| Nowadays we are increasingly relying on the non-stopping services of ubiquitous software-intensive systems. Being inherently imperfect, software systems often need to be updated to fix defects, improve performance and add new features. Traditionally, a running software system had to be shut down before being updated. This loss of availability due to software updating could be disastrous for mission critical systems, or at least annoyingly inconvenient for daily applications. Dynamic software updating (DSU) upgrades a running software system without stopping it. However, although widely desired, DSU is not used very often yet. The main obstacles to its adoption are as follows. First, introducing a DSU mechanism into highly optimized software runtime environments could cause unacceptable overheads. Second, dynamic updating could also bring a significant disruption to the service of the system under updating. Third, the manual development of dynamic patches used in DSU would be time-consuming and error-prone. Last but not the least, software systems developed without DSU in mind would lack the resilience to runtime errors caused by improper dynamic updating. This dissertation presents Javelus, an efficient, low-disruptive, easy-to-use, and reliable DSU system for Java that addresses these problems in a systematic and practical way. More elaborately, the contributions of this work include:1. An efficient lazy mechanism for dynamic software updating. By postponing the updating of stale objects to the occasions when they are actually used, this mech-anism achieves an extremely short time span of system pausing during DSU, and thus eliminates most disruption to system service. At the same time, with a set of optimizations based on fine-grained type analysis, this mechanism only intro-duces negligible overheads before and after DSU.2. An automated approach to the transformation of stale objects to their new version during dynamic updating. By abstracting the state of an object from its concrete data representation to a method invocation history leading to this state, and re-playing the history with the corresponding new version methods, this approach creates the states for the new version of the stale objects without direct manipu-lation of their low-level implementation.3. An automatic runtime recovery technique that can tolerate many of the errors caused by incautious DSU. By reusing the existing resilience capability of the software system under updating, this approach adaptively synthesizes multiple recovery solutions at runtime, tests them in a sandbox, and then applies the most promising one to the system suffering from error.4. An implementation of all these ideas on top of an industry-strength HotSpot JVM. Javelus supports arbitrary changes of Java classes and can be effortlessly inte-grated into existing production environments. Evaluation experiments with sub-jects taken from widely used open source software showed that Javelus remark-ably outperformed exiting DSU systems in efficiency, usability and reliability. |
PDF Full Text Request