"In
Italy, for thirty years under the Borgias, they had warfare,
terror, murder, bloodshed, but they produced Michelangelo, Leonardo da
Vinci and the Renaissance. In Switzerland, they had brotherly love;
they
had 500 years of democracy and peace -- and what did that produce? The
cuckoo
clock." -- Orson Welles as Harry Lime in THE THIRD MAN (1949)
Overview
The Cuckoo Project is not concerned
with the design of cuckoo clocks, although at some future point we
envision its use in the development of a distributed real-time system.
Rather, the Cuckoo Project is
focused on the development of memory- and thread-safe language support
for application-specific object code, that can be mapped into address
spaces shared with other protection domains.
Just as a Cuckoo bird can lay its eggs in other birds' nests,
the Cuckoo compiler enables objects for one specific address space to
be loaded into a memory area within other address spaces. The memory
safety of Cuckoo makes it suitable for writing extensible systems
and/or applications with configurable services that must be executed
outside the protection domain of the application's private address
space.
Type-safe languages such as Cyclone exist, that guarantee
memory-safety using fat pointers, but fail to ensure atomic updates to
such pointers in multi-threaded environments. Other approaches such as
Java support multiple threads but place restrictions on memory usage.
By comparison, the Cuckoo language is syntactically similar to C, with
support for pointers (albeit without support for pointer-arithmetic)
and assurances that multiple threads will not inadvertently manipulate
references to objects in a manner that can violate memory safety.
The first version of our prototype compiler is now available to
the public, upon request. We are still developing the run-time support
for dynamic memory allocation, along with a trusted system interface
(akin to a trusted libc) library. Preliminary tests suggest that our
first Cuckoo prototype compiler can generate code that executes nearly
as fast as untrusted C code (compiled using gcc without optimizations).
It can produce memory-safe code for multi-threaded applications, while
allowing for more fine-grained control over memory usage than Java.
Given that we do not need a large virtual machine footprint, for the
interpretation of byte-codes, as with Java, Cuckoo object code can
easily fit within the memory areas of user-level
sandboxes, thereby making it suitable for our extensible systems
research.
Richard West and Gary Wong, "Cuckoo: a Language for Implementing
Memory- and Thread-safe System Services", Technical Report,
2005-006, Boston University, February 2005
