TDT09 Topic 11

C is not for everyone! OS implementation in higher-level languages

Early operating systems were implemented in assembler due to efficiency concerns. However, the availability of faster computers with sufficient amounts of main memory and the requirement to port an operating system to incompatible computers made implementing an OS on such a low level impractical. Thus, system programming languages such as C were introduced to enable OS implementation on a more abstract level.

However, the simplicity of C and its creation on a still quite restricted machine as the PDP11 meant that compromises were required [1]. Some of these compromises, such as omitting runtine checks of array indexes, helped with performance, but are also the source of a significant share of today's security problems [2]. Accordingly, the specification of C changed over time, though many programmers still have the model of a PDP11 in their head when writing C code. The resulting problems are described in [3].

This topic can be taken in a number of directions, such as discussing undefined behavior in C code [4] or the use of secure programming languages [5,6], e.g. in designing the Singularity OS by Microsoft [7] (interesting videos are linked on the Singularity Wikipedia page [8]).

References

  1. Stephen Kell. Some were meant for C: the endurance of an unmanageable language. In Proceedings of the ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), October 2017 pdf
  2. C. Cowan, F. Wagle, Calton Pu, S. Beattie and J. Walpole, "Buffer overflows: attacks and defenses for the vulnerability of the decade," Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00, Hilton Head, SC, USA, 2000, pp. 119-129 vol.2 link
  3. David Chisnall, "C Is Not a Low-level Language. Your computer is not a fast PDP-11.", ACM Queue, Volume 16, issue 2 link
  4. John Regehr. A Guide to Undefined Behavior in C and C++ link
  5. Cristina Cifuentes, Gavin Bierman. What is a Secure Programming Language? 3rd Summit on Advances in Programming Languages (SNAPL 2019) pdf
  6. Cristina Cifuentes, Gavin Bierman. What is a Secure Programming Language? POPL'20 presentation video
  7. Galen C. Hunt and James R. Larus. 2007. Singularity: rethinking the software stack. SIGOPS Oper. Syst. Rev. 41, 2 (April 2007), 37–49 link
  8. Singularity videos on Wikipedia link