Forgot your password?
typodupeerror
Upgrades Businesses Google Software The Internet

New Binary Diffing Algorithm Announced By Google 192

Posted by timothy
from the smartness-and-light dept.
bheer writes "Today Google's Open-Source Chromium project announced a new compression technique called Courgette geared towards distributing really small updates. Courgette achieves smaller diffs (about 9x in one example) than standard binary-diffing algorithms like bsdiff by disassembling the code and sending the assembler diffs over the wire. This, the Chromium devs say, will allow them to send smaller, more frequent updates, making users more secure. Since this will be released as open source, it should make distributing updates a lot easier for the open-source community."
This discussion has been archived. No new comments can be posted.

New Binary Diffing Algorithm Announced By Google

Comments Filter:
  • dictionary (Score:2, Informative)

    by neonprimetime (528653)
    courgette (kr-zht)

    n. Chiefly British

    A zucchini.
  • by flowsnake (1051494) on Thursday July 16, 2009 @12:25PM (#28719351)
    An interesting approach - I wonder if this would also work as well on compiled bytecode like .NET or Java uses?
    • Re: (Score:3, Insightful)

      by hattig (47930)

      Why not just ship the affected .class files for Java? Disassemble the Jar that is being updated, replace/add/remove the class(es) as per the update instructions and rebuild the Jar.

      Chrome's problem is that a massive, bulky, chrome.dll file needs to be sent out with each update, and that it isn't easy to split it up into its constituent parts because it is lower level.

      It's not a new idea, but quite impressive that they've actually gone and worked it all out so that it is reliable. And nicer than patching via

      • by Imagix (695350)
        If you disassemble and reassemble a jar file, then it would no longer be correctly signed.
        • by pjt33 (739471)

          If they ship the signature then the manifest can be updated. Shouldn't be a problem.

    • by Cyberax (705495) on Thursday July 16, 2009 @01:45PM (#28720663)

      It would work fine, if you include Java/.NET specific disassemblers.

      In fact, you can already compress Java JARs about ten times by using pack200 algorithm (it works essentially the same way).

    • Re: (Score:3, Interesting)

      by PCM2 (4486)

      An interesting approach - I wonder if this would also work as well on compiled bytecode like .NET or Java uses?

      I suspect that it would. I once heard Manuel De Icaza give a talk in the early days of the Mono project. He said the "bytecode" that came out of the C# compiler was analogous to the output that comes out of the front end of a C compiler. The JIT is the equivalent of the C compiler's back end, only it runs right before execution. I suspect that what Google's decompiler is doing is reverting the binary to something similar to the C compiler's internal representation -- and if so, this method would work pretty

    • From my first pass over it this actually looks like a very strange way to describe a rather simple approach.

      More generically they could achieve the same, if not more, by using a differential PPM or LZ method, which is very simple to design/implement, needs zeto knowledge of what data it is handling, and is in no way a new idea.

      I suspect whomever designed this had a good idea but not that enough compression experience to know solutions were already on hand.

      In effect the new binary should be compressed with

  • Google has to pay the cost for maintaining servers and handling bandwidth for all the OS updates they push out. The more efficient they are in this process, the more money the save.

    The good news is that the same benefits could be applied to Red Hat, Ubuntu, openSUSE, etc. Lower costs helps the profitability of companies trying to make a profit on Linux.

    The end users also see benefits in that their packages download quicker. I'd be honestly pretty disappointed in any major distro that doesn't start implementing a binary diff solution around this.

    • Re: (Score:2, Insightful)

      by maxume (22995)

      Yeah, but it is probably more like unplugging wall warts than insulating your house.

      That is, it will be a hassle, be visible, and show a tiny benefit, all the while distracting from more worthwhile activity.

    • by pembo13 (770295)

      > I'd be honestly pretty disappointed in any major distro that doesn't start implementing a binary diff solution around this.

      Fedora already has Presto using DeltaRPMs [fedoraproject.org]

      • Re: (Score:3, Informative)

        by Rayban (13436)

        DeltaRPM uses bsdiff - an impressive but generic binary diff algorithm.

        Courgette is designed to replace this binary diff with one that understands compiled code well enough to optimize the binary diffs by a significant amount.

        • by mzs (595629)

          Courgette uses bsdiff as well, after it breaks down into some parts that bsdiff better.

        • DeltaRPM also have to deal with non-code objects as well. I wonder how much of an average RPM is actually machine code.

    • Re: (Score:2, Interesting)

      by Ed Avis (5917)

      Fedora is already using binary diffs to speed up downloading updates - see yum-presto [fedorahosted.org]. With a better binary diff algorithm, the RPM updates can hopefully be made even smaller. As the Google developers note, making smaller update packages isn't just a 'nice to have' - it really makes a difference in getting vulnerabilities patched faster and cuts the bandwidth bill for the vendor and its mirror sites. Remembering my experiences downloading updates over a 56k modem, I am also strongly in favour of anything

    • Re: (Score:3, Interesting)

      by klui (457783)
      It's pretty cool they do this. As opposed to iTunes "updates" of 70+MB--really no updates at all since they're just the monolithic install package.
    • by shird (566377)

      I doubt this is of much concern to them. How many people will be running their new OS and doing updates, vs the bandwidth required for your average google maps session or you-tube video, done by many more people? Even the daily search results and ad serving to the content network would far exceed this.

      I'm pretty sure the amount of bandwidth would be trivial in comparison. It's not like Ubuntu or MS require people to re-download the entire OS to perform a patch.

      Besides which, with the network of mirrors they

      • Re: (Score:3, Insightful)

        by Enderandrew (866215)

        I don't run Ubuntu, but rather openSUSE. When I download updates (including weekly snapshot builds of KDE 4, Firefox and OpenOffice) I end up downloading around 3 gigs each time. That is practically the whole OS. Small binary diffs would make a huge difference here.

        I doubt I pull 3 gigs of bandwidth from all Google sites combined in a week.

        The other difference is that other Google sites generate revenue. The OS likely will not.

  • Rsync (Score:2, Interesting)

    by Gerald (9696)

    Would this algorithm be useful to the rsync team?

    • Re: (Score:3, Interesting)

      Not really. Where Google's algorithm really shines is in exactly the field they designed it for: efficiently trying to update a large number of identical binary files of known content (particularly those representing code) on many remote computers, by sending a compact list of the differences.

      Rsync actually has to solve a different problem: figuring out where differences exist between two files separated over a slow link when you DON'T precisely know the content of the remote file, but know it's likely simi

      • Everyone is throwing around the term "binary file" as if this is some generic solution for transferring anything that isn't text. This solution is great for compiled code, but it won't do anything for image binaries, music binaries, and video binaries because none of those can be disassembled into code. To take advantage of any of the optimizations that this new diff is using, rsync would have to first check every file to determine if it is compiled code, then check the architecture that it's designed for
    • Maybe. But I can think of a few issues:

      1. This is geared toward a specific type of file (x86 executable), not generic data files.
      2. Adding an educated-guess-where-all-the-pointers-are system might just mess with the rsync protocol.
      3. Google has the advantage of knowing, with a quick version number check, exactly what changes need to be made: most data flows from server to client. The rsync destination would have to send back two sets of rolling checksums: first for the disassembly, then for the guess made u
  • The cool thing is... (Score:3, Interesting)

    by salimma (115327) on Thursday July 16, 2009 @12:31PM (#28719451) Homepage Journal

    The cool thing is, one can easily extend this to other executable formats, as long as the assembler is readily available client-side: Windows users could relate to those pesky, resource-hogging Java updates, and .NET and Mono applications could similarly benefit.

    This is, interestingly, the second binary diffing innovation that affects me in the past few months. Fedora just turned on delta updates with Fedora 11, a feature borrowed from the openSUSE folks.

    • by mzs (595629) on Thursday July 16, 2009 @12:46PM (#28719739)

      You didn't RTFA before posting did you? When they say assembler they mean something of their own that takes a binary blob and one you have already and reassembles the original binary. It just so happens that the disassembler knows a lot about windows executables and the archive format that google uses breaks it up into some portions and assigns labels to addresses. Then it runs bsdiff on this smaller subset.

      The code outlined in the blog post is really in these files:

      win32_x86_generator.h
      win32_x86_patcher.h

      Notice these names? This is the disappointing aspect to all of this, it is one more new reason that Chrome is x86 and primarily Windows. You would need one for Mach-O and ELF to do this on other platforms and then if you were on another processor, say ARM or PPC, you would need something that understood that as well. Then there is the issue about 64-bit. In any case the assembler is not something like gas or MASM which is what you imagined.

      • Re: (Score:3, Informative)

        by Rayban (13436)

        The source for the disassembler is pretty simple.

        http://src.chromium.org/viewvc/chrome/trunk/src/courgette/disassembler.cc [chromium.org]

        Porting that to parse x86 out of ELF or another executable container wouldn't be too difficult. Porting it to parse x64 or PPC would be tougher.

        • Re: (Score:3, Informative)

          by mzs (595629)

          Actually it would be pretty hard to go x86 PEX to x86 ELF as relocations are done completely differently in those formats. They are often names or indexes in DLLs with PEX and handles (think dlopen) while there are all sorts of relocation entries in ELF where the instructions themselves get modified by the run time linker to the correct address or offset (the premunged instruction either has an index in it to a name or another relocation table with more info).

  • wait a minute (Score:3, Insightful)

    by six (1673) on Thursday July 16, 2009 @12:31PM (#28719457) Homepage

    announced a new compression technique called Courgette geared towards distributing really small updates

    I just RTFA, this has nothing to do with a compression technique.

    What they developed is a technique to make small diffs from *executable binary files* and it doesn't look like it's portable to anything other than x86 because the patch engine has to embed an architecture specific assembler + disasembler.

    • Re: (Score:2, Informative)

      by hattig (47930)

      Another problem is that you would need to maintain every little diff from previous versions, and apply them one after another. Every so often you would have a cumulative diff maintained, so you'd do: 3.0.3 -> 3.0.4 -> 3.0.5 -> 3.2 (cumulative 3.0.5 to 3.2) -> 3.2.1 -> 3.2.2 -> 3.5 (cumulative 3.2.2 to 3.5) -> 3.5.1

      • Re:wait a minute (Score:5, Informative)

        by flowsnake (1051494) on Thursday July 16, 2009 @12:45PM (#28719723)
        Not really a problem. Every n releases you push a complete patch - a bit like key frames in MPEG. People who keep their stuff reasonably up-to-date benefit from the smaller patches, those who don't just have to go back to the 'key frame' equivalent. And on the client - the latest version on the host is effectively the sum of all the diffs up to that point. OK so there is not enough information there to revert to an arbitrary earlier version, but usually we don't revert to older versions of executables. If we absolutely have to revert, maybe to undo a bad update, we can always just download a complete version of the required version.
      • They'd only have to do that if they wanted to be able to patch from an old version to another old version, otherwise they just need to store a diff comparing each old version to the current. That'd be more work ahead of time since each new release would require you to run and store a diff to every old release (rather than just one diff to the previous version), but that's work you'd have to do just once versus work that you have to do for every client patching.
  • I remember having this idea a while back and thinking that it would surely be out there already implemented. When it wasn't, I didn't follow through and try to invent it myself. I was focused on another project at the time. Never really came back to that original idea. Awesome that someone did, and that they are keeping it open so everyone can use it! Thanks, Google!

    • by Lennie (16154)

      What is cool about this text is, you could claim it for anything and still look smart. ;-)

  • Bad explanation (Score:5, Insightful)

    by DoofusOfDeath (636671) on Thursday July 16, 2009 @12:37PM (#28719557)

    Courgette achieves smaller diffs (about 9x in one example)

    That's potentially very misleading. I can compress any document, down to a single but, if my compression algorithm is sufficiently tailored to that document. For example:

    if (compressed_data[0] == 0):
          return = get_Magna_Carta_text()
    else:
          return unzip(compressed_data[1:])

    What we need to know is the overall distribution of compression ratios, or at least the average compression ratio, over a large population of documents.

    • Re: (Score:3, Funny)

      by DoofusOfDeath (636671)

      I can compress any document, down to a single but,

      Oh crap. There goes any chance of this being a technical discussion.

    • Re: (Score:3, Funny)

      by CarpetShark (865376)

      return = get_Magna_Carta_text()
      return unzip(compressed_data[1:]

      Most of your point is good, but I suspect that, no matter what language you're using, ONE of these will give you a syntax error ;)

  • Today? (Score:4, Funny)

    by Blakey Rat (99501) on Thursday July 16, 2009 @12:38PM (#28719575)

    Google's Open-Source Chromium project announced a new compression technique called Courgette geared towards distributing really small updates today.

    Better hurry! It won't work tomorrow!

  • by istartedi (132515) on Thursday July 16, 2009 @12:38PM (#28719587) Journal

    ...it makes you smack yourself on the head and go "why hasn't everybody been doing this for years?".

    The idea is simple, and reminds me of something I learned in school regarding signals. Some operations are easy to perform in the frequency domain, so you do the Fourier transform, perform the operation, and then transform back.

    This is really just the same idea applied to the problem of patches. They're small in source; but big in binary. It seems so obvious that you could apply a transform,patch,reverse process... but only when pointed out and demonstrated.

    It's almost like my favorite invention: the phonograph.

    The instructions for making an Edison phonograph could have been understood and executed by any craftsman going back thousands of years. Yet, it wasn't done until the late 19th century.

    Are the inventors that brilliant, or are we just that stupid.

    • by BitZtream (692029)

      Or perhaps hindsight is 20/20.

      • by timeOday (582209)
        All compression is based on basically the same idea - a model of the process that created the data. The model makes somewhat less error in predicting what will come next compared to a random model / no model, and hence needs less information to correct those predictions. For instance, in speech compression [data-compression.com] it is normal to start with a model of the human vocal tract. Even general compression algorithms like gzip work this way, making basic assumptions, such as real-world data tends to have values which re
    • by merreborn (853723) on Thursday July 16, 2009 @01:06PM (#28720027) Journal

      Like many brilliant ideas... it makes you smack yourself on the head and go "why hasn't everybody been doing this for years?".

      Probably because the old solution was:

      A) Simple
      B) Good enough for most purposes.

      Sure, you can shave 80% off your patch filesize... but unless you're as big as google, patch bandwidth probably isn't a major priority -- you've likely got much more important things to dedicate engineering resources to.

      You know how they say "Necessity is the mother of invention"? Well, when an invention isn't really necessary for most folks, it tends to show up a little later than it might otherwise have.

      • Re: (Score:3, Insightful)

        by Just Some Guy (3352)

        Actually, it made me smack my head and say "I assumed we were already doing this".

        Sure, you can shave 80% off your patch filesize... but unless you're as big as google, patch bandwidth probably isn't a major priority

        So, you've never installed a service pack or another OS update? I'd be more than happy to run "sudo aptitude patch-upgrade" to download the 3KB difference between OpenOffice 3.1.foo and 3.1.foo+1.

      • Sure, you can shave 80% off your patch filesize... but unless you're as big as google, patch bandwidth probably isn't a major priority

        It's priority tends to scale though. Once you're as big as Google you have so many people downloading it that if you can shave just a little off each download it adds up to something that matters even to someone as big as you.

    • by xenocide2 (231786) on Thursday July 16, 2009 @01:47PM (#28720709) Homepage

      I've been reviewing various proposals like this, and basically, it's a tradeoff mirrors don't want. This sorta stuff has been proposed for ages. I listened to a recording of the author of rsync give an introduction to the algorithm and program, and among the questions was "is this suitable for .deb?". The answer was "Not unless the archive is completely recompressed with gzip patched to be rsync compatible".

      Eventually that patch landed, and you could conceivably do this. Except it expands the entire archive by 1-2 percent. And there's a lot of CPU overhead where there was none before.

      Then someone cooked up zsync. It's the same thing as rsync except with a precalculated set of results for the server side. This looked like a winner. But someone else really wants LZMA compressed packages to fit more onto pressed CDs. So now we're at a fundamental impass: optimize for the distribution of install media to new users, or optimize for the distribution of updates to existing users.

      The best resolution I've seen is to use LZMA compression on the entire CD volume, but that requires the kernel to get their ass in gear and allow yet another compression in the kernel. That may have finally happened, I haven't checked recently. But generally LZMA requires more RAM to operate, so that could raise the minimum requirements on installs.

      In short, it's a balancing act of effort, bandwidth, CPU and RAM. What works for some may not work for all.

    • ...it makes you smack yourself on the head and go "why hasn't everybody been doing this for years?". ... It seems so obvious that you could apply a transform,patch,reverse process... but only when pointed out and demonstrated.

      Basically google created a big custom 'transform' that applies only to x86 exe files. The reason why this is a boring story and why nobody has done this before is because nobody has found a generic, simple way to do this. And they still haven't.

      If google had actually created a 'new binary diffing algorithm' instead of a specific hack, and this worked for most binary files that have similarities that would be newsworthy. For instance if it could out of the box create small diffs for .exe, .doc, .xls, .tt

  • Nothing terribly new (Score:2, Interesting)

    by davidwr (791652)

    There was a old, pre-X MacOS binary-diff program that diffed each element of the resource fork [wikipedia.org] independently.

    Back in those days, non-code elements usually were stored in unique "resources," one icon might be in ICON 1, another might be in ICON 2, etc.

    Code was split among one or more resources.

    If a code change only affected one section of code, the only 1 CODE resource would be affected.

    Since each resource was limited to 32KB, a diff that only affected one resource would never be larger than twice that size.

    • by mzs (595629)

      One thing is very different from back then and now, disk space was at a premium, so there were a ton of optimizations to code fragments in the object file format to that end. For example most data was zero, so only portions that were not were in the object file bunched-up. The utility you refer to was able to take advantage of this. It was otherwise a simple ed-like that could insert, remove, and replace. I wish I could remember the name.

  • binary diff (Score:2, Informative)

    If you're not familiar with the process of binary diff (I wasn't) there's a paper linked from the article that explains some about bsdiff:

    http://www.daemonology.net/papers/bsdiff.pdf [daemonology.net]

    Wayback from 2007/07/09:
    http://web.archive.org/web/20070709234208/http://www.daemonology.net/papers/bsdiff.pdf [archive.org]

    • by mzs (595629)

      Yes and it is a generic approach that does not need to know anything about pex, x86, and archives. In fact it is used by this google implementation. And there was something much like what google has here implemented back in 1999 cited in the paper you posted the link to:

      B.S. Baker, U. Manber, and R. Muth, Compressing Differences of Executable Code, ACM SIGPLAN Workshop on Compiler Support for System Software, 1999.

  • by AP31R0N (723649) on Thursday July 16, 2009 @12:46PM (#28719737)

    Please?

    • Re: (Score:3, Informative)

      by ledow (319597)

      Rather than send the difference in the executable, they send the difference in a sort of source code. Saves space if a small source change (move this line past this function) causes a big executable difference.

    • by six (1673) on Thursday July 16, 2009 @12:58PM (#28719915) Homepage

      Binary executable files contain a lot of addresses (variables, jump locations, ...) that are generated by the assembler at compile time.

      Now consider you just add one 1-byte instruction somewhere in the middle of your program (let's say "nop"). When you compile it again, all the code that reference addresses beyond the insert point will have changed because the address has been incremented. So these 4 bytes added to your source code could mean addresses that get incremented in the compiled file in thousands of places.

      What they do basically is take the binary file, disassemble it back to pseudo source code (not real asm I guess), and diff that against old version. The patch engine on the client end does the same disassembling, applies the patch, and reassembles the patched source code to an executable file.

      This means diffs gets much smaller (4 bytes vs. 1000s in my extreme example), but also makes the diff/patch process much more complex, slower, and not portable.

      • by sorak (246725)

        Wouldn't the diff patch make the code more portable? IANA open source hacker, so this is an honest question.
        .
        Let say you are using the example you gave. All the addresses are referencing memory locations that may change based on the distribution being used (although that wouldn't be a factor for Google). You might have #ifdef statements in the code that include one set of files if compiled under BSD, as an example, and another set if compiled under GNU/Linux, and your memory locations may vary based on the

        • by PCM2 (4486) on Thursday July 16, 2009 @01:56PM (#28720829) Homepage

          But, if the compilers are similar enough to create the same pseudocode/bytecode/ASM, or smart enough to save the source code, and use it for future comparisons, then wouldn't one patch be just as portable as the original source code?

          It's a good theory and you're a smart person, but:

          1. The compilers probably wouldn't be similar enough. Even developers who use GCC to compile something for Linux usually use Visual Studio to compile the same code for Windows. (The source code for Chrome, for example, shipped as a Visual Studio project.) Mac OS X likes to have everything written in Objective C, so that output would probably be very different.
          2. Different operating systems rely on different shared libraries to do the same things. So a function call that opens a file in Linux might not look like a function call to do the same thing on Windows -- it might take a different number of arguments, for example, which means it would look rather different in machine language.

          Portability doesn't appear to be Google's primary concern, though. They seem to be keen on the idea of delivering binaries over the wire (real binaries, not bytecode) -- see Google Native Client. [infoworld.com]

    • by chris_eineke (634570) on Thursday July 16, 2009 @01:01PM (#28719953) Homepage Journal

      A compiler takes source codes and turns them into assembler code. That's lines of human-readable machine instruction mnemonics (for example, "Copy from here to here." "Is that bigger than zero?"). The assembler takes those lines and turns them into machine instructions, a sequence of binary numbers.

      Finding the difference between two huge gobs of binary numbers is difficult. Instead, they turn the binary numbers back into lines of mnemonics and use a algorithm that finds the difference between two huge listings of mnemonics.

      That method is easier because the listings of a program that has been changed slightly can be very similar to the listing of a unmodified program. That has to do with how compilers work.

      Capiche? ;)

      • by AP31R0N (723649)

        Thanks! That makes sense.

      • I'm not sure about the benefits.

        1) The bulk of many (most?) software packages are resources, not executables
        2) A lot of the executables is a lot of linker/DLL overhead, specially the smaller ones
        3) The optimizers (I think) remix the assembly instructions, so small changes in the program logic result in a lot of changes in assembly, ergo, in machine code. The best solution in terms of BW remains sending diffs in high level source code.

    • by unfunk (804468)
      I'd like to see a car analogy here, but it needs to involve the car's transmission diff
    • by Fantom42 (174630)

      Imagine you had a tape of somenoe talking and you needed to tell someone what was different from the last time they spoke. One way to do that would be to listen to the language and words and compare their meanings to figure out the difference. The other way would be to just send them the new tape to replace the previous one. A similar problem happens with new versions of software. You want to send the changes but you end up having to send the whole thing.

      This technology essentially writes down what the

  • This is diffs the dissembled version of the original against the update on the server, then does the opposite on the client. I couldn't help but think of this as similar to Gentoo's model ... download a compressed diff of the source and then recompile. Both have the same problem: too much client-side CPU usage (though Gentoo's is an extreme of this). Isn't Google Chrome OS primarily targeting netbooks? Can such things handle that level of extra client-side computation without leaving users frustrated?

    • by BobMcD (601576)

      Torrents are problematic in that they are contrary to the way many, if not all, ISP's are set up. Nodes are intended to be consumers, not data providers. Shifting the downloaded data to the UPSTREAM is against the intent of the architects and produces problems.

      Redesign the network, sure. Until then, torrents for updates are only taking your problem and shifting it to someone with fewer resources (without permission.)

  • BCJ filter (Score:3, Interesting)

    by hpa (7948) on Thursday July 16, 2009 @01:11PM (#28720125) Homepage

    The concept of a Branch-Call-Jump (BCJ) filter is well-known in the data compression community, and is a standard part of quite a few deployed compression products. Used as a front end to a conventional compression algorithm -- or, in this case, a binary compression algorithm -- does indeed give significant improvements. The application to binary diff is particularly interesting, since it means you can deal with branches and other references *over* the compressed region, so this is really rather clever.

  • by reg (5428)
    If you're going to do this in the long run, it would make more sense to distribute LLVM byte code and compile that to native code on the host... That way you have small diffs to the byte code, and also you get targeted optimization (and maybe even custom profile guided optimization).
  • its not 'binary diffing'.

    does it work with gif files? jpg? png? dng? mov? mpg?

    its meant for PROGRAM binary files. of a specific type of processor, at that.

    that's fine.

    but please say so, and don't imply its binary. its really specific and not helpful for image (pic, sound) formats.

  • Since this will be released as open source, it should make distributing updates a lot easier for the open-source community.

    We open source community don't have no F**KING business in binary distribution!

  • A similar approach for distributing updates to source packages has been around for years: The dynamic deltup server network. You can tell their servers which source archives you already have and which new version you want. The server then unpacks both archives and sends you a deltup diff that can be used to create a bit-by-bit copy of the desired source archive, using the deltup program.
    An example use case for this are source based operating system distributions, like Gentoo GNU/Linux. The saved bandwidth i

  • If Google's OS is to become open source - why the need for binary diffs at all?

    Isn't it feasible that the client store all the source and the patch process just involves a diff to the original source code that gets recompiled?

    Also, this dissassemble,edit,reassemble scheme isn't new. There are a few viruses out there that perform similar actions in order to create space in the executable for themselves. pretty ingenious actually.

  • many ways to do that (Score:3, Interesting)

    by ei4anb (625481) on Friday July 17, 2009 @03:36AM (#28727027)
    I worked on a project back in the 80's where we had half a million lines of code running on a high availability machine with 384 32bit CPUs.

    As bandwidth was a tad limited in those days we too looked for an efficient way to distribute updates. The solution was to distribute the smaller bug fixes as patches, similar to debug scripts. The loader would run those debug scripts after loading the program. To apply a patch the customer would put the patch file in the same folder as the program, restart the program on the hot standby side of the cluster and provoke a switchover to the standby.

    The patch was applied without any downtime. If the customer wanted to back-out the bug fix then all they had to do was delete the patch file and switch back to the unpatched side of the cluster.

    Most patches were small and we only had a few hundred bytes to send out at a time. Afterwards the world upgraded to Windows and forgot such technology :-(

<<<<< EVACUATION ROUTE <<<<<

Working...