Extended Serial Safety Net: A Refined Serializability Criterion for Multiversion Concurrency Control

TL;DR

ESSN generalizes traditional serializability checks by framing correctness as a multiversion serialization graph problem parameterized by a visible version function (VF), a per-item version order (VO), and a known total order (KTO). It introduces a single, commit-time exclusion test that uses forward-propagated bounds (xi) to avoid false aborts that plagued SSN, while preserving multiversion serializability. The approach is DSG-based with previous-edge-only maintenance, incurring linear commit-time work and no chain traversal, and it strictly subsumes SSN, offering substantial gains for long/short mixed workloads, especially under commit-ordered KTO. Experimental results show meaningful reductions in long-transaction aborts (up to about 50% relative) when using ESSN with commit-ordered KTO and begin-snapshot reads, confirming its practical impact for modern MVCC systems.

Abstract

A long line of concurrency-control (CC) protocols argues correctness via a single serialization point (begin or commit), an assumption that is incompatible with snapshot isolation (SI), where read-write anti-dependencies arise. Serial Safety Net (SSN) offers a lightweight commit-time test but is conservative and effectively anchored on commit time as the sole point. We present ESSN, a principled generalization of SSN that relaxes the exclusion condition to allow more transactions to commit safely, and we prove that this preserves multiversion serializability (MVSR) and that it strictly subsumes SSN. ESSN states an MVSG (Multiversion Serialization Graph)-based criterion and introduces a known total order over transactions (KTO; e.g., begin-ordered or commit-ordered) for reasoning about the graph's serializability. With a single commit-time check under invariant-based semantics, ESSN's exclusion condition preserves monotonicity along per-item version chains, and eliminates chain traversal. The protocol is Direct Serialization Graph (DSG)-based with commit-time work linear in the number of reads and writes, matching SSN's per-version footprint. We also make mixed workloads explicit by defining a Long transaction via strict interval containment of Short transactions, and we evaluate ESSN on reproducible workloads. Under a commit-ordered KTO, using begin-snapshot reads reduces the long-transaction abort rate by up to approximately 0.25 absolute (about 50% relative) compared with SSN.

Figures (7)

• Figure 1: Schedule $M_1$ with long-lived $t_3$ and $t_4$. SSN aborts $t_4$ due to a back-edge to $t_2$ and a forward-edge from $t_3$, whereas ESSN relaxes the exclusion condition via forward propagation and commits $t_4$.
• Figure 2: MVSG for schedule $M_1$. Transaction $t_2$ generates a back-edge from $t_4$ through anti-dependencies (rw-edges), while $t_3$ creates a forward-edge. SSN aborts $t_4$ due to the exclusion condition, although the overall MVSG is acyclic. ESSN, in contrast, allows $t_4$ to commit by propagating metadata through the forward-edge.
• Figure 3: MVSG for Example 2. SSN aborts $t_4$ due to $\pi(t_4)\le \eta(t_4)$, whereas ESSN sets$\xi(t_4)$ to $\pi(t_3)$ via the forward-edge $t_3\xrightarrow{f}t_4$ and allows $t_4$ to commit when $\pi(t_4)>\xi(t_4)$.
• Figure 4: MVSG with an additional forward-edge from $t_2$ to $t_3$.
• Figure 5: Illustration of dependency classification under commit-ordered KTO with the RF policy as_of_read_commit. The relative commit position of short transactions determines whether the edge between the long transaction $t_{long}$ and the short transaction becomes a forward-edge ($t_{s2}$, $t_{s3}$) or a back-edge ($t_{s1}$, $t_{s4}$).

Theorems & Definitions (28)

• Lemma 1: SSI dangerous structure
• Lemma 2: SSN requires two rw edges
• proof
• Lemma 3: The last node commits first
• proof
• Lemma 4: SSN subsumes SSI
• proof
• Remark 1: The converse does not hold
• Lemma 5
• proof