Understanding what a snapshot is conceptually is only half the battle. The real engineering challenge lies in implementing snapshot isolation efficiently at scale—handling millions of transactions, maintaining millions of versions, and making visibility decisions in microseconds.

This page takes you inside the implementation of snapshot isolation (SI), revealing the data structures, algorithms, and engineering trade-offs that power databases like PostgreSQL, Oracle, MySQL InnoDB, and SQL Server. We'll examine how snapshots are established, how visibility is determined, how write conflicts are detected, and how the system maintains correctness under extreme concurrency.

The foundation of any SI implementation is a reliable mechanism for identifying and ordering transactions. This is achieved through Transaction IDs (XIDs or TXIDs), which serve as unique identifiers that also encode ordering information.

Requirements for Transaction IDs:

1. Uniqueness: No two concurrent transactions can share the same ID
2. Monotonicity: IDs must increase over time (newer transactions get higher IDs)
3. Efficiency: ID assignment must be fast (cannot be a bottleneck)
4. Persistence: Committed transaction IDs must survive crashes
5. Comparability: Must be able to efficiently compare IDs for ordering

PostgreSQL's XID System:

PostgreSQL uses 32-bit unsigned integers as transaction IDs. This creates an interesting challenge: with a maximum of ~4 billion IDs, a busy database could exhaust the ID space. PostgreSQL handles this through XID wraparound protection:

• XIDs are compared using modular arithmetic
• An XID $A$ is "older" than XID $B$ if $(B - A) < 2^{31}$
• The system prevents any transaction from being more than ~2 billion XIDs old
• VACUUM FREEZE converts old XIDs to a special "frozen" state

Oracle's SCN System:

Oracle uses System Change Numbers (SCNs) instead of simple transaction IDs. SCNs are 48-bit values that combine:

• A time-based component (loosely correlated with wall-clock time)
• A sequence component (for ordering within the same time period)

Advantages of SCNs:

• Larger space (281 trillion values) eliminates wraparound concerns
• Can be correlated with real time for flashback queries
• Distributed-system friendly (nodes can coordinate SCN ranges)

MySQL InnoDB's Transaction System:

InnoDB uses 48-bit transaction IDs stored in the transaction header. It maintains:

• A global transaction ID counter in shared memory
• Per-transaction structures linking to undo logs
• A read view (snapshot) structure for each reading transaction

When a transaction establishes its snapshot, it must capture enough information to determine visibility of any data version it might later read. This requires carefully designed data structures that are compact (memory-efficient) yet complete (can answer any visibility question).

PostgreSQL's SnapshotData Structure:

PostgreSQL's snapshot contains three critical pieces of information:

1. xmin: The lowest XID that was active when the snapshot was taken. All XIDs < xmin are definitely committed (or aborted) and can use fast-path visibility checks.

2. xmax: The first XID that had not yet been assigned when the snapshot was taken. All XIDs >= xmax are definitely invisible (started after our snapshot).

3. xip[] (XID In Progress): An array of XIDs that were active at snapshot time, where xmin <= XID < xmax. These transactions' changes are invisible even if they commit later.

Visibility Check Algorithm:

With the snapshot structure in place, visibility checks follow this algorithm:

IS_VISIBLE(tuple_xid, snapshot):
    if tuple_xid < snapshot.xmin:
        return COMMITTED_AND_VISIBLE  // Old, definitely committed
    
    if tuple_xid >= snapshot.xmax:
        return INVISIBLE  // Started after our snapshot
    
    if tuple_xid IN snapshot.xip:
        return INVISIBLE  // Was running when we took snapshot
    
    // In range [xmin, xmax) but not in xip
    // Need to check if committed
    return CHECK_CLOG(tuple_xid)

The CLOG (Commit Log) stores the commit status of each transaction: committed, aborted, or in-progress. It's a compact bitmap with 2 bits per transaction ID.

MVCC requires storing multiple versions of data. Different databases take fundamentally different approaches to how and where these versions are stored, each with distinct performance characteristics.

Strategy 1: Append-Only / Tuple Versioning (PostgreSQL)

PostgreSQL stores all versions directly in the main table (heap). When a row is updated:

1. The old tuple is marked as "dead" (xmax set to updating transaction)
2. A new tuple is created with the new values
3. Both tuples exist in the table until VACUUM removes the old one
4. Indexes point to all tuple versions

Advantages:

• Updates are fast (just insert new version)
• No separate undo log to manage
• Simple crash recovery

Disadvantages:

• Table bloat (dead tuples accumulate)
• Index bloat (entries for all versions)
• VACUUM overhead required
• Full row copy even for small updates

Strategy 2: Undo Log Versioning (Oracle, MySQL InnoDB)

Oracle and InnoDB store only the current version in the main table. Previous versions are reconstructed from undo logs (rollback segments):

1. Main table always contains the latest committed (or in-progress) version
2. Before modifying a row, the old values are written to undo log
3. To read an old version, start from current and apply undo records backward
4. Undo logs are automatically purged when no longer needed

Advantages:

• Main table stays compact (only current data)
• Indexes point only to current tuples
• No separate vacuum process needed
• Space-efficient for small updates

Disadvantages:

• Version reconstruction has CPU cost
• Long transactions hold undo space
• Complex undo log management
• "ORA-01555: Snapshot too old" if undo is recycled

While snapshots elegantly handle read operations, writes require additional conflict detection to prevent lost updates. Snapshot isolation implements the First-Committer-Wins (FCW) rule:

The Problem:

Two transactions T1 and T2 both read the same row, make decisions based on that read, and attempt to write. Without conflict detection, one write could overwrite the other—a lost update.

The FCW Solution:

When a transaction attempts to write a row, it checks if the row has been modified by any transaction that committed after the writing transaction's snapshot was taken. If so, the write is rejected (the transaction must abort).

Formal Definition:

Transaction $T_i$ can write data item $x$ only if no other transaction $T_j$ has modified and committed $x$ where:

• $T_j$'s commit timestamp > $T_i$'s snapshot timestamp
• $T_j eq T_i$

Conflict Detection Scenarios:

Scenario 1: No Conflict

T1 begins (snapshot at 100), reads row X
T1 writes X
T1 commits at 200
-- T1 succeeds: no concurrent modifier

Scenario 2: Concurrent Write, First Committer Wins

T1 begins (snapshot at 100), reads row X
T2 begins (snapshot at 110), reads row X
T1 writes X, commits at 200
T2 attempts to write X
-- T2 finds X was modified after its snapshot (by T1 at 200 > 110)
-- T2 ABORTS with serialization failure

Scenario 3: Non-Conflicting Concurrent Writes

T1 begins (snapshot at 100), reads row X
T2 begins (snapshot at 110), reads row Y
T1 writes X, commits
T2 writes Y, commits
-- Both succeed: writing different rows

When a transaction under snapshot isolation commits, several things must happen atomically to ensure durability and visibility consistency.

Commit Steps:

1. Final Conflict Check

Before committing, perform a final verification that no conflicts emerged during the transaction (some systems do this incrementally during writes, others do a final pass).

2. Assign Commit Timestamp

Obtain a commit timestamp from the global counter. This timestamp determines when this transaction's changes become visible to future snapshots.

3. Write Commit Record to Log (WAL)

Write a commit record to the write-ahead log. This must be flushed to stable storage before the commit can be acknowledged.

4. Update Transaction Status

Mark the transaction as committed in the commit log (CLOG in PostgreSQL, undo header in Oracle/InnoDB). This makes the transaction's status quickly queryable.

5. Make Changes Visible

After commit, the transaction's modifications are visible to any snapshot taken after the commit timestamp.

PostgreSQL's Commit Sequence:

PostgreSQL's actual commit process involves:

1. RecordTransactionCommit(): Writes the commit record to WAL
2. XactLogCommitRecord(): Logs detailed commit information
3. SyncRepWaitForLSN(): Waits for synchronous replication if configured
4. TransactionIdCommitTree(): Marks XID as committed in CLOG
5. ProcArrayEndTransaction(): Removes XID from running transaction array
6. ResourceOwnerRelease(): Releases resources (locks, files, memory)

Visibility Latency:

There's a brief window between WAL flush and ProcArray update where:

• The transaction is durably committed
• But other transactions may not yet see it as committed

This is handled by careful ordering and the visibility rules checking both CLOG status and the running transaction array.

MVCC creates multiple versions, but not all versions need to be kept forever. Once no active snapshot can possibly need an old version, it can be safely removed. This is the job of garbage collection (called VACUUM in PostgreSQL, undo purge in Oracle/InnoDB).

The Horizon Concept:

The oldest active snapshot determines the garbage collection horizon. Any version that was superseded before this horizon is safe to remove because no current or future transaction can see it.

$$\text{GC Horizon} = \min(\text{xmin of all active snapshots})$$

Versions created by transactions with XIDs less than this horizon AND subsequently replaced by newer versions can be reclaimed.

PostgreSQL VACUUM:

VACUUM in PostgreSQL performs several tasks:

1. Remove dead tuples: Tuples whose xmax indicates deletion/update by a committed transaction older than all active snapshots
2. Freeze old tuples: Convert very old XIDs to FrozenTransactionId to prevent wraparound
3. Update visibility map: Track pages where all tuples are visible to all transactions
4. Update free space map: Track available space for new tuples
5. Truncate trailing empty pages: Reclaim disk space from the end of tables

Autovacuum runs automatically based on table modification statistics, but heavily-updated tables may need manual tuning.

Each major database implements snapshot isolation with unique engineering choices. Understanding these differences helps when designing applications or troubleshooting performance issues.

PostgreSQL Specifics:

• Uses tuple-level xmin/xmax headers for visibility
• REPEATABLE READ is implemented as snapshot isolation
• SERIALIZABLE adds SSI (Serializable Snapshot Isolation) checking
• HOT updates allow same-page updates to avoid index maintenance
• Index-only scans require visibility map confirmation

Oracle Specifics:

• READ COMMITTED actually uses statement-level snapshots
• SERIALIZABLE uses transaction-level snapshots (closer to SI)
• Consistent reads reconstruct from undo automatically
• ORA-01555 occurs when undo is overwritten before snapshot completes
• ITL (Interested Transaction List) tracks row-level lock holders

MySQL InnoDB Specifics:

• REPEATABLE READ is the default and uses snapshots
• Read View captures active transactions at snapshot time
• Secondary indexes may need version visibility checks
• Purge lag can be monitored with SHOW ENGINE INNODB STATUS
• Gap locking prevents phantoms (beyond standard SI guarantees)

Implementing snapshot isolation requires careful coordination of transaction identifiers, version management, visibility rules, conflict detection, and garbage collection. Understanding these mechanisms is essential for effective database tuning and application design.

What's Next:

The next page explores the Write Skew Anomaly—the signature problem that snapshot isolation cannot prevent. Understanding write skew is critical for designing correct applications and knowing when stronger isolation levels are needed.