Transactional Rollback for Language-based Systems

Algis Rudys
Dan S. Wallach
Language run-time systems are routinely used to host potentially buggy or malicious codelets - software modules, agents, applets, etc. - in a secure environment. A number of techniques exist for managing access control to system services and even for terminating codelets once they've been determined to be misbehaving. However, because codelets can be terminated anywhere in their execution, a codelet's internal state might become inconsistent; restarting the codelet could result in unexpected behavior. Any state the codelet shares with other codelets may likewise become inconsistent, destabilizing those codelets as well. To address these problems, we have designed a mechanism, strictly using code-to-code transformations, which provides transactional rollback support for codelets. Each instance of a codelet is run in its own transaction, and standard (ACID) transactional semantics apply. All changes made by the codelet are automatically rolled back when the corresponding transaction aborts. We discuss a transactional rollback implementation for Java, and present its performance.
The 2002 International Conference on Dependable Systems and Networks (DSN-2002), Washington, D.C., June 2002.
PostScript (904 kbytes)
PDF (77 kbytes)

Dan Wallach, CS Department, Rice University
Last modified: Mon 10-Feb-2003 15:41