Inferensys

Glossary

Cache Stampede

A cascading failure mode where a popular cache entry expires, causing a flood of concurrent requests to simultaneously hit the backend database and potentially overload it.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
CASCADING FAILURE MODE

What is Cache Stampede?

A cache stampede is a cascading failure mode triggered when a popular cache entry expires, causing a flood of concurrent requests to simultaneously bypass the cache and overwhelm the backend database.

A cache stampede occurs when a highly requested cached item expires. Multiple concurrent client requests, all experiencing a cache miss, simultaneously query the backend origin to regenerate the value. This sudden spike in traffic can saturate database connections and CPU, potentially causing a cascading failure of the entire retrieval pipeline. The phenomenon is also known as a dog-piling effect or a thundering herd problem at the cache layer.

Mitigation strategies focus on preventing concurrent regeneration. External recomputation uses a separate process to refresh the cache before expiration. Probabilistic early expiration allows a random subset of requests to fetch a new value slightly before the TTL lapses. The most robust solution is request coalescing via a mutex lock, where only the first request computes the value while all other concurrent requests wait for the lock to release and then read the newly populated cache entry.

CACHE RESILIENCE

Cache Stampede Mitigation Strategies

A cache stampede occurs when a popular cache entry expires, causing a flood of concurrent requests to simultaneously hit the backend database. These strategies prevent cascading failure by coordinating cache repopulation.

01

Probabilistic Early Expiration

Instead of a fixed TTL, each request computes a random probability of refreshing the cache as the expiry time approaches. This spreads out the refresh load over a time window.

  • Mechanism: At read time, if current_time > TTL - (TTL * beta * random(0,1)), trigger a background recomputation.
  • Key Parameter: beta controls the width of the recomputation window.
  • Advantage: No external coordination service required; implemented entirely in the cache client.
02

External Locking (Mutex)

The first request that detects a cache miss acquires a distributed lock before querying the backend. All other concurrent requests wait on the lock and then read the freshly populated value.

  • Implementation: Typically uses Redis (SETNX), etcd, or ZooKeeper.
  • Critical Detail: Lock must have a TTL to prevent deadlock if the populating process crashes.
  • Trade-off: Adds latency for waiting requests but completely eliminates duplicate backend work.
03

Stale-While-Revalidate

Serve the expired (stale) cache entry immediately to all requestors while asynchronously triggering a single background refresh. Users never experience the cache miss latency.

  • HTTP Context: Standardized via the Cache-Control: stale-while-revalidate=30 directive.
  • Application Context: Cache libraries return the expired object and spawn a single thread to update it.
  • Key Benefit: Eliminates latency spikes for end-users during cache expiry events.
04

Cache Warming Pipelines

Proactively pre-load the cache with anticipated hot keys before they are requested, often triggered by deployment or known traffic patterns.

  • Process: A script or CI/CD step iterates through a manifest of critical keys and populates the cache immediately after a flush or deploy.
  • Use Case: Essential for Time-To-First-Token (TTFT) optimization in RAG systems where embedding caches must be hot.
  • Risk: Warming incorrect keys wastes memory and can evict genuinely useful data.
05

Dogpile Prevention via Request Coalescing

Identical concurrent requests for the same key are collapsed into a single backend call. The result is then fanned out to all waiting callers.

  • Implementation: A request map tracks in-flight fetches. If a fetch for key K is already in progress, subsequent requests subscribe to the same future/promise.
  • Contrast with Locking: No distributed lock infrastructure needed; works within a single service instance.
  • Library Support: Built into many HTTP client libraries and frameworks like Django's cache framework.
06

Hard Expiry with Soft TTL

Maintain two expiry timestamps: a soft TTL for triggering background refresh and a hard TTL for actual eviction. The soft TTL is set shorter to create a refresh buffer.

  • Example: Soft TTL = 50s, Hard TTL = 60s. At 50s, a single thread refreshes the value while others continue reading the old value until 60s.
  • Failure Mode: If the background refresh fails, the hard TTL eventually evicts the key, causing a miss.
  • Mitigation: Combine with stale-while-revalidate to serve the hard-expired value as a last resort.
CACHE STAMPEDE

Frequently Asked Questions

A cache stampede is a cascading failure mode triggered when a highly popular cached item expires, causing a flood of concurrent requests to simultaneously overwhelm the backend database. Explore the mechanics, causes, and mitigation strategies for this critical distributed systems hazard.

A cache stampede is a cascading failure mode in distributed systems where a popular cache entry expires, causing a flood of concurrent requests to simultaneously hit the backend database or origin service. This phenomenon, also known as a dog-piling or thundering herd problem at the cache layer, occurs when a high-traffic data object—such as a viral social media post or a product inventory count—reaches its Time-To-Live (TTL).

The Failure Cascade

  1. Expiration: A hot key's TTL expires, and the cache evicts the entry.
  2. Concurrent Miss: Hundreds or thousands of concurrent user requests arrive and all register a cache miss.
  3. Origin Stampede: Every single request thread independently attempts to regenerate the value by querying the database.
  4. Overload: The database, unable to handle the sudden spike of identical, expensive queries, saturates its CPU or connection pool, causing timeouts.
  5. Propagation: The database failure cascades back to the application servers, resulting in a complete system outage.

This is distinct from a simple cache miss because the concurrency of the regeneration requests is the destructive force, not just the absence of data.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.