|Relational databases, like Microsoft's SQL Server, use locks to prevent multiple users from making conflicting modifications to a set of data. When a set of data is locked by a user, no other users can modify that same set of data until the first user finishes modifying the data and relinquishes the lock. There are exceptions, but let's not go there. |
Some databases, SQL Server included, use locks to prevent users from seeing uncommitted modifications. In these systems if UserA is modifying some set of data, then UserB and all the rest of the users must wait until UserA is done modifying that data before they can even get a shot at reading the data, let alone modifying it.
Databases place locks at all levels of their physical hierarchies: rows, pages (typically a few KB of rows), extents (typically a few pages), entire tables, and entire databases. Some databases (Oracle, others?) only use fine-grained row locks, others don't do row locks at all and only allow rough-grained page, extent, table, and database locks. Most databases, SQL Server included, support row locking, but often use rough-grained locks. This is because lock management is a royal pain. Locks aren't small or simple entities, so if you only do row-level locking, you can get yourself into a world of pain: a million-row update can easily swamp memory and be a bear to manage.
Lock Contention Described
Databases that don't do just row-level locking often use a technique called lock escalation to achieve better performance. Unless its clear from the outset that a whole table will be modified, these databases start off using row locks, and they make plans to trade these locks in for rough-grained locks later if too many rows are modified.
Unfortunately, lock escalation introduces and amplifies a whole new problem: deadlocks. If two users try to modify semantically-unrelated but physically-near data in two separate tables in reverse order, both users will start off with row locks, then try to upgrade them to page locks, and the situation will be that each user wants something the other user has, so they're stuck. This is called a deadlock.
UserA modifies some rows in TableA, causing a page lock affecting not just the rows UserA modified, but many others
UserB modifies some rows in TableB, causing a page lock affecting not just the rows UserA modified, but many others
UserA wants to modify some rows that UserB has locked (but not modified) in TableB
UserB wants to modify, or maybe just access, some rows that UserA has locked (but not modified) in TableA
Something's gotta give. To deal with this problem, the database occasionally looks for deadlocks, and kills off one of the transactions so the other can finish. It usually kills the one that's made the least modifications so that it minimizes the cost of rolling back changes. Databases that use only row-level locking almost never have this problem because two users rarely want to modify the exact same row, and even more rarely do they attain locks in the perfectly poor order needed to cause a deadlock.
Also, databases like this use lock timeouts to prevent users from waiting too long for a lock. Query timeouts also factor in here. You can write code to retry queries that time out, but this only automates database congestion. Any timeout that is often reached will only serve to worsen the user experience. Things simply should not take that long.
In practice and under high load, SQL Server's locking system, which is based on lock escalation, does not perform well. Why? Lock contention. Lock contention is the problems of deadlocks and waiting for locks. In a system in which many users are modifying the database at once, and many more users are trying to access the database concurrently, the locks are flying, users spend a lot of time waiting to attain locks, deadlocks are frequent, and users are far from happy.
Granted, if you've only got a few occasional users, you won't have much trouble with SQL Server's out-of-the-box behavior. You'll be hard pressed to see these problems with simple in-the-office tests or deployments involving just a few users. But throw a couple hundred concurrent users at your database and a constant stream of INSERTS and UPDATES with quite a few DELETEs sprinkled in, and you'll start reading Oracle literature and eyeing your war chest. However, I've got a solution for you that will only cost you a code review, a few minor tweaks, and a system test. You do have a system test procedure in place, right?
Lock Contention Solved
If you visited the website Streamload.com at all during June, July, and August of this year, you probably got a "You were the deadlock loser" error, or a "Lock timeout" error, or an "Object required" error. These were all caused by lock contention. After scouring the documentation and talking to a few people, I learned what I have summarized above and will say again here:
SQL Server starts with row-level locks, but often escalates these to page and table locks, causing deadlocks.
SQL Server requires locks for reading from the database (SELECTs), so even folks not trying to modify the database are affected by the lock system. Fortunately, I stumbled across some obscure keywords from the SQL Server lexicon: NOLOCK and ROWLOCK.
They are used like this:
Using NOLOCK politely asks SQL Server to ignore locks and read directly from the tables. This means you completely circumvent the lock system, which is a major performance and scalability improvement. However, you also completely circumvent the lock system, which means your code is living dangerously. You might read the not-necessarily-valid uncommitted modifications of a running transaction. This is a calculated risk.
For financial code and denormalized aggregates (those little counters of related data that you stash away and try desperately to keep accurate), you should play it safe and not use this technique. But I think you'll find that for better than 90% of your application, it would not be that big of a deal if a user (or even intermediate code) saw an uncommitted modification. In fact, you'll probably find that most of your data never or only very rarely changes, in which case the overhead of locking the data is almost always completely wasted.
For example, if I want to count all users that joined Streamload.com between June 1 and August 31 of Y2K, there's no reason for me to lock anything: that number was cast in stone the moment September 1, 2000 rolled around. Another example is the file listings you see on Streamload.com: it doesn't much matter if you don't see the exact perfect data, since either you don't own the data and it doesn't much matter what you see, or you do own the data and you know perfectly well whether you just modified the data or not and whether new files have finished uploading.
Just don't use this type of data as the basis for modifications to the database, and don't use it when it's really important that the user not see the wrong thing (an account statement or balance, for instance).
Using ROWLOCK politely asks SQL Server to only use row-level locks. You can use this in SELECT, UPDATE, and DELETE statements, but I only use it in UPDATE and DELETE statements. You'd think that an UPDATE in which you specify the primary key would always cause a row lock, but when SQL Server gets a batch with a bunch of these, and some of them happen to be in the same page (depending on this situation, this can be quite likely, e.g. updating all files in a folder, files which were created at pretty much the same time), you'll see page locks, and bad things will happen. And if you don't specify a primary key for an UPDATE or DELETE, there's no reason the database wouldn't assume that a lot won't be affected, so it probably goes right to page locks, and bad things happen.
By specifically requesting row-level locks, these problems are avoided. However, be aware that if you are wrong and lots of rows are affected, either the database will take the initiative and escalate to page locks, or you'll have a whole army of row locks filling your server's memory and bogging down processing. One thing to be particularly aware of is the "Management/Current Activity" folder with Enterprise Manager. It takes a long time to load information about a lot of locks. The information is valuable, and this technique is very helpful, but don't be surprised if you see hundreds of locks in the "Locks/Processes" folder after employing this technique. Just be glad you don't have lock timeouts or deadlocks.
I get the sense that SQL Server honors NOLOCK requests religiously, but is more discretional with ROWLOCK requests. You can only use NOLOCK in SELECT statements. This includes inner queries, and the SELECT clause of the INSERT statement. You can and should use NOLOCK in joins, for example:
|Results of Implementing NOLOCK and ROWLOCK|
It's difficult to quantify the performance gain had by applying these techniques to Streamload.com, and it is impossible to speculate as to the effects this would have on your website. Before we did it, the site was slow, often unusable, and always unreliable. After we did it, the site was fast, usable, and reliable. Truly, it was a night and day improvement. And you won't find this if you go searching through the documentation for help with lock contention. The docs recommend rewriting your app so that tables are referenced - and hence, locks are attained - in the same order throughout (yeah, right!), keeping transactions short and in one batch (a good idea, but in practice "yeah, right!"), use a low isolation level (also a good idea: NOLOCK takes this to an extreme), and use bound connections to allow processes to (share locks and) cooperate (sounds like a very complicated bad idea). I don't get the sense the consultants of the world are aware of (or comfortable with?) this technique either. But you heard it here, and it's worked great for Streamload.com. If you're having lock contention problems with SQL Server, it could work for your site, too.
Use these techniques with caution and discretion. The way I approached it was to look at all my stored procedures and ad hoc queries, and based on my understanding of where and how they were used, I decided whether it would be acceptable for the caller or user to get possibly incorrect results for NOLOCK, and whether it was likely that more than a few dozen rows would be locked with ROWLOCK. In almost all cases it was fine, but maybe for your code you should be more careful. You might need to produce separate procedures based on whether or to lock, and how to lock. There are other incantations (PAGLOCK, TABLOCK) which you might want to use when you know the UPDATE or DELETE query will affect many rows.