O conteudo � do presente relat�orio �e de unica� resp onsabilidade do�s� autor�es��
The contents of this rep ort are the sole resp onsibility of the author�s��
An Overview of MOLDS� A Meta�Ob ject
Library for Distributed Systems
Alexandre Oliva Luiz Eduardo Buzato
Relat�orio T�ecnico IC������
Abril de ����
An Overview of MOLDS�
A Meta�Ob ject Library for Distributed Systems
Alexandre Oliva Luiz Eduardo Buzato
oliva�dcc�unicamp�br buzato�dcc�unicamp�br
Lab orat�orio de Sistemas Distribu��dos
Instituto de Computa�c�ao
Universidade Estadual de Campinas
April ����
Abstract
This pap er presents a library of meta�ob jects suitable for developing distributed systems� The re�exive
architecture of Guaran�a makes it p ossible for these meta�ob jects to b e easily combined in order to form
complex� dynamically recon�gurable meta�level b ehavior� We brie�y describ e the implementation of
�
Guaran�a on Java � Then� we explain how several meta�level services� such as p ersistence� distribution�
replication and atomicity� can b e implemented in a transparent and �exible way�
Resumo
Este artigo apresenta uma biblioteca de meta�ob jetos adequada para o desenvolvimento de sistemas
distribu��dos� A arquitetura re�exiva Guaran�a torna p oss��vel que esses meta�ob jetos sejam facilmente
combinados� a �m de desemp enhar comp ortamento de meta�n��vel complexo e recon�gur�avel dinamica�
TM
mente� Descreve�se sucintamente a implementa�c�ao de Guaran�a em Java � Em seguida� explica�se
como v�arios servi�cos de meta�n��vel� como p ersist�encia� distribui�c�ao� replica�c�ao e atomicidade� p o dem ser
implementados de forma transparente e �ex��vel�
Keywords� Re�ection� Distributed Ob jects� Persistence� Replication� Atomic Actions�
�
Java is a trademark of Sun Microsystems� Inc� �
� Intro duction A meta�ob ject may reply with a result for the
op eration� an alternate op eration� to b e p erformed
Computational re�ection ���� ��� �henceforth just re�
instead of the one requested by the base�level� or a
�ection� has proven to b e a useful feature for build�
request for the original op eration to b e p erformed�
ing distributed systems in a transparent way ��� ��
Unless it provides a result itself� it may ask to b e
�� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ��� ����
presented the result of the op eration after it is p er�
Guaran�a ���� is a re�exive architecture that aims
formed� or even to b e able to mo dify this result�
at reuse of re�exive solutions� It provides sim�
Any meta�ob ject is an instance of the class
ple mechanisms for combining multiple meta�ob jects
MetaObject� that is a Java class just like any other�
into the meta�level con�guration of a single ob ject�
Hence� its instances may b e made re�exive to o� by as�
These meta�ob jects may implement meta�level re�
so ciating them with other meta�ob jects� which leads
quirements� such as distribution� p ersistence� repli�
to the so�called p otentially in�nite tower of meta�
cation� atomicity� etc�
ob jects ����� This class may b e sp ecialized �sub�
This pap er is organized as follows� In Section ��
classed�� which leads to one of the key concepts intro�
we brie�y describ e our implementation of the re�
duced by Guaran�a� a sub class of MetaObject called
�exive architecture of Guaran�a on top of a mo di�
Comp oser�
�ed freely�available Java Virtual Machine� Then� we
A comp oser is a meta�ob ject that delegates op er�
intro duce MOLDS� a library of meta�ob jects that
ations and results to other meta�ob jects� Comp osers
provide essential features for developing reliable dis�
may delegate to meta�ob jects sequentially� or concur�
tributed systems� Finally� in Section �� we summarize
rently� or following whatever p olicy �ts the needs of
the b ene�ts of designing a library such as MOLDS in
a develop er� A sample comp oser is provided that
a re�exive architecture like Guaran�a� and describ e
delegates op erations to the elements of an array of
the current state of development of b oth Guaran�a
meta�ob jects� and delegates results to the same meta�
and MOLDS�
ob jects in the reverse order�
Some of the delegatee meta�ob jects of a com�
p oser can b e comp osers themselves� which leads to
� The Java�based implementa�
a hierarchical organization of the meta�ob jects di�
rectly or indirectly asso ciated with a base�level ob�
tion of Guaran�a
ject� This organization� called the ob ject�s meta�
con�guration� is orthogonal to the tower of meta�
Java ��� ��� is a simple yet p owerful ob ject�oriented
ob jects� each meta�ob ject may have its own indep en�
language� Java classes are compiled into high�level
dent meta�con�guration� Furthermore� a meta�ob ject
ob ject�oriented cross�platform byteco des� that can b e
may b elong to the meta�con�guration of more than
executed on Java Virtual Machines �JVM�� Since the
one ob ject�
sp eci�cation of the JVM ���� is op en� anyone can im�
Asso ciating an ob ject with its primary meta�
plement it� so Java has b ecome available on several
ob ject is an op eration provided by the kernel of
di�erent hardware platforms� and freely�mo di�able
Guaran�a� In fact� this op eration is so general that
and redistributable source co de for some of these im�
it allows any meta�ob ject in a meta�con�guration to
plementations is available at no cost� The re�exive
b e replaced with another� Any recon�guration must
architecture of Guaran�a was implemented on top of
b e approved by the previous meta�con�guration� if
one of these platforms�
the base�level ob ject was not re�exive� its class is in�
In Guaran�a� every Java ob ject may b e directly
formed ab out the recon�guration request� and may
asso ciated with zero or one meta�ob ject� called the
prevent it�
ob ject�s primary meta�ob ject� An ob ject that is as�
so ciated with a meta�ob ject will b e called a re�ex� Ob jects created by re�exive ob jects have their
2
ive ob ject� Every op eration targeted to a re�exive meta�con�gurations determined by their creator�s
ob ject is intercepted� rei�ed �represented� as a meta� meta�con�guration� Furthermore� the meta�
level ob ject� and presented to the ob ject�s primary con�guration of the class of the new ob ject is noti�ed
meta�ob ject� b efore the ob ject�s constructor is invoked� so that it
�
By op eration� we mean metho ds and constructors invo cations� monitor �synchronized� enter and exit op erations� �eld reads
and writes� Since Java arrays are ob jects to o� array elements reads and writes� as well as array length reads� are considered
op erations to o� �
may try to mo dify the meta�con�guration of its new ��� Persistence
instance� The kernel of Guaran�a makes it p ossi�
ble to create pseudo�ob jects� that are uninitialized in�
A p ersistent ob ject ��� ��� is one whose lifetime spans
stances of a given class� These ob jects may b e turned
the application that created it� The state of p er�
into real ob jects by invoking a constructor or initial�
sistent ob jects can b e stored in �les� databases or
izing its �elds� but it may remain a pseudo�ob ject
long�running pro cesses� An ob ject can b e made p er�
and b e used� for example� as a proxy of an ob ject
sistent by simply adding a p ersistence meta�ob ject to
in a separate address spaces� The meta�con�guration
its meta�con�guration�
of the class the pseudo�ob ject b elongs to is also no�
A p ersistence meta�ob ject may b e implemented
ti�ed� so it may mo dify the pseudo�ob ject�s meta�
using two di�erent approaches� i� it may intercept
con�guration� or even prevent the creation of the
all �eld up date op erations� and up date the p ersis�
pseudo�ob ject�
tent storage accordingly� p ossibly in background� or
This noti�cation is done by using another op er�
ii� it may up date the p ersistent storage only when the
ation provided by the kernel of Guaran�a� any in�
p ersistent ob ject is no longer used by the running ap�
stance of a class that implements the interface Mes�
plication�
sage can b e broadcasted to �p ossibly� all comp onent
Whatever the choice� every ob ject must b e given
meta�ob jects of a meta�con�guration of an ob ject�
a unique identi�er� that can b e used for maintain�
Such an op eration is necessary b ecause� for security
ing references from one p ersistent ob ject to another�
reasons� we made it is imp ossible to obtain a refer�
as well as for reincarnating an ob ject from p ersistent
ence to the primary meta�ob ject of an ob ject� Fur�
storage into a running application� This unique iden�
thermore� we b elieve this helps maintaining a clear
ti�er might b e maintained by the p ersistence meta�
separation of concerns b etween the base and the meta
ob ject itself� however� a unique identi�er may b e use�
level� just like encapsulation encourages go o d ob ject�
ful for other purp oses� so we recommend the creation
oriented design�
of a separate identi�cation meta�ob ject�
Guaran�a provides an interface that allows arbi�
Whenever an ob ject�typ e �eld of a p ersistent ob�
trary Op eration ob jects to b e created in the meta�
ject is assigned to� the referred�to ob ject must also
level� even op erations that would violate encapsu�
b e made p ersistent� otherwise it will not b e p ossible
lation can b e created and p erformed by using this
to recreate the complete state of the referring ob ject
interface� However� for the sake of security� such
afterwards� This can b e accomplished by probing the
op erations must b e created using Op erationFactory
meta�con�guration of this ob ject with a broadcast
ob jects� that are given to meta�ob jects whenever
message� If no p ersistence nor identi�cation meta�
they are asso ciated with an ob ject� This ensures
ob ject exists in the ob ject�s meta�con�guration� the
that only comp onent meta�ob jects of an ob ject�s
ob ject must recon�gured so as to b ecome p ersistent�
meta�con�guration� and meta�level ob jects trusted by
or the �eld assignment must b e denied by throwing
them� can obtain priviledged access to this ob ject�
an exception�
Comp osers may distribute restricted op eration facto�
In order to reincarnate a p ersistent ob ject� there
ries to meta�ob jects they delegate to��
are two p ossible approaches� �i� the p ersistence meta�
library may provide a metho d� that can b e called from
the base level� that reincarnates an ob ject� given its
unique identi�cation� or �ii� a base�level re�exive con�
� Reusable Meta�Ob jects for
tainer� that represents the p ersistent storage� may b e
Distributed Systems
used to reincarnate p ersistent ob jects transparently�
An ob ject is reincarnated by creating a pseudo�
The meta�level proto col of Guaran�a was designed ob ject� whose �elds are �lled in from the p ersistent
in a way that makes it p ossible to create meta� storage� Reincarnation of referred ob jects can b e
ob jects that implement sp eci�c meta�level b ehav� done on demand� as they are accessed from the base
iors� and to easily comp ose them into complex meta� level� Even �elds might b e reincarnated individu�
con�gurations� In this section� we delineate how some ally� The implementation of such meta�ob ject would
meta�level services for distributed computing can b e b e much more complicated� but it may pay o� if the
implemented in Guaran�a� ob ject�s state is large enough� �
��� Replication ies to remote replica�s meta�ob jects in every address
space so that they can communicate� This is not an
Ob ject replication ���� may b e used in order to in�
overkill� since group communication proto cols usu�
crease availability and fault�tolerance of an ob ject� If
ally require every memb er of the group to know every
one replica fails� others may keep the ob ject running�
other memb er�
There is a very simple way of implementing repli�
cation with Guaran�a� Every replica executes meth�
��� Caching
o ds and reads �elds without exchanging information
with other replicas� Field mo di�cations� however� are
Having to send every single op eration targeted to a
broadcasted to all replicas in a totally�ordered ���
remote ob ject through the network may cause seri�
way� so that all replicas p erform �eld writes in the
ous negative impact on the p erformance of an appli�
same sequence� Synchronization op erations must b e
cation� On the other hand� replicating an ob ject may
sub ject to the same total order�
intro duce to o much overhead for an ob ject that is
Other replication mechanisms may broadcast
frequently up dated�
metho d invo cations and even �eld read op erations to
An intermediate solution may b e achieved by
multiple replicas� then run an election algorithm to
caching the contents of �elds of an ob ject in proxy
select a result� However� this intro duces some prob�
ob jects� These �elds could b e up dated p erio dically�
lems that are hard to solve� For example� when one
or when synchronization op erations take place� Up�
replicated ob ject interacts with another� the interac�
date op erations in the proxy ob ject might not need
tion must o ccur as if the ob jects were not replicated
to b e immediately forwarded to the actual ob ject �or
at all� So� when one replicated ob ject invokes an�
replicas ������ This is somewhat dep endent on the
other� all the individual invo cations must b e identi�
requirements of the application� but it may prove to
�ed as replicas of a single invo cation� and the op era�
b e very useful in certain situations�
tion must b e p erformed only once on each replica of
A caching meta�ob ject can b e easily implemented
the invoked ob ject�
as a comp oser that selectively delegates op erations to
a distribution meta�ob ject�
��� Distribution
Implementing transparent interaction b etween ob�
��� Migration
jects lo cated in separate virtual machines was made
Ob jects such as mobile agents ��� may have to move
easy by the intro duction of pseudo�ob jects� An ap�
from one address space to another� This may b e
proach similar to that taken for p ersistence may b e
achieved by creating a replica of the moving ob ject in
used to lo cate remote ob jects� There are di�erences�
the target address space� then removing the replica
�i� instead of lo cating ob jects in a database� they will
from the source address space�
b e searched for in a distributed name server �which
However� this may b e to o costly a way to migrate
might b e viewed as a database� after all�� and �ii�
an ob ject� Another� p otentially faster� approach is to
instead of reincarnating the ob ject� a proxy of the
have a meta�ob ject that stops delivering op erations
remote ob ject is created� as a pseudo�ob ject�
to the ob ject as so on as it decides the ob ject must mi�
Whenever an op eration is requested to the proxy�
grate� Then it marshalls the complete internal state
its distribution meta�ob ject marshalls the op eration
of the ob ject and sends it to a remote meta�ob ject
and sends a message through a network channel to
that is going to b ecome a memb er of the migrated ob�
a meta�ob ject lo cated in the actual target ob ject�s
ject�s meta�con�guration� It creates a pseudo�ob ject
address space� This meta�ob ject just creates an op�
and �lls in its �elds with the marshalled image of the
eration equivalent to the requested one and delivers it
ob ject� At this p oint� the original ob ject will have b e�
for meta�level interception� As so on as a result for the
come a proxy ob ject� that simply forwards op erations
op eration is available� it is marshalled and returned
to the migrated ob ject� until the proxy is garbage col�
to the proxy�s meta�ob ject� which unmarshalls the
lected�
result and returns it as the result of the op eration�
This facility may b e used as a basis for having If an ob ject migrates many times� an op eration
distributed replicas� Instead of implementing inter� may have to �ow through several proxies b efore it
meta�ob ject communication in the replication meta� reaches the actual ob ject� In this case� it may b e
ob jects themselves� now we just have to keep prox� useful to have an algorithm that notices whether an �
��� Atomicity ob ject migrated any further� and sets up a short�cut
to the most recently known lo cation of the ob ject
Atomic actions ��� involve three prop erties� �i� seri�
from then on �����
alizability� that ensures that the execution of concur�
We should note that there is some overlap of the
rent atomic actions is equivalent to at least one serial
migration and the p ersistence functionalities� Af�
execution� �ii� atomicity� that is� either all its e�ects
ter all� a p ersistent ob ject may b e implemented by
b ecome visible� or none do� and �iii� p ermanence of
migrating it to and from a long�running server pro�
e�ect�
cess� On the other hand� migration could b e easily
The last prop erty requires ob jects involved in an
implemented by storing the mobile ob ject in p ersis�
atomic action to b e kept in stable storage� so that�
tent storage� then reincarnating it in another address
even if one of the hosts running a distributed atomic
space�
action fails� its e�ects are p ermanent�
Instead of implementing one mechanism on top
of another� we b elieve the correct approach is to fac�
The atomicity prop erty requires a global co ordi�
tor out the common functionality required by b oth
nation of all ob jects involved in an atomic action� If
mechanisms� and implement the di�erences as sp e�
the atomic action is committed� all ob jects involved
cializations� Caching meta�ob jects may also share
must have its states made p ersistent� if it ab orts� all
functionality with these two mechanisms�
ob jects must b e reverted to the states previous to the
b eginning of the atomic action�
The serializability prop erty requires some kind of
��� Accounting
concurrency control on op erations� There are op�
Meta�ob jects for accounting can b e easily asso ciated
timistic and p essimistic p olicies� Pessimistic algo�
with arbitrary ob jects� One may count the invo ca�
rithms rely on lo cking for ensuring serializable exe�
tions of a particular metho d� or up dates of a �eld�
cutions� optimistic ones let separate atomic actions
or even complex multi�ob ject patterns of interaction�
op erate on separate copies of ob jects� and check for
Classes can b e con�gured so that all instances are
serializability at commit time�
given appropriate accounting meta�ob jects�
��� Monitoring
Atomic actions may b e totally controlled at the
base level� for example� by providig a class Atomi�
In addition to the ability of maintaining information
cAction that takes an instance of the Java standard
ab out base�level ob jects� it may b e useful for meta�
class Runnable as its constructor argument� The
ob jects to interact with base�level ob jects from the
metho d run of this argument is then executed inside
meta level�
the atomic action� If it terminates successfully� the
It is p ossible to interconnect otherwise indep en�
transaction is committed� if it throws an exception�
dent ob jects through meta�ob jects� This can b e used
the atomic action may ab ort�
to implement the MVC ���� pattern� connecting a
Concurrency control may take place transpar�
mo del ob ject with its views transparently� the con�
ently� at the meta level� using whatever selected p ol�
trol can b e totally implemented in the meta�level �����
icy� However� if it is a p essimistic one� it should b e
We might also use meta�ob jects that implement
p ossible to pre�declare lo cks� for example� from b oth
Statecharts ���� to mo del and control the b ehavior
the base and the meta level�
of base�level ob jects� Transitions in the Statechart
could b e triggered by the interception of op erations
Instead of explicitly creating and managing
or results� there may b e additional conditions for
atomic actions in the base level� certain ob jects may
the transition to take place� involving the state of
b e con�gured as atomic ones ����� so that every op�
the base�level ob ject as well as internal meta�ob ject
eration on that ob ject is p erformed inside an inde�
state ����
p endent atomic action� It may b e useful for meta�
Monitoring multiple distributed ob jects may re� level control of atomic actions to b e able to sp ecify
quire the construction of consistent global snap� that a particular op eration should b e p erformed in�
shots ���� ��� ��� ���� Algorithms for obtaining consis� side a given atomic action� as a nested atomic action
tent global snapshots can b e implemented completely or sharing data with other threads running the same
in the meta�level� transaction� �
� Conclusion References
��� Gul Agha� Svend Fr�lund� Ra jendra Panwar�
The design of Guaran�a was largely in�uenced by
and Danield Sturman� A Linguistic Framework
detected needs of a library like MOLDS� In fact� we
for Dynamic Comp osition of Dep endability Pro�
have only started Guaran�a b ecause no other re�ex�
to cols� In DCCA� � Third IFIP Working Con�
ive platform we knew could provide the mo dulariza�
ference on Dependable Computing for Critical
tion� comp osition� recon�guration and security fea�
Applications� pages ��� ����� Septemb er �����
tures demanded by such a library� The choice of Java
as the programming language has just made things
��� M� Ancona� G� Do dero� V� Gianuzzi� A� Clema�
easier� b ecause of the existing basic re�ection capa�
tis� and M� L� Lisb oa� Re�ective Architectures
bilities and of the libraries for developing networked
for Reusable Fault�Tolerant Software� In PAN�
applications�
EL��� � XXI Confer�encia Latino�Americana
We b elieve MOLDS will b ecome a very p ower�
de Inform�atica� March �����
ful and sound framework for developing distributed
��� Ken Arnold and James Gosling� The Java Pro�
applications� but its comp onents still have to b e de�
gramming Language� Addison�Weslley� �����
tailed further and implemented�
��� M� P� Atkinson� P� J� Bailey� K� J� Chisholm�
This library is a basic part of a larger pro ject �����
W� P� Co ckshott� and R� Morrison� An approach
The only similar pro ject we have known to date is
to p ersistent programming� Computer Journal�
Ap ertos ���� ���� a re�exive op erating system� We
�������������� Decemb er �����
should note� however� that it is based on a slightly
more limited re�exive mo del� sp eci�cally targeted at
��� Y� Berb ers� B� De Decker� and W� Jo osen�
op erating system development�
Infrastructure for mobile agents� In Seventh
ACM SIGOPS European Workshop� System
Support for Worldwide Applications� pages ����
���� �����
A Obtaining Guaran�a and
��� Philip A� Bernstein� Vassos Hadzilacos� and
MOLDS
Nathan Go o dman� Concurrency Control and
Recovery in Database Systems� Addison�Wesley�
Additional information ab out Guaran�a can b e
�����
found at the Guaran�a Home Page� http���
www�dcc�unicamp�br� oliva�guarana� The com�
��� Stijn Bijnens� Wouter Jo osen� and Pierre Ver�
�
plete Java API of Guaran�a� the source co de for its
baeten� A re�ective invo cation scheme to realise
implementation and full pap ers can b e downloaded
advanced ob ject management� In Object�Based
from there� MOLDS is currently in early design
Distributed Programming ECOOP ��� Work�
stage� but� when you read this pap er� there may b e
shop� July �����
up dated information in the home page of Guaran�a�
��� Kenneth P� Birman and Thomas A� Joseph� Re�
Both Guaran�a and MOLDS are free software� re�
liable communication in the presence of fail�
leased under the GNU General Public License� but its
ures� ACM Transactions on Computer Systems�
sp eci�cations are op en� so anyone can provide non�
����������� Feb �����
free clean�ro om implementations�
��� L� E� Buzato� Management of Object�Oriented
Action�Based Distributed Programs� Ph�D� The�
sis� University of Newcastle up on Tyne� Depart�
B Acknowledgments
ment of Computer Science� Decemb er �����
This work is partially supp orted by FAPESP ���� L�E� Buzato� H�K� Liesenb erg� C�M�F� Rubira
�Funda�c�ao de Amparo �a Pesquisa do Estado de R� Anido� and M�B�F� de Toledo� Uma ar�
S�ao Paulo �� grant ��������� for Alexandre Oliva� quitetura de software para o desenvolvimento
and ��������� for LSD�IC�UNICAMP �Lab orat�orio de aplica�c�oes distribu��das con��aveis� In First
de Sistemas Distribu��dos� Instituto de Computa�c�ao� Workshop on Distributed Systems �WoSid�����
Universidade Estadual de Campinas �� Salvador� BA� Brasil� May ����� �
���� Luiz E� Buzato and Alcides Calsavara� Stabilis� ���� Islene Calciolari Garcia and Luiz Eduardo
A Case study in Writing Fault�Tolerant Dis� Buzato� Asynchronous Construction of Consis�
tributed Applications Using Persistent Ob jects� tent Global Snapshots in the Ob ject and Action
In A� Albano and R� Morrison� editors� Proceed� Mo del� In Proceedings of the �th International
ings of the Fifth International Workshop on Per� Conference on Con�gurable Distributed Systems�
sistent Object Systems� Workshops in Comput� Annap olis� Maryland� EUA� May ����� IEEE�
ing� pages �������� San Miniato� Italy� Septem� Available as Technical Rep ort IC�������
b er ����� Springer�Verlag�
���� Islene Calciolari Garcia and Luiz Eduardo
Buzato� Cortes consistentes em aplica�c�oes dis�
���� Roy H� Campb ell� Nayeem Islam� David Raila�
�
tribuidas� Technical Rep ort IC������� Insti�
and Peter Madany� Designing and Implementing
tuto de Computa�c�ao� Universidade Estadual de
Choices� An Ob ject�Oriented system in C���
Campinas� April �����
Communications of the ACM� ��������������
Septemb er �����
���� Adele Goldb erg and David Robson� Smal ltalk�
��� The Language and Its Implementation�
���� M� Chandy and L� Lamp ort� Distributed Snap�
Addison�Wesley� �rst edition� �����
shots� Determining Global States of Distributed
Systems� ACM Transactions on Computing Sys�
���� James Gosling� Bill Joy� and Guy L� Steele�
tems� ����������� February �����
The Java Language Speci�cation� Java Series�
Addison�Wesley� Septemb er ����� Version ����
���� Shigeru Chiba and Takashi Masuda� Designing
���� David Harel� Statecharts� A visual formalism
an extensible distributed language with a meta�
for complex systems� Science of Computer Pro�
level architecture� In N�M� Nierstrasz� editor�
gramming� pages �������� August �����
ECOOP���� pages �������� �����
���� Jurgen � Klein�oder and Michael Golm� Trans�
���� Mar��lia Gabriela Co elho� Cec��lia Mary Fischer
parent and adaptable ob ject replication using
Rubira� and Luiz Eduardo Buzato� Uma ab or�
a re�ective Java� Technical Rep ort TR�I�����
dagem re�exiva para a constru�c�ao de frame�
��� Universit�at Erlangen�Nurn � b erg� IMMD IV�
works para interfaces homem�computador� In
Septemb er �����
XI Simp�osio Brasileiro de Engenharia de Soft�
ware �SBES����� pages �������� Fortaleza� CE�
���� Rivka Ladin� Barbara Liskov� and Liuba Shrira�
Octob er �����
Lazy replication� Exploiting the semantics of
distributed services� In Proceedings of the �th
���� Rob ert Co op er and K� Marzullo� Consistent De�
ACM Symposium on Principles of Distributed
tection of Global Predicates� SIGPLAN Notices�
Computing� pages ������ Queb ec City� Queb ec�
��������������� Decemb er �����
Canada� Aug �����
���� Tim Lindholm and Frank Yellin� The Java
���� Marc Shapiro et al� SSP chains� In Symposium
Virtual Machine Speci�cation� Java Series�
on Principles of Distributed Computing� acm�
Addison�Wesley� January �����
�����
���� Peter W� Madany� Nayeem Islam� Panos Kou�
���� J� C� Fabre� T� Perennou� and L� Blain� Meta�
giouris� and Roy H� Campb ell� Rei�cation and
ob ject Proto cols for Implementing Reliable and
re�ection in C��� An op erating system p er�
Secure Distributed Applications� Technical
sp ective� Technical rep ort� University of Illinois
Rep ort LASS������� Centre National de la
at Urbana�Champaign� March �����
Recherche Scienti�que� February �����
���� Pattie Maes� Concepts and exp eriments in com�
���� Jean�Charles Fabre� Vincent Nicomette� Tanguy
putation re�ection� ACM SIGPLAN Notices�
P�erennou� and Zhixue Wu� Implementing Fault
��������������� Decemb er �����
Tolerant Applications using Re�ective Ob ject�
Oriented Programming� In ��th Simposium on ���� Kideaki Okamura and Yutaka Ishikawa� Ob�
Fault�Tolerant Computing Systems� pages ���� ject Lo cation Control Using Meta�level Pro�
���� Pasadena� CA� June ����� gramming� In ECOOP���� pages �������� ����� �
���� Alexandre Oliva� Islene Calciolari Garcia� and ECOOP��� � �th European Conference� pages
Luiz Eduardo Buzato� The re�exive architec� �������� August �����
ture of Guaran�a� Technical Rep ort IC������� In�
���� Rob ert Stroud� Transparency and re�ection
stituto de Computa�c�ao� Universidade Estadual
in distributed systems� In �th European
de Campinas� April �����
SIGOPS Workshop� on Models and Paradigms
for Distributed Systems Structuring� Mont Saint�
���� Andreas Paep cke� PCLOS� A �exible imple�
Michel� France� Septemb er ����� ACM SIGOPS�
mentation of CLOS Persistence� In ECOOP����
IRISA� INRIA�Rennes�
pages � ������� August �����
���� Rob ert J� Stroud and Zhixue Wu� Using metaob�
���� Fred B� Schneider� Implementing fault�tolerant
ject proto cols to satisfy non�functional require�
services using the state machine approach� A tu�
ments� In Chris Zimmermann� editor� Advances
torial� ACM Computing Surveys� ��������������
in Object�Oriented Metalevel Architectures and
Decemb er �����
Re�ection� chapter �� pages ������ CRC Press�
���� Brian C� Smith� Prologue to �Re�ection and Se�
�����
mantics in a Pro cedural Language�� PhD Thesis
���� Yasuhiko Yokote� The Ap ertos re�ective op er�
Prologue� �����
ating system� The concept and its implementa�
���� R� J� Stroud and Z� Wu� Using meta�ob jects to
tion� In Proceedings OOPSLA ���� ACM SIG�
adapt a p ersistent ob ject system to meet applica�
PLAN Notices� volume ��� pages �������� Oc�
tions needs� In �th SIGOPS European Workshop
tob er �����
on Matching Operating Systems to Applications
���� Yosuhiko Yokote� Fimio Teraoka� and Mario
Needs� �����
Tokoro� A re�ective architecture for an ob ject�
oriented distributed op erating system� In ���� R� J� Stroud and Z� Wu� Using Metaob ject Pro�
ECOOP ���� ����� to cols to Implement Atomic Data Typ es� In �