NETB131 Programming
Project
Programming
language Cyclone
Kalina
Stilianova Rakovska,
F16002
1. History and Special
Features
Based
at Cornell University and AT&T Labs, New York, the Cyclone
project
is a variant of the programming language
C. It was started in 2001 as a joint project of AT&T
Labs Research
and Greg
Morrisett's group. The key developers
include Trevor
Jim,
Greg Morrisett, Dan
Grossman and Mike Hicks.
They worked out the initial design and implementation, basing the
language to some degree on Popcorn, a safe-C-like language that
was
developed at Cornell as part of the Typed Assembly Language (TAL)
project. Other people that have made strong contributions to the
project include: Nikhil
Swamy, Yanling
Wang,
James Cheney, Matthew Harris, Mathieu Baudet,
Bart Samwel, Matthew Fluet and Dan Wang.
The
language is designed to eliminate common bugs
and major programming
glitches before the software is even released. It is a safe
dialect of
C
that retains its transparency and control, but adds the benefits
of
safety (i.e., no unchecked run-time errors). In Cyclone, buffer
overflows, format
string attacks, double free bugs, dangling pointer accesses and
etc.
are prevented for all programs, whether
written by a security expert or by a novice. The changes required
to
achieve safety are pervasive, but Cyclone is still recognizably C.
It
offers a variety of other
programming features, including tagged unions, parametric
polymorphism,
pattern matching, exceptions, anonymous structs equivalent by
structure, parameterized typedefs, an extensive library for
container
types and common utilities, a lexer generator, a parser generator,
and
function-level debugging with tools such gdb and profiling with
gprof.
The
developers claim that Cyclone's data representation and calling
conventions are interoperable with C-like programming styles,
which
should simplify porting code to Cyclone. Cyclone helps make code
safer
by enforcing checks through a type library. If the compiler finds
problems, it can rewrite the code or suggest possible ways to
rewrite
the code manually. In addition, data type information and runtime
checks help prevent array boundary violations, also known as
unchecked
buffers or buffer overrun conditions.
Cyclone’s goal is to accommodate C’s style of low-level
programming,
while providing the same level of safety guaranteed by high-level
safe
languages like Java — a level of safety that has not been achieved
by
previous approaches.
Restrictions
imposed by Cyclone to preserve safety:
•
NULL
checks are inserted to prevent segmentation
faults
•
Pointer arithmetic is restricted
•
Pointers must be initialized before use
•
Dangling pointers are prevented through region
analysis and limitations on free
•
Only
“safe” casts and unions are allowed
•
goto
into scopes is disallowed
•
switch
labels in different scopes are disallowed
•
Pointer-returning functions must execute return
•
setjmp
and longjmp are not supported
Extensions
provided
by Cyclone to safely regain C programming idioms:
•
Never-NULL pointers do not require NULL checks
•
“Fat”
pointers support pointer arithmetic with
run-time bounds checking
•
Growable regions support a form of safe manual
memory management
•
Tagged
unions support type-varying arguments
•
Injections help automate the use of tagged unions
for programmers
•
Polymorphism replaces some uses of void *
•
Varargs are implemented with fat pointers
•
Exceptions replace some uses of setjmp and longjmp
2. "Hello World" Program
#include
<stdio.h>
int main()
{
printf("Hello, World\n");
return 0;
}
3. Fundamental Data
Types (integer, floating point, string) and
Assignment Operator
Definitions:
type name;
// declaration
type
name = value
; // initialization
type:
-integer:
Integers are whole numbers with a
machine
dependent range of values. Cyclone has 3 classes of integer
storage
namely short int, int and long int.
All of these data types have signed
and unsigned forms.
A short int
requires half the space than normal integer values. Unsigned
numbers
are always positive and consume all the bits for the magnitude of
the
number. The long and unsigned integers are used to declare a
longer
range of values.
int x;
int x
= 3;
-floating
point:
Floating
point number represents
a real number with 6 digits precision. When the accuracy of the float
number is insufficient, we can
use the double (double
precision floating point) or long double
(extended double
precision floating point) to define the number. The double
is
same as float but
with longer precision.
double y;
double y =
3.3;
-string:
Cyclone does not have a string type as other programming
languages,
only has character type so a string is defined as an array of
characters or a pointer to characters. String is terminated by a
special character which is called as null terminator or null
parameter
(/0).
char *zz;
zz =
"Hello";
or
char
zz[10];
zz[0] = 'H';
zz[1] = 'e';
zz[2] = 'l';
zz[3] = 'l';
zz[4] = 'o';
zz[5] = 0;
or
char zz[4] =
"bar";
char zz[4]
@zeroterm = "bar";
name is identifiers that refers
to
the name of user-defined variables. A variable should be
essentially a
sequence of letters and
or digits and the variable name should begin with a character or
underscore and should not contain a space.
Assignment
Operator
"=" - Cyclone
enforces the evaluation order to be right-to-left for assignment
expressions.
e1 = e2 = e3; //
Cyclone
evaluates first e3, then e2, then e1.
sum =
sum + 1;
Other assignment operators are ++ -- += -=
*= /= %= |= ^= &= <<=
>>=
:=:
4. Basic Control Flow
(conditional and loop statements)
Conditional
operator:
if (expression) statement;
// if statement is a basic control flow structure. It is used
when a
unit of code need to be executed by a condition true or false.
If the
condition is true, the code in if block will execute otherwise
it does
nothing.
if (expression)
statement;
else statement;
// If the condition of if statement is false the
code block in else will be executed.
Loop
operator:
while (expression)
statement;
// The while loop is used to execute a block of
statements
repeatedly with checked condition before making an iteration.
do statement while (expression);
// do while loop
statement allows to execute code block in loop body at least one.
for (initialization_expression;
loop_condition;
increment_expression) statement;
// initialization_expression is executed before
execution of
the loop starts. This is typically used to initialize a counter
for the
number of loop iterations.
The execution of the loop continues until the loop_condition
is false. This expression is checked at the beginning of each loop
iteration.
The increment_expression, is usually used to increment
the
loop counter. This is executed at the end of each loop iteration.
Task: Input an
integer number n and output the sum:
1+22+32+...+n2. Use input validation
for n to be positive.
#include<stdio.h>
int main()
{
int n;
scanf("%d",&n);
if (n < 0)
return
1;
int sum = 0;
int i = 0;
while (i
<= n)
{ sum += i*i; i++;
}
printf("%d\n",sum);
return 0;
}
5. Functions - syntax,
writing and using functions, example
Syntax:
return_type name
(parameter_list) {statements}
// Function is a block of source code which does one or some tasks
with
specified purpose.
-
return_type
- it can be any legal data type such as int, char,
pointer. If
the
function does not return a value, the return type has to be
specified
by keyword void;
-
name
is the identifier by which it will be possible to call
the
function. The name of a function should be meaningful and
express what
it
does;
-
parameter_list - parameters
passed to
function have to be separated by a semicolon, and each parameter
has to
indicate it data type and parameter name. Function does not
require
formal parameter so if you don’t pass any parameter to function
you can
use keyword void;
-
statements
is the function's body. It is a block of
statements
surrounded by braces { }.
Example:
#include
<stdio.h>
// definition
int addition (int a,
int b)
{ int
r;
r = a + b;
return
r;
}
int main ()
{ int z;
// invoking
the
function
z
=
addition (5,3);
printf("%s\n",
"The result is ");
printf("%d\n", z);
return 0;
}
6. Arrays - syntax,
definition, example
Syntax:
type name [size];
// Array by definition is a variable that hold multiple elements
which
has the same data type.
-
type
is the data type specifier of the elements in the array;
-
name
is the identifier by which it will be possible to access the
array
elements;
-
size
is an integer constant. It is the number of elements of the
array.
Example:
// array example
#include <stdio.h>
#include <stdlib.h>
int main(void)
{ int array[2][2];
int i;
int j;
for(i=0; i<2;
i++)
{ for(j=0; j<2;
j++)
{
array[i][j] = 0;
}
}
return EXIT_SUCCESS;
}
7. Compilers
- Cyclone version 1.0: source
code, documentation
-
Cyclone
old versions, documentation and benchmarks
Cyclone
is currently supported on x86 Linux, and on
Windows
using Cygwin. The Cyclone
compiler is implemented in approximately 35,000 lines of Cyclone.
It
consists of a parser, a static analysis phase, and a simple
translator
to C.
8. Projects and Software
in Cyclone
- James Ranson has ported the Internet Junkbuster
to Cyclone;
- Zhongxi Shen has put together a Cyclone-based environment for
Lego Mindstorm running on top of
the BrickOS;
- In-kernel
Network Monitoring at UPenn and AT&T;
- MediaNet
at Maryland and Cornell. MediaNet is an overlay network
that
provides distributed streaming data services, accounting for
user-specified Quality of Service criteria. Its servers
are
written in Cyclone;
- The
Open Kernel Environment (OKE) at the Leiden Institute of
Advanced
Computer Science;
-
RBClick
at the University of Utah;
- STP [Patel et al., SOSP 03];
- FPGA synthesis [Teifel/Manohar, ISACS 04];
- Maryland undergrad O/S course (geekOS) [2004]. Cyclone is
being
used as part of the University of Maryland's undergraduate
operating
systems class, CMSC
412;
- xTCP [Utah &
Washington];
- Protocol
Parsing [AT&T];
- Minix
modules [Netherlands].
9. Standard
The
grammar of Cyclone is derived from ISO C99.
10. References
[1] Cyclone Homepage, http://cyclone.thelanguage.org/
[2] Cyclone, http://en.wikipedia.org/wiki/Cyclone_(programming_language)
[3] Cyclone, http://www.cs.umd.edu/~mwh/papers/cyclone-cuj.pdf
[4] Cyclone, http://www.ntsecurity.net/Articles/Index.cfm?ArticleID=23262
[5] Cyclone, http://www.vnunet.com/vnunet/news/2116657/secure-future-c
[6] Cyclone, http://www.eecs.harvard.edu
[7] Cyclone, https://www.cs.washington.edu/homes/djg/slides/grossman_cyclone_jpl_05.ppt
[8] C programming
language,
http://cprogramminglanguage.net