Many important applications must run continuously and without interruption,
yet must be changed to fix bugs or upgrade functionality. No prior general
-purpose methodology for dynamic updating achieves a practical balance betw
een flexibility robustness, low overhead, and ease of use.
We present a new approach for C-like languages that provides type-safe dyna
mic updating of native code in an extremely flexible manner (code, data, an
d types may be up dated, at programmer-determined times) and permits the us
e of automated tools to aid the programmer in the updating process. Our sys
tem is based on dynamic patches that both contain the updated code and the
code needed to transition from the old version to the new. A novel aspect o
f our patches is that they consist of verifiable native code (e.g. Proof-Ca
rrying Code [17] or Typed Assembly Language [1.6]), which is native code ac
companied by annotations that allow on-line verification of the code's safe
ty. We discuss how patches are generated mostly automatically, how they are
applied using dynamic-linking technology, acid how code is compiled to mak
e it updateable.
To concretely illustrate our system, we have implemented a dynamically-upda
teable web server, FlashEd. We discuss our experience building and maintain
ing FlashEd. Performance experiments show that for FlashEd, the overhead du
e to updating is typically less than 1%.