Article

Mutatis mutandis: safe and predictable dynamic software updating

Authors:

Iulian NeamtiuAuthors Info & Claims

POPL '05: Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Pages 183 - 194

https://doi.org/10.1145/1040305.1040321

Published: 12 January 2005 Publication History

Abstract

Dynamic software updates can be used to fix bugs or add features to a running program without downtime. Essential for some applications and convenient for others, low-level dynamic updating has been used for many years. Perhaps surprisingly, there is little high-level understanding or language support to help programmers write dynamic updates effectively.To bridge this gap, we present Proteus, a core calculus for dynamic software updating in C-like languages that is flexible, safe, and predictable. Proteus supports dynamic updates to functions (even active ones), to named types and to data, allowing on-line evolution to match source-code evolution as we have observed it in practice. We ensure updates are type-safe by checking for a property we call "con-freeness" for updated types t at the point of update. This means that non-updated code will not use t concretely beyond that point (concrete usages are via explicit coercions) and thus t's representation can safely change. We show how con-freeness can be enforced dynamically for a particular program state. We additionally define a novel and efficient static updateability analysis to establish con-freeness statically, and can thus automatically infer program points at which all future (well-formed) updates will be type-safe. We have implemented our analysis for C and tested it on several well-known programs.

References

[1]

J. L. Armstrong and R. Virding. Erlang --- An Experimental Telephony Switching Language. In XIII International Switching Symposium, Stockholm, Sweden, May 27--June 1, 1991.]]

[2]

C. Boyapati, B. Liskov, L. Shrira, C-H. Moh, and S. Richman. Lazy modular upgrades in persistent object stores. In Proc. OOPSLA, 2003.]]

Digital Library

[3]

V. Breazu-Tannen, T. Coquand, C.A. Gunter, and A. Scedrov. Inheritance as implicit coercion. Information and computation, 93(1):172--221, 1991.]]

Digital Library

[4]

B. Buck and J. K. Hollingsworth. An API for runtime code patching. Journal of High Performance Computing Applications, 14(4):317--329, 2000.]]

Digital Library

[5]

S. Drossopoulou and S. Eisenbach. Flexible, source level dynamic linking and re-linking. In Proc. ECOOP 2003 Workshop on Formal Techniques for Java Programs, 2003.]]

[6]

D. Duggan. Type-based hot swapping of running modules. In Proc. ICFP, 2001.]]

Digital Library

[7]

O. Frieder and M. E. Segal. On dynamically updating a computer program: From concept to prototype. Journal of Systems and Software, 14(2):111--128, September 1991.]]

Digital Library

[8]

S. Gilmore, D. Kirli, and C. Walton. Dynamic ML without dynamic types. Technical Report ECS-LFCS-97-378, LFCS, University of Edinburgh, December 1997.]]

[9]

D. Grossman, G. Morrisett, T. Jim, M. Hicks, Y. Wang, and J. Cheney. Region-based memory management in Cyclone. In Proc. PLDI, 2002.]]

Digital Library

[10]

D. Gupta. On-line Software Version Change. PhD thesis, Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur, November 1994.]]

[11]

N. Heintze. Set-Based Program Analysis. PhD thesis, Department of Computer Science, Carnegie Mellon University, October 1992.]]

Digital Library

[12]

M. W. Hicks. Dynamic Software Updating. PhD thesis, Department of Computer and Information Science, The University of Pennsylvania, August 2001.]]

Digital Library

[13]

G. Hjálmtýsson and R. Gray. Dynamic C++ classes, a lightweight mechanism to update code in a running program. In Proc. USENIX, June 1998.]]

Digital Library

[14]

J. Kodumal. BANSHEE: A toolkit for building constraint-based analyses. http://bane.cs.berkeley.edu/banshee.]]

[15]

S. Malabarba, R. Pandey, J. Gragg, E. Barr, and J. F. Barnes. Runtime support for type-safe dynamic Java classes. In Proc. ECOOP, 2000.]]

Digital Library

[16]

G. C. Necula, S. McPeak, S. P. Rahul, and W. Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. Lecture Notes in Computer Science, 2304:213--228, 2002.]]

Digital Library

[17]

A. Orso, A. Rao, and M.J. Harrold. A technique for dynamic updating of Java software. In Proc. IEEE International Conference on Software Maintenance (ICSM), 2002.]]

Digital Library

[18]

C. Soules, J. Appavoo, K. Hui, R. W. Wisniewski, D. Da Silva, G. R. Ganger, O. Krieger, M. Stumm, M. Auslander, M. Ostrowski, B. Rosenburg, and J. Xenidis. System support for online reconfiguration. In Proc. USENIX, June 2003.]]

[19]

G. Stoyle, M. Hicks, G. Bierman, P. Sewell, and I. Neamtiu. phMutatis Mutandis: Safe and predictable dynamic software updating (extended version). To appear.]]

[20]

D. Walker. A type system for expressive security policies. In Proc. POPL, pages 254--267, January 2000.]]

Digital Library

[21]

D. Walker, K. Crary, and G. Morrisett. Typed memory management via static capabilities. ACM Transactions on Programming Languages and Systems, 22(4):701--771, 2000.]]

Digital Library

Cited By

Fruth MScherzinger S(2024)Live Patching for Distributed In-Memory Key-Value StoresProceedings of the ACM on Management of Data10.1145/36988162:6(1-26)Online publication date: 20-Dec-2024
https://dl.acm.org/doi/10.1145/3698816
Wagner AEisbach ZAhmed A(2024)Realistic Realizability: Specifying ABIs You Can Count OnProceedings of the ACM on Programming Languages10.1145/36897558:OOPSLA2(1249-1278)Online publication date: 8-Oct-2024
https://doi.org/10.1145/3689755
Rommel FDietrich CFriesel DKöppen MBorchert CMüller MSpinczyk OLohmann DLu SHowell J(2020)From global to local quiescenceProceedings of the 14th USENIX Conference on Operating Systems Design and Implementation10.5555/3488766.3488803(651-666)Online publication date: 4-Nov-2020
https://dl.acm.org/doi/10.5555/3488766.3488803
Show More Cited By

Index Terms

Mutatis mutandis: safe and predictable dynamic software updating
1. General and reference
  1. Cross-computing tools and techniques
    1. Validation
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Empirical software validation
      2. Process validation
  2. Software notations and tools
    1. General programming languages
      1. Language features

Recommendations

Mutatis Mutandis: Safe and predictable dynamic software updating

This article presents Proteus, a core calculus that models dynamic software updating, a service for fixing bugs and adding features to a running program. Proteus permits a program's type structure to change dynamically but guarantees the updated program ...
Mutatis mutandis: safe and predictable dynamic software updating
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Dynamic software updates can be used to fix bugs or add features to a running program without downtime. Essential for some applications and convenient for others, low-level dynamic updating has been used for many years. Perhaps surprisingly, there is ...
Principal Type Schemes for Gradual Programs
POPL '15: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

Gradual typing is a discipline for integrating dynamic checking into a static type system. Since its introduction in functional languages, it has been adapted to a variety of type systems, including object-oriented, security, and substructural. This ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '05: Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages

January 2005

402 pages

ISBN:158113830X

DOI:10.1145/1040305

General Chair:
Jens Palsberg
University of California, Los Angeles, CA
,
Program Chair:
Martín Abadi
University of California, Santa Cruz, CA

ACM SIGPLAN Notices Volume 40, Issue 1
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
January 2005
391 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/1047659
Issue’s Table of Contents

Copyright © 2005 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 January 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

POPL05

Sponsor:

POPL05: The 32nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages 2005

January 12 - 14, 2005

California, Long Beach, USA

Acceptance Rates

Overall Acceptance Rate 860 of 4,328 submissions, 20%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

55
Total Citations
View Citations
766
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Fruth MScherzinger S(2024)Live Patching for Distributed In-Memory Key-Value StoresProceedings of the ACM on Management of Data10.1145/36988162:6(1-26)Online publication date: 20-Dec-2024
https://dl.acm.org/doi/10.1145/3698816
Wagner AEisbach ZAhmed A(2024)Realistic Realizability: Specifying ABIs You Can Count OnProceedings of the ACM on Programming Languages10.1145/36897558:OOPSLA2(1249-1278)Online publication date: 8-Oct-2024
https://doi.org/10.1145/3689755
Rommel FDietrich CFriesel DKöppen MBorchert CMüller MSpinczyk OLohmann DLu SHowell J(2020)From global to local quiescenceProceedings of the 14th USENIX Conference on Operating Systems Design and Implementation10.5555/3488766.3488803(651-666)Online publication date: 4-Nov-2020
https://dl.acm.org/doi/10.5555/3488766.3488803
Collberg CMartin SMyers JNagra JZakon R(2012)Distributed application tamper detection via continuous software updatesProceedings of the 28th Annual Computer Security Applications Conference10.1145/2420950.2420997(319-328)Online publication date: 3-Dec-2012
https://dl.acm.org/doi/10.1145/2420950.2420997
Apel SLiebig JBrandl BLengauer CKästner CGyimóthy TZeller A(2011)Semistructured mergeProceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering10.1145/2025113.2025141(190-200)Online publication date: 5-Sep-2011
https://dl.acm.org/doi/10.1145/2025113.2025141
Kirsch CLopes LMarques ESokolova A(2011)Runtime Programming through Model-Preserving, Scalable Runtime PatchesProceedings of the 2011 Eleventh International Conference on Application of Concurrency to System Design10.1109/ACSD.2011.28(77-86)Online publication date: 20-Jun-2011
https://dl.acm.org/doi/10.1109/ACSD.2011.28
Anderson ARathke J(2009)Migrating protocols in multi-threaded message-passing systemsProceedings of the 2nd International Workshop on Hot Topics in Software Upgrades10.1145/1656437.1656448(1-5)Online publication date: 25-Oct-2009
https://dl.acm.org/doi/10.1145/1656437.1656448
Qi XMyers A(2009)Sharing classes between familiesACM SIGPLAN Notices10.1145/1543135.154250844:6(281-292)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1145/1543135.1542508
Qi XMyers AHind MDiwan A(2009)Sharing classes between familiesProceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/1542476.1542508(281-292)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1145/1542476.1542508
Yang QXu MPi D(2009)DelegationACM SIGSOFT Software Engineering Notes10.1145/1527202.152721534:3(1-5)Online publication date: 30-May-2009
https://dl.acm.org/doi/10.1145/1527202.1527215
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten