Simple fast algorithms for the editing distance between trees and related problems
SIAM Journal on Computing
On dynamically updating a computer program: from concept to prototype
Journal of Systems and Software - Special issue on software maintenance
Control-flow analysis of higher-order languages of taming lambda
Control-flow analysis of higher-order languages of taming lambda
A unified treatment of flow analysis in higher-order languages
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Formal Framework for On-line Software Version Change
IEEE Transactions on Software Engineering
The Tree-to-Tree Correction Problem
Journal of the ACM (JACM)
Type-based hot swapping of running modules (extended abstract)
Proceedings of the sixth ACM SIGPLAN international conference on Functional programming
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
How to design a system in which modules can be changed on the fly
ICSE '76 Proceedings of the 2nd international conference on Software engineering
Mutatis mutandis: safe and predictable dynamic software updating
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Hi-index | 0.00 |
In this paper, we present a novel method of safety analysis for runtime code update, i.e., updating a program at runtime without terminating its execution. Runtime code update is an emerging technique especially for increasing availability of the servers which should always be in service and free of any known bugs or security flaws. However, it may cause state inconsistency or unintended behaviors unless it is properly restricted. Although too much restriction enables us to easily ensure safety of updating code at runtime, it prevents us from coping with the realistic updates. To reveal appropriate restriction, we first construct a very precise model of safe runtime code update based on a framework of explicit data/control flow and dependency. Then, a class of analyses which statically estimates the set of safe update points is derived by approximating the model. We restrict only the timing: behaviorally safe runtime code update may occur only at safe update points. Moreover, we can relax the restriction by explicitly specifying non-critical points.