a is no longer available and conradics wih he iniial assumpion of S being PRED. If a is no compensaable, hen aciviies of he compleion C(P i) of P i may exis ha inroduce cyclic conics ha canno be eliminaed. This also conradics wih he iniial assumpion. 2 B Proof of Lemma 1 Assume ha process schedule S is in PRED and ha in S, a pair of conicing aciviies a and a exiss wih a S a and ha process P i is acive. 1. Assume ha a non-compensaable aciviy a jm is execued before P i has erminaed. Then, if some aciviy a in of P i has o be execued which is in conic wih a jm, hey would have o be ordered in S as follows: a jm S a in leading o a conic cycle in S. This cycle canno be eliminaed as: (i) a jm is a non-compensaable aciviy (ii) a canno be compensaed as his would, in urn, inroduce anoher conic cycle in he compleed process schedule S ~ (a c S ~ aj l S ~ ajm ~S a?1 ) (iii) a canno be compensaed as i is followed by he non-compensaing aciviy a jm. Therefore, process schedule S is no in RED and hus no in PRED leading o a conradicion wih he iniial assumpion. 2. In his case, we have o diereniae wheher a is compensaable or non-compensaable. (i) Assume ha aciviy a is compensaable (a c ) while aciviy a is no compensaable (a p or a r ). Then, if he compensaion of ac has o be considered in he compleed process schedule S ~ (when process P i is in B? REC), a conic cycle by a c ~S a ~S a?1 appears. In his case, S is no in RED and also no in PRED leading o a conradicion wih he iniial assumpion. (ii) Assume ha boh aciviy a and aciviy a are no compensaable (hus, boh processes are in F? REC). As process P i is acive in S, furher non-compensaable aciviies a in may exis in he compleion C(P i) of P i. Assume furher ha a in is in conic wih a. Therefore, he order a ~S a in has o be imposed in he compleed process schedule S ~ of S. This leads o cyclic conics in S ~ (a ~S a ~S a in ) ha canno be eliminaed as all involved aciviies are non-compensaable. In his case, S is no in RED and also no in PRED which conradics wih he iniial assumpion. 2 C Proof of Lemma 2 Assume ha process schedule S is in PRED. Assume furher ha in he compleed process schedule S ~ he compensaing aciviies a?1 and a?1 are execued in he same order as he wo conicing aciviies a c and ac. Then, in S, ~ he following holds: a c S ~ ac S ~ a?1 S ~ a?1 leading o a conic cycle ha canno be eliminaed by one of he reducion rules. Therefore, S is no RED and hus also no PRED leading o a conradicion wih he iniial assumpion. 2 D Proof of Lemma 3 Suppose ha process schedule S is in PRED wih a c 2 S. Assume furher ha he wo conicing aciviies a?1 and he non-compensaable aciviy a r are ordered in he compleed process schedule S ~ as follows: a r S ~ a?1. As commuaiviy is assumed o be perfec, a compensaing aciviy has he same conics as is corresponding aciviy. Therefore, he conic cycle a c S ~ ar S ~ a?1 in S ~ exiss and canno be eliminaed by he reducion rules and leads o he conclusion ha S is no in RED and hus also no in PRED. This conradics wih he iniial assumpion. 2

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback