Dynamic software updating

Many important applications must run continuously and without interruption, and yet also must be changed to fix bugs or upgrade functionality. No prior general-purpose methodology for dynamic updating achieves a practical balance between flexibility, robustness, low overhead, ease of use, and low cost.We present an approach for C-like languages that provides type-safe dynamic updating of native code in an extremely flexible manner---code, data, and types may be updated, at programmer-determined times---and permits the use of automated tools to aid the programmer in the updating process. Our system is based on dynamic patches that contain both the updated code and the code needed to transition from the old version to the new. A novel aspect of our patches is that they consist of verifiable native code (e.g. Proof-Carrying Code or Typed Assembly Language), which is native code accompanied by annotations that allow online verification of the code's safety. We discuss how patches are generated mostly automatically, how they are applied using dynamic-linking technology, and how code is compiled to make it updateable.To concretely illustrate our system, we have implemented a dynamically updateable web server, FlashEd. We discuss our experience building and maintaining FlashEd, and generalize to present observations about updateable software development. Performance experiments show that for FlashEd, the overhead due to updating is low: typically less than 1 percent.

[1]  Liuba Shrira,et al.  Lazy modular upgrades in persistent object stores , 2003, OOPSLA.

[2]  Dominic Duggan Type-based hot swapping of running modules (extended abstract) , 2001, ICFP '01.

[3]  Willy Zwaenepoel,et al.  Flash: An efficient and portable Web server , 1999, USENIX Annual Technical Conference, General Track.

[4]  David Mosberger,et al.  httperf—a tool for measuring web server performance , 1998, PERV.

[5]  Dan Grossman,et al.  Scalable Certification for Typed Assembly Language , 2000, Types in Compilation.

[6]  Earl T. Barr,et al.  Runtime Support for Type-Safe Dynamic Java Classes , 2000, ECOOP.

[7]  Peter Sewell Modules, abstract types, and distributed versioning , 2001, POPL '01.

[8]  Benjamin C. Pierce,et al.  What is a file synchronizer? , 1998, MobiCom '98.

[9]  Paul Hudak,et al.  Principled Dynamic Code Improvement , 1997 .

[10]  Morris Sloman,et al.  Constructing Distributed Systems in Conic , 1989, IEEE Trans. Software Eng..

[11]  Michael Stumm,et al.  Tornado: maximizing locality and concurrency in a shared memory multiprocessor operating system , 1999, OSDI '99.

[12]  Ophir Frieder,et al.  On-the-fly program modification: systems for dynamic updating , 1993, IEEE Software.

[13]  Deepak Gupta,et al.  On Line Software Version Change , 1994 .

[14]  B. Ramkumar,et al.  Portable checkpointing for heterogeneous architectures , 1997, Proceedings of IEEE 27th International Symposium on Fault Tolerant Computing.

[15]  G.J. Minden,et al.  A survey of active network research , 1997, IEEE Communications Magazine.

[16]  Ophir Frieder,et al.  On dynamically updating a computer program: From concept to prototype , 1991, J. Syst. Softw..

[17]  Dilma Da Silva,et al.  System Support for Online Reconfiguration , 2003, USENIX Annual Technical Conference, General Track.

[18]  Peter Sewell,et al.  Formalizing Dynamic Software Updating , 2003 .

[19]  Dan Grossman,et al.  TALx86: A Realistic Typed Assembly Language∗ , 1999 .

[20]  Stephen Gilmore,et al.  Dynamic ML without dynamic types , 1997 .

[21]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.

[22]  Karl Crary,et al.  From system F to typed assembly language , 1999 .

[23]  Dominic Duggan,et al.  Type-based hot swapping of running modules , 2005, Acta Informatica.

[24]  Jeffrey K. Hollingsworth,et al.  An API for Runtime Code Patching , 2000, Int. J. High Perform. Comput. Appl..

[25]  Scott Nettles,et al.  Dynamic software updating , 2001, PLDI '01.

[26]  Paul Mackerras,et al.  The rsync algorithm , 1996 .

[27]  Michael J. Oehler,et al.  HMAC-MD5 IP Authentication with Replay Prevention , 1997, RFC.

[28]  Jean D. Gibbons,et al.  Concepts of Nonparametric Theory , 1981 .

[29]  Toby Bloom,et al.  Dynamic module replacement in a distributed programming system , 1983 .

[30]  Jeff Magee,et al.  The Evolving Philosophers Problem: Dynamic Change Management , 1990, IEEE Trans. Software Eng..

[31]  Scott Nettles,et al.  Active Networking Means Evolution (or Enhanced Extensibility Required) , 2000, IWAN.

[32]  Deepak Gupta,et al.  A Formal Framework for On-line Software Version Change , 1996, IEEE Trans. Software Eng..

[33]  Insup Lee,et al.  DYMOS: a dynamic modification system , 1983 .

[34]  Toby Bloom,et al.  Reconfiguration and module replacement in Argus: theory and practice , 1993, Softw. Eng. J..

[35]  Robert Gray,et al.  Dynamic C++ Classes - A Lightweight Mechanism to Update Code in a Running Program , 1998, USENIX Annual Technical Conference.

[36]  Joe Armstrong,et al.  Concurrent programming in ERLANG , 1993 .

[37]  Karl Crary,et al.  Safe and Flexible Dynamic Linking of Native Code , 2000, Types in Compilation.

[38]  Deepak Gupta,et al.  On‐line software version change using state transfer between processes , 1993, Softw. Pract. Exp..

[39]  David Garlan,et al.  A structural approach to the maintenance of structure-oriented environments , 1987, SDE 2.