Proper way to ensure atomic model changes


#1

Hi!

Say we have a rails active-record-based model called “instance” which
can have different states - STOPPED, RUNNING, STARTING_UP,
SHUTTING_DOWN, etc…

There is a method #start which changes the instance state to
STARTING_UP only if it is STOPPED.

def start
if self.state == STOPPED
self.state = STARTING_UP
self.save

end
end

As you understand if we have multiple concurrent requests for #start,
there is a possibility of a race condition, where two or more
processes are running the if branch.

I want the #start request to be atomic, meaning that only one of the
concurrent processes can actually execute the if branch, others must
be waiting or get some kind of error.

Should the request be somehow wrapped into a DB transaction?

-Kirill


#2

On 19 May 2009, at 09:56, removed_email_address@domain.invalid wrote:

take a look at optimistic locking.

Fred


#3

On Tuesday 19 May 2009, removed_email_address@domain.invalid wrote:

self.save
be waiting or get some kind of error.

Should the request be somehow wrapped into a DB transaction?

Yes, that at any rate. However, don’t confuse transaction blocks with
multiple exclusion blocks. A transaction, by itself, doesn’t preclude
concurrent users/processes from reading and updating the same data. The
potential for conflict arises only through concurrent updates.

The race condition in your unadorned code results from a difference
between time of check (state == x) and time of change (state = …).
There are two strategies to avoid the resulting inconsistencies:

Optimistic locking, as Fred indicated in another reply. With optimistic
locking, you run headlong into the race condition, but when writing to
the database you ensure that it can only succeed if is based on
consistent data. On updating a record, ActiveRecord checks that the
updated_at timestamp of the record as currently stored is the same as
the timestamp when the object was read. An identical timestamp indicates
that there haven’t been any intervening updates.

Pessimistic locking is another way. You can either #lock! an object you
already have or #find(…, :lock => true) get a locked object to begin
with. Locking an object like this precludes any changes to the
corresponding database row until the locking transaction is either
committed or rolled back.

Rails gives you optimistic locking automatically for tables that have
the requisite timestamp columns (updated_at). Pessimistic locking you
have to do explicitly. As a guess, I’d say that pessimistic locking is
only worth your and the database’s effort if conflicts are likely.

At any rate, with both locking strategies you have to take into account
the possibility of a conflict. With optimistic locking, you get an
ActiveRecord::StaleObjectError exception in that case. I’m not sure
about pessimistic locking, but I guess you’ll get an indistinctive
ActiveRecord::StatementInvalid exception.

Michael


Michael S.
mailto:removed_email_address@domain.invalid
http://www.schuerig.de/michael/


#4

On May 19, 11:24 am, Michael S. removed_email_address@domain.invalid wrote:

Rails gives you optimistic locking automatically for tables that have
the requisite timestamp columns (updated_at). Pessimistic locking you
have to do explicitly. As a guess, I’d say that pessimistic locking is
only worth your and the database’s effort if conflicts are likely.

You mean lock_version (integer, default 0)

At any rate, with both locking strategies you have to take into account
the possibility of a conflict. With optimistic locking, you get an
ActiveRecord::StaleObjectError exception in that case. I’m not sure
about pessimistic locking, but I guess you’ll get an indistinctive
ActiveRecord::StatementInvalid exception.

If you hold a lock then anyone trying to update/select that row will
wait until you release your lock (or until they give up waiting).

Fred


#5

On Tuesday 19 May 2009, Frederick C. wrote:

On May 19, 11:24 am, Michael S. removed_email_address@domain.invalid wrote:

Rails gives you optimistic locking automatically for tables that
have the requisite timestamp columns (updated_at). Pessimistic
locking you have to do explicitly. As a guess, I’d say that
pessimistic locking is only worth your and the database’s effort if
conflicts are likely.

You mean lock_version (integer, default 0)

Yes, of course.

At any rate, with both locking strategies you have to take into
account the possibility of a conflict. With optimistic locking, you
get an ActiveRecord::StaleObjectError exception in that case. I’m
not sure about pessimistic locking, but I guess you’ll get an
indistinctive ActiveRecord::StatementInvalid exception.

If you hold a lock then anyone trying to update/select that row will
wait until you release your lock (or until they give up waiting).

And if they give up waiting that manifests itself in some kind of
error/exception that needs to be handled.

Locking out other readers (SELECT) through SELECT … FOR UPDATE is the
default locking mode used by ActiveRecord when :lock => true is used.
Nevertheless, the mode can be explicitly specified to allow concurrent
readers, but block writers.

PostgreSQL: :lock => ‘FOR SHARE’
MySQL: :lock => ‘LOCK IN SHARE MODE’

Michael


Michael S.
mailto:removed_email_address@domain.invalid
http://www.schuerig.de/michael/