research-article

Feral Concurrency Control: An Empirical Investigation of Modern Application Integrity

Authors:

Michael J. Franklin,

Joseph M. Hellerstein,

Ion StoicaAuthors Info & Claims

SIGMOD '15: Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data

Pages 1327 - 1342

https://doi.org/10.1145/2723372.2737784

Published: 27 May 2015 Publication History

Abstract

The rise of data-intensive "Web 2.0" Internet services has led to a range of popular new programming frameworks that collectively embody the latest incarnation of the vision of Object-Relational Mapping (ORM) systems, albeit at unprecedented scale. In this work, we empirically investigate modern ORM-backed applications' use and disuse of database concurrency control mechanisms. Specifically, we focus our study on the common use of feral, or application-level, mechanisms for maintaining database integrity, which, across a range of ORM systems, often take the form of declarative correctness criteria, or invariants. We quantitatively analyze the use of these mechanisms in a range of open source applications written using the Ruby on Rails ORM and find that feral invariants are the most popular means of ensuring integrity (and, by usage, are over 37 times more popular than transactions). We evaluate which of these feral invariants actually ensure integrity (by usage, up to 86.9%) and which---due to concurrency errors and lack of database support---may lead to data corruption (the remainder), which we experimentally quantify. In light of these findings, we present recommendations for database system designers for better supporting these modern ORM programming patterns, thus eliminating their adverse effects on application integrity.

References

[1]

SchemaPlus. https://github.com/SchemaPlus/schema_plus.

[2]

How a quiet developer built Goodreads.com into book community of 2.6

[3]

million members -- with Otis Chandler, November 2009. http://mixergy.com/interviews/goodreads-otis-chandler/.

[4]

Java EE 7 API: Package javax.persistence, 2013. http://docs.oracle.com/javaee/7/api/javax/persistence/package-summary.html.

[5]

CakePHP, 2014. http://cakephp.org/ and http://book.cakephp.org/2.0/en/index.html.

[6]

Django: The Web framework for perfectionists with deadlines, 2014. https://www.djangoproject.com/ and https://github.com/django/django.

[7]

Laravel: The PHP Framework for Web Artisans, 2014. http://laravel.com/ and https://github.com/laravel/laravel.

[8]

RailsGuide: Active Record Validations, 2014. http://guides.rubyonrails.org/active_record_validations.html.

[9]

A. Adya. Weak consistency: a generalized theory and optimistic implementations for distributed transactions. PhD thesis, MIT, 1999.

Digital Library

[10]

R. Allen. Airbnb Engineering Blog: "Upgrading Airbnb from Rails 2.3 to Rails 3.0", October 2012. http://nerds.airbnb.com/upgrading-airbnb-from-rails-23-to-rails-30/.

[11]

G. Alonso, F. Casati, H. Kuno, and V. Machiraju. Web services. Springer, 2004.

[12]

P. Alvaro, N. Conway, J. M. Hellerstein, and D. Maier. Blazes: Coordination analysis for distributed programs. In ICDE 2014.

[13]

P. Alvaro, N. Conway, J. M. Hellerstein, and W. Marczak. Consistency analysis in Bloom: a CALM and collected approach. In CIDR 2011.

[14]

P. Alvaro et al. Consistency without borders. In SoCC 2013.

Digital Library

[15]

T. G. Armstrong, V. Ponnekanti, D. Borthakur, and M. Callaghan. Linkbench: a database benchmark based on the Facebook social graph. In SIGMOD 2013.

Digital Library

[16]

J. Aylett. django-database-constraints, 2013. https://github.com/jaylett/django-database-constraints.

[17]

P. Bailis, A. Davidson, A. Fekete, A. Ghodsi, J. M. Hellerstein, and I. Stoica. Highly Available Transactions: Virtues and limitations. In VLDB 2014.

Digital Library

[18]

P. Bailis, A. Fekete, M. J. Franklin, J. M. Hellerstein, A. Ghodsi, and I. Stoica. Coordination avoidance in database systems. In VLDB 2015.

Digital Library

[19]

P. Bailis, S. Venkataraman, M. J. Franklin, et al. Probabilistically Bounded Staleness for practical partial quorums. In VLDB 2012.

Digital Library

[20]

Balderdash. Sails.js: Realtime MVC Framework for Node.js, 2014. https://github.com/balderdashy/sails.

[21]

Balderdash. Waterline: An adapter-based ORM for Node.js with support for mysql, mongo, postgres, redis, {sic} and more, 2014. https://github.com/balderdashy/waterline.

[22]

Bean Validation Expert Group. Jsr-000303 bean validation 1.0 final release specification, 2009. http://download.oracle.com/otndocs/jcp/bean_validation-1.0-fr-oth-JSpec/.

[23]

D. Bermbach and S. Tai. Eventual consistency: How soon is eventual? An evaluation of Amazon S3's consistency behavior. In MW4SOC, 2011.

Digital Library

[24]

E. Bernard. Java Specification Request 349: Bean Validation 1.1, 2013. https://jcp.org/en/jsr/detail?id=349.

[25]

P. A. Bernstein, A. Y. Halevy, and R. A. Pottinger. A vision for management of complex models. ACM Sigmod Record, 29(4):55--63, 2000.

Digital Library

[26]

I. Bocić and T. Bultan. Inductive verification of data model invariants for web applications. In ICSE, ICSE 2014, pages 620--631, New York, NY, USA, 2014. ACM.

Digital Library

[27]

E. Brewer. CAP twelve years later: How the "rules" have changed. Computer, 45(2):23--29, 2012.

Digital Library

[28]

J. Brough.#645: Alternative to validates_uniqueness_of using db constraints, 2011. rails/rails at https://github.com/rails/rails/issues/645.

[29]

P. Calcado. Building products at SoundCloud -- Part I: Dealing with the monolith, June 2014. https://developers.soundcloud.com/blog/building-products-at-soundcloud-part-1-dealing-with-the-monolith.

[30]

M. J. Carey and D. J. DeWitt. Of objects and databases: A decade of turmoil. In VLDB, 1996.

Digital Library

[31]

M. J. Carey et al. Shoring up persistent applications. In SIGMOD 1994.

Digital Library

[32]

A. Carter. Hulu Tech Blog: "At a glance: Hulu hits Rails Conf 2012", May 2012. http://tech.hulu.com/blog/2012/05/14/347/.

[33]

A. Chaudhuri and J. S. Foster. Symbolic security analysis of Ruby-on-Rails web applications. In CCS, 2010.

Digital Library

[34]

A. Cheung, O. Arden, S. Madden, A. Solar-Lezama, and A. C. Myers. StatusQuo: Making familiar abstractions perform using program analysis. In CIDR 2013.

[35]

A. Cheung, S. Madden, O. Arden, and A. C. Myers. Automatic partitioning of database applications. In VLDB 2012.

Digital Library

[36]

B. Cook. Scaling Twitter, SDForum Silicon Valley Ruby Conference, 2007. http://www.slideshare.net/Blaine/scaling-twitter.

[37]

B. F. Cooper, A. Silberstein, E. Tam, R. Ramakrishnan, and R. Sears. Benchmarking cloud serving systems with YCSB. In ACM SoCC 2010.

Digital Library

[38]

J. W. Creswell. Research design: Qualitative, quantitative, and mixed methods approaches. Sage, 2013.

[39]

K. Crum.#3238: Activerecord::staleobjecterror in checkout, 2013. spree/spree at https://github.com/spree/spree/issues/3238.

[40]

D. E. Difallah, A. Pavlo, C. Curino, and P. Cudre-Mauroux. OLTP-Bench: An extensible testbed for benchmarking relational databases. In VLDB 2014.

Digital Library

[41]

J. Duff. How Shopify scales Rails, Big Ruby 2013, April 2013. http://www.slideshare.net/jduff/how-shopify-scales-rails-20443485.

[42]

E. Dumbill. O'Reilly: "Ruby on Rails: An interview with David Heinemeier Hansson", August 2005. http://www.oreillynet.com/pub/a/network/2005/08/30/ruby-rails-david-heinemeier-hansson.html.

[43]

S. Easterbrook et al. Selecting empirical methods for software engineering research. In Guide to advanced empirical software engineering, pages 285--311. Springer, 2008.

[44]

M. Ehsan. Input validation with Laravel, 2014. http://laravelbook.com/laravel-input-validation/.

[45]

K. P. Eswaran et al. The notions of consistency and predicate locks in a database system. Commun. ACM, 19(11):624--633, 1976.

Digital Library

[46]

A. Fekete, S. N. Goldrei, and J. P. Asenjo. Quantifying isolation anomalies. In VLDB 2009.

Digital Library

[47]

H. Ferentschik. Accessing the Hibernate Session within a ConstraintValidator, May 2010. https://developer.jboss.org/wiki/AccessingtheHibernateSessionwithinaConstraintValidator.

[48]

H. Ferentschik and G. Morling. Hibernate validator JSR 349 reference implementation 5.1.3.final, 2014. https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html/.

[49]

M. Fowler. Patterns of enterprise application architecture. Addison-Wesley Longman Publishing Co., Inc., 2002.

Digital Library

[50]

E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design patterns: elements of reusable object-oriented software. Pearson Education, 1994.

Digital Library

[51]

D. Geer. Will software developers ride Ruby on Rails to success? Computer, 39(2):18--20, 2006.

Digital Library

[52]

W. Golab, X. Li, and M. A. Shah. Analyzing consistency properties for fun and profit. In PODC 2011.

Digital Library

[53]

J. Gray, R. Lorie, G. Putzolu, and I. Traiger. Granularity of locks and degrees of consistency in a shared data base. Technical report, IBM, 1976.

[54]

P. W. Grefen and P. M. Apers. Integrity control in relational database systems--an overview. Data & Knowledge Engineering, 10(2):187--223, 1993.

Digital Library

[55]

D. H. Hansson. active_record/transactions.rb, 2004. rails/rails githash db045db at https://github.com/rails/rails/blob/db045dbb.

[56]

D. H. Hansson. Choose a single layer of cleverness, September 2005. http://david.heinemeierhansson.com/arc/2005_09.html.

[57]

Hibernate Team and JBoss Visual Design Team. Hibernate reference documentation 4.3.7.final, 2014. http://docs.jboss.org/hibernate/orm/4.3/manual/en-US/html/.

[58]

M. Higgins. Foreigner. https://github.com/matthuhiggins/foreigner.

[59]

T. Hinrichs et al. Caveat: Facilitating interactive and secure client-side validators for ruby on rails applications. In SECURWARE 2013.

[60]

M. Koziarski. Warn users about the race condition in validates_uniqueness_of. {koz}, 2007. rails/rails githash c01c28c at https://github.com/rails/rails/commit/c01c28c.

[61]

G. E. Krasner, S. T. Pope, et al. A description of the model-view-controller user interface paradigm in the smalltalk-80 system. Journal of object oriented programming, 1(3):26--49, 1988.

Digital Library

[62]

H.-T. Kung and C. H. Papadimitriou. An optimality theory of concurrency control for databases. In SIGMOD, 1979.

Digital Library

[63]

H. Lai. Document concurrency issues in validates_uniqueness_of., 2008. rails/rails githash adacd94 at https://github.com/rails/rails/commit/adacd94.

[64]

C. Lamb, G. Landis, J. Orenstein, and D. Weinreb. The ObjectStore database system. Communications of the ACM, 34(10):50--63, 1991.

Digital Library

[65]

J. Leighton. Support for specifying transaction isolation level, 2012. rails/rails githash 392eeec at https://github.com/rails/rails/commit/392eeec.

[66]

C. Li, J. Leitao, A. Clement, N. Preguiça, R. Rodrigues, et al. Automating the choice of consistency levels in replicated systems. In USENIX ATC 2014.

Digital Library

[67]

A. Malpani et al. Reverse engineering models from databases to bootstrap application development. In ICDE, 2010.

[68]

S. McCullough. Groupon Engineering Blog: "Geekon: I-Tier", October 2013. https://engineering.groupon.com/2013/node-js/geekon-i-tier/.

[69]

J. Nijjar and T. Bultan. Bounded verification of ruby on rails data models. In ACM ISSTA, 2011.

Digital Library

[70]

C. Nutter. Q/a: What thread-safe Rails means, August 2008. http://blog.headius.com/2008/08/qa-what-thread-safe-rails-means.html.

[71]

T. Preston-Werner. How we made GitHub fast, October 2009. https://github.com/blog/530-how-we-made-github-fast.

[72]

J. Rizzo. Twitch: The official blog "Technically Speaking -- Group Chat and General Chat Engineering", April 2014. http://blog.twitch.tv/2014/04/technically-speaking-group-chat-and-general-chat-engineering/.

[73]

D. Roberts. #13234: Rails concurrency bug on save, 2013. rails/rails at https://github.com/rails/rails/issues/13234.

[74]

S. Roy, L. Kot, et al. The homeostasis protocol: Avoiding transaction coordination through program analysis. In SIGMOD, 2015.

Digital Library

[75]

S. Ruby, D. Thomas, D. H. Hansson, et al. Agile web development with Rails 4. The Pragmatic Bookshelf, Dallas, Texas, 2013.

Digital Library

[76]

N. Singh. update_attributes and update_attributes! are now wrapped in a transaction, 2010. rails/rails githash f4fbc2c at https://github.com/rails/rails/commit/f4fbc2c.

[77]

N. Skrupsky et al. Waves: Automatic synthesis of client-side validation code for web applications. In IEEE CyberSecurity 2012.

Digital Library

[78]

K.-J. Stol et al. The use of empirical methods in open source software research: Facts, trends and future directions. In FLOSS, 2009.

Digital Library

[79]

C. Stoltman. initial stab at creating has_many relationships, 2013. balderdashy/waterline githash b05fb1c at https://github.com/balderdashy/waterline/commit/b05fb1c. As of November 2014, this code has been moved but is still non-transactional and the comment remains unchanged.

[80]

M. Tamer Özsu and P. Valduriez. Principles of distributed database systems. Springer, 2011.

Digital Library

[81]

Tim O'Reilly. What is web 2.0: Design patterns and business models for the next generation of software. Communications and Strategies, 65(1):17--37, 2007.

[82]

H. Wada, A. Fekete, L. Zhao, K. Lee, and A. Liu. Data consistency properties and the trade-offs in commercial cloud storage: the consumers' perspective. In CIDR 2011.

[83]

J. Widom and S. Ceri. Active database systems: Triggers and rules for advanced database processing. Morgan Kaufmann, 1996.

Digital Library

[84]

A. Williams. Techcrunch: Zendesk launches a help center that combines self-service with design themes reminiscent of Tumblr, August 2013. http://techcrunch.com/2013/08/21/zendesk-launches-a-help-center-that-combines-self-service-with-design-themes-reminiscent-of-tumblr/.

[85]

F. Yang et al. Hilda: A high-level language for data-drivenweb applications. In ICDE, 2006.

Digital Library

[86]

K. Zellag and B. Kemme. How consistent is your cloud application? In SoCC 2012.

Digital Library

[87]

K. Zellag and B. Kemme. Real-time quantification and classification of consistency anomalies in multi-tier architectures. In ICDE 2011.

Digital Library

Cited By

Zhang CWang LShang JXiao ZXiao LHan MWei BShen RWang J(2025)ICCG: low-cost and efficient consistency with adaptive synchronization for metadata replicationFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-023-2772-y19:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11704-023-2772-y
Hu GWang ZTang CShen JDong ZYao SChen H(2024)WeBridge: Synthesizing Stored Procedures for Large-Scale Real-World Web ApplicationsProceedings of the ACM on Management of Data10.1145/36393192:1(1-29)Online publication date: 26-Mar-2024
https://dl.acm.org/doi/10.1145/3639319
Ignat CElvinger VBa H(2024)Synql: A CRDT-Based Approach for Replicated Relational Databases with Integrity ConstraintsDistributed Applications and Interoperable Systems10.1007/978-3-031-62638-8_2(18-35)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-62638-8_2
Show More Cited By

Index Terms

Feral Concurrency Control: An Empirical Investigation of Modern Application Integrity
1. Information systems
  1. Data management systems
    1. Database management system engines

Recommendations

SQL DOM: compile time checking of dynamic SQL statements
ICSE '05: Proceedings of the 27th international conference on Software engineering

Most object oriented applications that involve persistent data interact with a relational database. The most common interaction mechanism is a call level interface (CLI) such as ODBC or JDBC. While there are many advantages to using a CLI -- expressive ...
Database Concurrency Control in Multilevel Secure Database Management Systems

Concurrent execution of transactions in database management systems (DBMSs) may lead to contention for access to data, which in a multilevel secure DBMS (MLS/DBMS) may lead to insecurity. Security issues involved in database concurrency control for MLS/...
An Optimistic Locking Technique for Concurrency Control in Distributed Databases

A method called optimistic method with dummy locks (ODL) is suggested for concurrency control in distributed databases. It is shown that by using long-term dummy locks, the need for the information about the write sets of validated transactions is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGMOD '15: Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data

May 2015

2110 pages

ISBN:9781450327589

DOI:10.1145/2723372

General Chair:
Timos Sellis
RMIT University, Australia
,
Program Chairs:
Susan B. Davidson
University of Pennsylvania, USA
,
Zack Ives
University of Pennsylvania, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGMOD: ACM Special Interest Group on Management of Data

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 May 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGMOD/PODS'15

Sponsor:

SIGMOD

SIGMOD/PODS'15: International Conference on Management of Data

May 31 - June 4, 2015

Victoria, Melbourne, Australia

Acceptance Rates

SIGMOD '15 Paper Acceptance Rate 106 of 415 submissions, 26%;

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

61
Total Citations
View Citations
938
Total Downloads

Downloads (Last 12 months)59
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang CWang LShang JXiao ZXiao LHan MWei BShen RWang J(2025)ICCG: low-cost and efficient consistency with adaptive synchronization for metadata replicationFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-023-2772-y19:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11704-023-2772-y
Hu GWang ZTang CShen JDong ZYao SChen H(2024)WeBridge: Synthesizing Stored Procedures for Large-Scale Real-World Web ApplicationsProceedings of the ACM on Management of Data10.1145/36393192:1(1-29)Online publication date: 26-Mar-2024
https://dl.acm.org/doi/10.1145/3639319
Ignat CElvinger VBa H(2024)Synql: A CRDT-Based Approach for Replicated Relational Databases with Integrity ConstraintsDistributed Applications and Interoperable Systems10.1007/978-3-031-62638-8_2(18-35)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-62638-8_2
Cheng AWaudby JFirth HCrooks NStoica I(2023)Mammoths are Slow: The Overlooked Transactions of Graph DataProceedings of the VLDB Endowment10.14778/3636218.363624117:4(904-911)Online publication date: 1-Dec-2023
https://dl.acm.org/doi/10.14778/3636218.3636241
Wang ZTang CZhang XYu QZang BGuan HChen H(2023)Ad Hoc Transactions through the Looking Glass: An Empirical Study of Application-Level Transactions in Web ApplicationsACM Transactions on Database Systems10.1145/363855349:1(1-43)Online publication date: 23-Dec-2023
https://dl.acm.org/doi/10.1145/3638553
Cormode G(2023)Technical Perspective on 'R2T: Instance-optimal Truncation for Differentially Private Query Evaluation with Foreign KeysACM SIGMOD Record10.1145/3604437.360446152:1(114-114)Online publication date: 8-Jun-2023
https://dl.acm.org/doi/10.1145/3604437.3604461
Chen JHuang YWang MSalihoglu SSalem K(2023)Accurate Summary-based Cardinality Estimation Through the Lens of Cardinality Estimation GraphsACM SIGMOD Record10.1145/3604437.360445852:1(94-102)Online publication date: 8-Jun-2023
https://dl.acm.org/doi/10.1145/3604437.3604458
Lu SMartens WNiewerth MTao Y(2023)An Optimal Algorithm for Partial Order Multiway SearchACM SIGMOD Record10.1145/3604437.360445652:1(84-92)Online publication date: 8-Jun-2023
https://dl.acm.org/doi/10.1145/3604437.3604456
Jayaram R(2023)Technical Perspective: Optimal Algorithms for Multiway Search on Partial OrdersACM SIGMOD Record10.1145/3604437.360445552:1(83-83)Online publication date: 8-Jun-2023
https://dl.acm.org/doi/10.1145/3604437.3604455
Abo Khamis MNgo HPichler RSuciu DRemy Wang Y(2023)Convergence of Datalog over (Pre-) SemiringsACM SIGMOD Record10.1145/3604437.360445452:1(75-82)Online publication date: 8-Jun-2023
https://dl.acm.org/doi/10.1145/3604437.3604454
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents