https://whileydave.com/Recent content on Dave's HomepageHugo -- gohugo.ioen-nzThu, 02 Apr 2026 00:00:00 +0000Thu, 02 Apr 2026 00:00:00 +0000Mon, 20 Nov 2023 00:00:00 +0000https://whileydave.com/2023/10/19/digging-into-the-evm-object-format-eof/Thu, 19 Oct 2023 00:00:00 +0000https://whileydave.com/2023/10/19/digging-into-the-evm-object-format-eof/The EVM Object Format (EOF) introduces a structured container format for EVM bytecode. The EOF proposal is spread over several EIPs (see the “Mega EOF Endgame” for an overview). My goal here is to provide a high level overview and, in particular, to clarify what problems it is trying to solve.https://whileydave.com/2023/09/16/efficient-functions-in-dafny/Sat, 16 Sep 2023 00:00:00 +0000https://whileydave.com/2023/09/16/efficient-functions-in-dafny/In developing an EVM in Dafny, a key requirement is to test it against the official EVM test suite. This means it needs to be at least reasonably efficient, otherwise completing a test run becomes impractical.https://whileydave.com/2023/07/17/proving-a-beautiful-identity-in-dafny/Mon, 17 Jul 2023 00:00:00 +0000https://whileydave.com/2023/07/17/proving-a-beautiful-identity-in-dafny/Recently, I came across a tweet about the following identity: This seemed quite surprising to me, though the tweet’s thread included a number of proofs. We can check the first few values easily for ourself:https://whileydave.com/publications/dpc23_ecoop/Tue, 11 Jul 2023 00:00:00 +0000https://whileydave.com/publications/dpc23_ecoop/Abstract: Issues related to the dereferencing of null pointers are a pervasive and widely studied problem, and numerous static analyses have been proposed for this purpose. These are typically based on dataflow analysis, and take advantage of annotations indicating whether a type is nullable or not.https://whileydave.com/2023/06/27/programming-languages-going-above-and-beyond/Tue, 27 Jun 2023 00:00:00 +0000https://whileydave.com/2023/06/27/programming-languages-going-above-and-beyond/Having been a programmer for a long time now, I have experienced my fair share of programming languages. What strikes me the most is that programming languages have not improved much over the years.https://whileydave.com/2023/04/16/pattern-matching-in-rusts-neverland/Sun, 16 Apr 2023 00:00:00 +0000https://whileydave.com/2023/04/16/pattern-matching-in-rusts-neverland/Recently, I’ve been working on a tool for manipulating EVM bytecode and assembly language. I wanted to describe low level bytecode and assembly language using the same datatype. At the same time, I wanted some instructions to be allowed only in assembly language but not bytecode (e.https://whileydave.com/publications/cfgpq_fm23/Mon, 06 Mar 2023 00:00:00 +0000https://whileydave.com/publications/cfgpq_fm23/Abstract: The Ethereum protocol implements a replicated state machine. The network participants keep track of the system state by: 1) agreeing on the sequence of transactions to be processed and 2) computing the state transitions that correspond to the sequence of transactions.https://whileydave.com/2023/02/06/formalising-the-ethereum-virtual-machine-in-dafny/Mon, 06 Feb 2023 00:00:00 +0000https://whileydave.com/2023/02/06/formalising-the-ethereum-virtual-machine-in-dafny/Since starting at ConsenSys, the main project I have been involved with is a formalisation of the Ethereum Virtual Machine in Dafny called the “DafnyEVM”. Our goals share some similarity with Runtime Verification’s KEVM project.https://whileydave.com/2023/01/04/disassembling-evm-bytecode-the-basics/Wed, 04 Jan 2023 00:00:00 +0000https://whileydave.com/2023/01/04/disassembling-evm-bytecode-the-basics/Recently, I’ve been looking at how to disassemble (and eventually decompile) bytecode for the Ethereum Virtual Machine (EVM). This is an interesting computer science problem which I’ve been thinking about lately.https://whileydave.com/publications/pea22_gpce/Sun, 13 Nov 2022 00:00:00 +0000https://whileydave.com/publications/pea22_gpce/Abstract. The dream of developing compilers that automatically verify whether or not programs meet their specifications remains an ongoing challenge. Such ``verifying compilers’’ are (finally) on the verge of entering mainstream software development.https://whileydave.com/2022/09/15/formal-verification-of-a-token-contract/Thu, 15 Sep 2022 00:00:00 +0000https://whileydave.com/2022/09/15/formal-verification-of-a-token-contract/Following on from my previous post on verifying an auction contract in Whiley, I thought it might be useful to look at a more challenging example. A token contract is a very common form of smart contract which allows someone to create and manage their own currency.https://whileydave.com/2022/06/28/formalising-a-simple-virtual-machine/Tue, 28 Jun 2022 00:00:00 +0000https://whileydave.com/2022/06/28/formalising-a-simple-virtual-machine/Since starting my new role at ConsenSys, I have become interested in formalising virtual machines. For example, there are already some formalisations of the Ethereum Virtual Machine (e.g. in K, Lem, Coq).https://whileydave.com/downloads/tuttev0.9.19/Tue, 21 Jun 2022 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.19/The following updates have been made: Add support for --split with --chromatic.https://whileydave.com/2022/06/15/type-checking-in-whiley-goes-both-ways/Wed, 15 Jun 2022 00:00:00 +0000https://whileydave.com/2022/06/15/type-checking-in-whiley-goes-both-ways/Type checking in Whiley is a curious thing as it goes both forwards and backwards. This is sometimes referred to as bidirectional type checking (see e.g. here and here). This is surprisingly useful in Whiley (perhaps because the language has a reasonably unusual feature set).https://whileydave.com/2022/05/31/whiley-gets-rusty/Tue, 31 May 2022 00:00:00 +0000https://whileydave.com/2022/05/31/whiley-gets-rusty/I’ve been learning Rust for a while now but, at the same time, trying to continue developing Whiley. Since Whiley was written entirely in Java, these activities were mutually exclusive and it was frustrating trying to balance things!https://whileydave.com/2022/05/17/verifying-an-auction-contract-in-whiley/Tue, 17 May 2022 00:00:00 +0000https://whileydave.com/2022/05/17/verifying-an-auction-contract-in-whiley/Since Whiley is a general purpose verification system, I thought it might be interesting to try and verify a smart contract. Smart contracts are well suited to formal verification tools (like Whiley), as they are small and typically self-contained.https://whileydave.com/2022/04/27/puzzling-strong-updates-in-rust/Wed, 27 Apr 2022 00:00:00 +0000https://whileydave.com/2022/04/27/puzzling-strong-updates-in-rust/The idea of a strong update comes from earlier work on static analysis and, in particular, pointer analysis. To understand this, let’s imagine a hypothetical non-null analysis for C: int* r = (int*) malloc(sizeof(int)); int** p = &r; At this point, our non-null analysis would conclude that p was nonnull and that r was nullable.https://whileydave.com/publications/pps22/Mon, 14 Mar 2022 00:00:00 +0000https://whileydave.com/publications/pps22/Abstract: A distinguished feature of the Rust programming language is its ability to deallocate dynamically-allocated data structures as soon as they go out of scope, without relying on a garbage collector.Sun, 13 Mar 2022 00:00:00 +0000https://whileydave.com/publications/pap22_envirvis/Sat, 15 Jan 2022 00:00:00 +0000https://whileydave.com/publications/pap22_envirvis/Abstract: Air quality has an adverse impact on the health of people living in areas with poor quality air. Hence monitoring is needed to understand the extent of poor air quality.https://whileydave.com/publications/pug22_jar/Sat, 15 Jan 2022 00:00:00 +0000https://whileydave.com/publications/pug22_jar/Abstract: The quest to develop increasingly sophisticated verification systems continues unabated. Tools such as Dafny, Spec#, ESC/Java, SPARK Ada, and Whiley attempt to seamlessly integrate specification and verification into a programming language, in a similar way to type checking.https://whileydave.com/2021/12/06/modelling-borrow-checking-in-rust/Mon, 06 Dec 2021 00:00:00 +0000https://whileydave.com/2021/12/06/modelling-borrow-checking-in-rust/Recently, I’ve been working on a formalisation of borrow checking in Rust. The idea is to help people think clearly about how borrow checking works (in someways perhaps similar to the Stacked Borrows work but with a different perspective).https://whileydave.com/publications/anker21_comp589/Mon, 01 Nov 2021 00:00:00 +0000https://whileydave.com/publications/anker21_comp589/Abstract. Whiley is a statically typed language that supports both object-oriented as well as functional programming language paradigms. Like many other programming languages, Whiley also supports variables, primitive types (e.g. int, bool), methods, control-flow statements (e.https://whileydave.com/publications/mcmurray21_engr489/Mon, 01 Nov 2021 00:00:00 +0000https://whileydave.com/publications/mcmurray21_engr489/Abstract. Whiley2Cpp is a plugin for the Whiley programming language that is being developed as part of this project. The plugin translates Whiley code into C++ code. Whiley is a programming language that uses an automated theorem prover to statically check programs for correctness.https://whileydave.com/publications/rainford21_engr489/Mon, 01 Nov 2021 00:00:00 +0000https://whileydave.com/publications/rainford21_engr489/Abstract. Whiley is an imperative and functional programming language that supports Extended Static Checking through formal verification. TypeScript is a gradually typed programming language that is a superset of JavaScript. The main purpose of TypeScript is to add type safety to the JavaScript language.https://whileydave.com/2021/10/27/verifying-the-whiley-standard-library/Wed, 27 Oct 2021 00:00:00 +0000https://whileydave.com/2021/10/27/verifying-the-whiley-standard-library/For sometime now, its been possible to use Boogie / Z3 as a backend for verifying Whiley programs. Initially that was pretty sketchy, but it’s really starting to ramp up now.https://whileydave.com/2021/10/26/test-driving-the-rust-model-checker-rmc/Tue, 26 Oct 2021 00:00:00 +0000https://whileydave.com/2021/10/26/test-driving-the-rust-model-checker-rmc/The Rust Model Checker (RMC) allows Rust programs to be model checked using the C Bounded Model Checker (CBMC). In essence, RMC is an extension to the Rust compiler which converts Rust’s MIR into the input language of CBMC (GOTO).https://whileydave.com/2021/09/01/fooling-the-borrow-checker/Wed, 01 Sep 2021 00:00:00 +0000https://whileydave.com/2021/09/01/fooling-the-borrow-checker/An interesting question is how the Rust borrow checker decides when a borrow could still be live. This illustrates a simple example: let mut x = 1234; let z = f(&x); .https://whileydave.com/2021/07/15/sizing-up-types-in-rust/Thu, 15 Jul 2021 00:00:00 +0000https://whileydave.com/2021/07/15/sizing-up-types-in-rust/When learning Rust, understanding the difference between statically and dynamically sized types seems critical. There are some good discussions out there already (e.g. here and here). Whilst these explain the mechanics, they didn’t tell me why its done like this in Rust.https://whileydave.com/publications/pea21_toplas/Thu, 01 Apr 2021 00:00:00 +0000https://whileydave.com/publications/pea21_toplas/Abstract. Rust is a relatively new programming language which has gained significant traction since its v1.0 release in 2015. Rust aims to be a systems language that competes with C/C++. A claimed advantage of Rust is a strong focus on memory safety without garbage collection.Thu, 25 Mar 2021 00:00:00 +0000https://whileydave.com/2021/03/14/understanding-generic-type-variance-in-whiley/Sun, 14 Mar 2021 00:00:00 +0000https://whileydave.com/2021/03/14/understanding-generic-type-variance-in-whiley/For languages which support generic types, an important question is deciding whether or not a type C<T> is a subtype of another related type C<S>. Since Whiley was recently extended to support generic types, its interesting to think about how this was handled.https://whileydave.com/publications/cp21_programming/Fri, 01 Jan 2021 00:00:00 +0000https://whileydave.com/publications/cp21_programming/Abstract: Automated specification-based testing has a long history with several notable tools having emerged. For example, QuickCheck for Haskell focuses on testing against user-provided properties. Others, such as JMLUnit, use specifications in the form of pre- and post-conditions to drive testing.https://whileydave.com/2020/12/19/dynamic-cycle-detection-for-lock-ordering/Sat, 19 Dec 2020 00:00:00 +0000https://whileydave.com/2020/12/19/dynamic-cycle-detection-for-lock-ordering/Recently, I discovered that an algorithm of mine from a few years back is being used in both TensorFlow and the Abseil C++ library (see here and here). That is of course pretty exciting since they are both widely used libraries!https://whileydave.com/2020/12/02/automated-testing-for-whiley/Wed, 02 Dec 2020 00:00:00 +0000https://whileydave.com/2020/12/02/automated-testing-for-whiley/Recently, the online editor for Whiley was updated with some new features. Actually, the update represents a complete rewrite of the front-end in Whiley. Obviously, I am very excited about that!https://whileydave.com/2020/11/30/understanding-partial-moves-in-rust/Mon, 30 Nov 2020 00:00:00 +0000https://whileydave.com/2020/11/30/understanding-partial-moves-in-rust/Recently I’ve been digging into Rust and, whilst it’s a great language on many fronts, I do find lots of hidden complexity. One example which doesn’t get much attention is partial moves.https://whileydave.com/publications/oliver20_engr489/Sun, 01 Nov 2020 00:00:00 +0000https://whileydave.com/publications/oliver20_engr489/Abstract. Compiling a program is a process which can take a long time, thereby breaking up a developer’s workflow and productivity. Incremental compilation is a method which aims to solve this problem.Sun, 18 Oct 2020 00:00:00 +0000https://whileydave.com/publications/yang20_msc/Thu, 01 Oct 2020 00:00:00 +0000https://whileydave.com/publications/yang20_msc/Abstract: Reverse engineering is an important process employed by both attackers seeking to gain entry to a system as well as the security engineers that protect it. While there are numerous tools developed for this purpose, they often can be tedious to use and rely on prior obtained domain knowledge.Sat, 26 Sep 2020 00:00:00 +0000https://whileydave.com/2020/09/24/the-semantics-of-semantic-versioning/Thu, 24 Sep 2020 00:00:00 +0000https://whileydave.com/2020/09/24/the-semantics-of-semantic-versioning/Semantic versioning is a surprisingly interesting topic when you get into it. Recently, myself and a few colleagues (Patrick & Jens) have been giving it some thought (and we even wrote an essay on it)!https://whileydave.com/2020/09/01/whiley-is-ten-years-old/Tue, 01 Sep 2020 00:00:00 +0000https://whileydave.com/2020/09/01/whiley-is-ten-years-old/The first commit recorded in the WhileyCompiler repository on Github is dated June 25th, 2010. That means Whiley has been going for just over ten years already! Wow, time sure does fly.https://whileydave.com/publications/ldp20/Tue, 04 Aug 2020 00:00:00 +0000https://whileydave.com/publications/ldp20/Abstract: The long-standing aspiration for software reuse has made astonishing strides in the past few years. Many modern software development ecosystems now come with rich sets of publicly-available components contributed by the community.https://whileydave.com/publications/rp2020_crc/Wed, 01 Jan 2020 00:00:00 +0000https://whileydave.com/publications/rp2020_crc/https://whileydave.com/publications/powley19_msc/Tue, 01 Jan 2019 00:00:00 +0000https://whileydave.com/publications/powley19_msc/Abstract: Air quality has an adverse impact on the health of people living in areas with poor quality air. Monitoring is needed to understand the effects of poor air quality. It is difficult to compare measurements to find trends and patterns between different monitoring sites when data is contained in separate data stores.https://whileydave.com/publications/kumar19_engr489/Tue, 01 Jan 2019 00:00:00 +0000https://whileydave.com/publications/kumar19_engr489/Abstract. Ethereum is a blockchain based platform that supports a Turing complete contract language. However, methods of writing smart contracts have been error prone. This has resulted in many historically expensive bugs such as the DAO.https://whileydave.com/publications/hua19_comp489/Tue, 01 Jan 2019 00:00:00 +0000https://whileydave.com/publications/hua19_comp489/Abstract. Whiley is a multi-paradigm programming language which supports Extended Static Checking through formal specification. At compile time, Whiley can identify common errors which are uncaught by a type checker, including division by zero, null reference and array out of bounds errors.https://whileydave.com/publications/dpstb19_msr/Tue, 01 Jan 2019 00:00:00 +0000https://whileydave.com/publications/dpstb19_msr/Abstract: Many modern software systems are built on top of existing packages (modules, components, libraries). The increasing number and complexity of dependencies has given rise to automated dependency management where package managers resolve symbolic dependencies against a central repository.https://whileydave.com/publications/weng19_phd/Tue, 01 Jan 2019 00:00:00 +0000https://whileydave.com/publications/weng19_phd/Abstract. This thesis develops a compiler to convert a program written in the verification friendly programming language Whiley into an efficient implementation in C. Our compiler uses a mixture of static analysis, run-time monitoring and a code generator to and faster integer types, eliminate unnecessary array copies and de-allocate unused memory without garbage collection, so that Whiley programs can be translated into C code to run fast and for long periods on general operating systems as well as limited-resource embedded devices.Sun, 16 Dec 2018 00:00:00 +0000https://whileydave.com/publications/russel18_engr489/Thu, 01 Nov 2018 00:00:00 +0000https://whileydave.com/publications/russel18_engr489/Abstract. The Whiley Memory Analyser (WyMA) is a tool for performing a static analysis on Whiley files to evaluate their worst case memory consumption. We evaluate worst case memory consumption to avoid potential errors in systems with limited memory, and it is evaluated statically to ensure it is the absolute worst case.https://whileydave.com/2018/04/23/verifying-leftpad-in-whiley/Mon, 23 Apr 2018 00:00:00 +0000https://whileydave.com/2018/04/23/verifying-leftpad-in-whiley/The leftPad(string,int) function simply pads a string up to a given size by inserted spaces at the beginning. For example, leftPad("hello",8) produces " hello". This little function shot to fame in 2016 when a developer pulled all his modules from NPM, of which one provided the leftPad() functionality.https://whileydave.com/publications/kmp18_diagrams/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/kmp18_diagrams/Abstract: Symmetry is often considered a desirable feature of dia- grams. However, quantifying the exact amount of symmetry present is often difficult. We propose a novel symmetry metric that can score the amount of rotational, translational, and reflective symmetry present in a graph or line diagram.https://whileydave.com/publications/pug18_etss/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/pug18_etss/Abstract: This tutorial introduces the basic ideas of software specification and verification, which are important techniques for assuring the quality of software and eliminating common kinds of errors such as buffer overflow.https://whileydave.com/publications/pope18_engr489/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/pope18_engr489/Abstract. For the formal verification of programs, loop invariants must be used to ensure the verifier understands the properties of a loop. These invariants are often trivial, and many are common between loops.https://whileydave.com/publications/pea18_jvlc/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/pea18_jvlc/Abstract. Implementing the type system of a programming language is a critical task that is oftendone in an ad-hoc fashion. Whilst this makes it hard to ensure the system is sound, italso makes it difficult to extend as the language evolves.https://whileydave.com/publications/chin18_engr489/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/chin18_engr489/Abstract. Whiley is a programming language that verifies code using formal specifications to improve software quality. Whiley contains a verifying compiler which can identify common bugs. However, the compiler is limited in its ability to discover bugs and may take a long time to verify large programs.https://whileydave.com/publications/pea18_gpce/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/pea18_gpce/Abstract: Implementing the type system of a programming language is a critical task that is often done in an ad-hoc fashion. Whilst this makes it hard to ensure the system is sound, it also makes it difficult to extend as the language evolves.https://whileydave.com/publications/ppp18_vmil/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/publications/ppp18_vmil/Abstract: Field-Programmable Gate Arrays (FPGA’s) have been around since the early 1980s and have now achieved relatively widespread use. For example, FPGAs are routinely used for high-performance computing, financial applications, seismic modelling, DNA sequence alignment, software defined networking and, occasionally, are even found in smartphones.https://whileydave.com/downloads/tuttev0.9.18/Mon, 01 Jan 2018 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.18/The following updates have been made: Updated code to eliminate C++ warnings and errors. Addresses issue on MacOS High Sierra.https://whileydave.com/2017/12/19/verifying-bubble-sort-in-whiley/Tue, 19 Dec 2017 00:00:00 +0000https://whileydave.com/2017/12/19/verifying-bubble-sort-in-whiley/Bubble sort is a classic sorting algorithm with lots of well-known issues. It’s been a long time since I thought much about this algorithm. But, it turns out to be an interesting verification example for Whiley, as it has some interesting loop invariants.https://whileydave.com/2017/08/24/whiley-demo-oracle-labs/Thu, 24 Aug 2017 00:00:00 +0000https://whileydave.com/2017/08/24/whiley-demo-oracle-labs/Recently, I gave a demo of Whiley at Oracle Labs in Brisbane which they have kindly put up on YouTube: The actual demo itself starts around 11:30s, so you might want to skip on to that.Mon, 24 Jul 2017 00:00:00 +0000Tue, 27 Jun 2017 00:00:00 +0000https://whileydave.com/2017/06/21/on-the-internet-and-object-oriented-programming/Wed, 21 Jun 2017 00:00:00 +0000https://whileydave.com/2017/06/21/on-the-internet-and-object-oriented-programming/The rise of the internet over the last, say, two decades has been pretty unstoppable (we all know that). But, is it now affecting the prominence of object-oriented programming? I’m going to try and argue in this post that: yes, it is.https://whileydave.com/2017/03/28/property-syntax-in-whiley/Tue, 28 Mar 2017 00:00:00 +0000https://whileydave.com/2017/03/28/property-syntax-in-whiley/Recently, I gave a demo which showed off thew new “Property Syntax” in Whiley. Whilst this is still in the devel branch it will make its way, soon enough, into the next release.https://whileydave.com/2017/02/15/on-memory-management-and-rust/Wed, 15 Feb 2017 00:00:00 +0000https://whileydave.com/2017/02/15/on-memory-management-and-rust/Rust is definitely one of the more interesting new programming language I’ve come across recently. Memory management is definitely Rust’s “thing”, and the language wants to have its cake and eat it (so to speak).https://whileydave.com/publications/pea17_array/Sun, 01 Jan 2017 00:00:00 +0000https://whileydave.com/publications/pea17_array/Abstract: Arrays are a fundamental mechanism for developing and reasoning about programs. Using them, one can easily encode a range of important algorithms from various domains, such as for sorting, graph traversal, heap manipulation and more.https://whileydave.com/publications/jones17_phd/Sun, 01 Jan 2017 00:00:00 +0000https://whileydave.com/publications/jones17_phd/Abstract: Objects have been categorised into classes that declare and implement their behaviour ever since the paradigm of object-orientation in programming languages was first conceived. Classes have an integral role in the design and theory of object-oriented languages, and often appear alongside objects as a foundational concept of the paradigm in many theoretical models.https://whileydave.com/publications/pauget17_project/Sun, 01 Jan 2017 00:00:00 +0000https://whileydave.com/publications/pauget17_project/Abstract. Improving code performances lies more and more in the relevant use of computational helpers. Computing platforms like OpenCL or CUDA that enable to relocate resource consuming calculations to graphics processing unit (GPU) are now ordinary.https://whileydave.com/publications/dpjb17_ecoop/Sun, 01 Jan 2017 00:00:00 +0000https://whileydave.com/publications/dpjb17_ecoop/Abstract: The use of formal contracts has long been advocated as an approach to develop programs that are provably correct. However, the reality is that adoption of contracts has been slow in practice.https://whileydave.com/publications/upg17_ifm/Sun, 01 Jan 2017 00:00:00 +0000https://whileydave.com/publications/upg17_ifm/Abstract: The quest to develop increasingly sophisticated verification systems continues unabated. Tools such as Dafny, Spec#, ESC/Java, SPARK Ada, and Whiley attempt to seamlessly integrate specification and verification into a programming language, in a similar way to type checking.https://whileydave.com/2016/12/09/understanding-effective-unions-in-whiley/Fri, 09 Dec 2016 00:00:00 +0000https://whileydave.com/2016/12/09/understanding-effective-unions-in-whiley/The concept of effective union types in Whiley exposes some interesting features worth considering. In particular, they result in a separation between the readable and writeable view of a type. But, we’re getting ahead of ourselves!https://whileydave.com/2016/11/15/mixfix-function-syntax-for-whiley/Tue, 15 Nov 2016 00:00:00 +0000https://whileydave.com/2016/11/15/mixfix-function-syntax-for-whiley/Today I saw an interesting talk about mix-fix function syntax. The idea is to allow a more complex syntax for declaring and calling functions, rather than the very common “uniform” style.https://whileydave.com/publications/hulst16_engr489/Tue, 01 Nov 2016 00:00:00 +0000https://whileydave.com/publications/hulst16_engr489/Abstract. This project is concerned with creating a software simulation and visualisation of a model railway to improve the efficiency of testing software controllers. Testing a train controller on a physical railway is time consuming and limited by what is physically available to test on.https://whileydave.com/2016/09/01/program-specification-in-practice/Thu, 01 Sep 2016 00:00:00 +0000https://whileydave.com/2016/09/01/program-specification-in-practice/Recently, as part of our Programming Languages Reading group, we looked at the paper “Contracts in Practice” by Estler et al., (see here for a copy). This is quite an interesting paper and the authors perform an empirical investigation as to how contracts are used by programmers in practice.https://whileydave.com/2016/08/03/flow-typing-with-constrained-types/Wed, 03 Aug 2016 00:00:00 +0000https://whileydave.com/2016/08/03/flow-typing-with-constrained-types/Flow-sensitive typing (a.k.a. “Flow Typing”) is definitely getting more popular these days. Ceylon, Kotlin, TypeScript, Racket, Whiley all support flow typing in some form. Then, of course, there’s Facebook Flow and the list goes on!https://whileydave.com/2016/05/28/reference-lifetimes-in-whiley/Sat, 28 May 2016 00:00:00 +0000https://whileydave.com/2016/05/28/reference-lifetimes-in-whiley/The concept of lifetimes was pioneered in the Rust programming language, and builds on earlier notions of regions and ownership types. Lifetimes are considered one of Rust’s “most unique and compelling features”.https://whileydave.com/2016/04/21/contractive-and-uninhabited-types-in-whiley/Thu, 21 Apr 2016 00:00:00 +0000https://whileydave.com/2016/04/21/contractive-and-uninhabited-types-in-whiley/An interesting feature of Whiley is that it supports true recursive types. These are surprisingly tricky to get right, and recently we came across some interesting examples that the Whiley compiler should (but doesn’t) check for.https://whileydave.com/publications/jp16_ftfjp/Fri, 01 Jan 2016 00:00:00 +0000https://whileydave.com/publications/jp16_ftfjp/Abstract: Structural type systems provide an interesting alternative to the more common nominal typing scheme. Several existing languages employ structural types in some form, including Modula-3, Scala and various extensions proposed for Java.https://whileydave.com/publications/pea16_ipl/Fri, 01 Jan 2016 00:00:00 +0000https://whileydave.com/publications/pea16_ipl/Abstract. Tarjan’s algorihm for finding the strongly connected components of a directed graph is widely used and acclaimed. His original algorithm required at most v(2 + 5w) bits of storage, where w is the machine’s word size, whilst Nuutila and Soisalon-Soininen reduced this to v(1 + 4w).https://whileydave.com/publications/schweizer16_msc/Fri, 01 Jan 2016 00:00:00 +0000https://whileydave.com/publications/schweizer16_msc/Abstract. Safety critical environments require high programming standards. Verification is a way to prove absence of certain faults and to make sure that a program meets a given specification. Unfortunately, most modern programming languages do not actively support verification.https://whileydave.com/downloads/tuttev0.9.17/Fri, 01 Jan 2016 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.17/The following updates have been made: Added support for the --split-edges option. This allows splitting a graph based on the number of edges, rather than the number of vertices.https://whileydave.com/2015/11/12/encoding-c-strings-in-whiley/Thu, 12 Nov 2015 00:00:00 +0000https://whileydave.com/2015/11/12/encoding-c-strings-in-whiley/In this post, we’re going to consider representing the classic C string in Whiley. This turns out to be useful as we can then try to verify properties about functions which operate on C strings (e.https://whileydave.com/2015/10/06/verifying-software-with-whiley/Tue, 06 Oct 2015 00:00:00 +0000https://whileydave.com/2015/10/06/verifying-software-with-whiley/A couple of weeks back, I gave a presentation to the Wellington Java User Group. The talk provides a useful introduction to verifying software in Whiley, and shows a bunch of interesting examples.https://whileydave.com/2015/09/22/introductory-lecture-on-verification-in-whiley/Tue, 22 Sep 2015 00:00:00 +0000https://whileydave.com/2015/09/22/introductory-lecture-on-verification-in-whiley/We’ve started using Whiley again in my second year course Formal Foundations of Programming. The aim of this course is to introduce students into a range of techniques related to software correctness.Wed, 26 Aug 2015 00:00:00 +0000Mon, 23 Mar 2015 00:00:00 +0000https://whileydave.com/2015/01/27/my-attiny85-games-console/Tue, 27 Jan 2015 00:00:00 +0000https://whileydave.com/2015/01/27/my-attiny85-games-console/One my goals for Whiley in 2015 is to focus more on embedded systems (see here for more). A recent project of ours was compiling Whiley code to run on a QuadCopter and this identified several challenges here.https://whileydave.com/publications/kpm15_ozchi/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/kpm15_ozchi/Abstract: Different graph layouts can affect a user’s ability to complete both passive understanding and active interaction tasks. While most research exploring the effects of graph layout looks at a user’s ability to accomplish a passive understanding task, this paper’s novel contribution is looking at their ability to complete a selection task.https://whileydave.com/publications/pg15_scp/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/pg15_scp/Abstract. An ongoing challenge for computer science is the development of a tool which automati- cally verifies programs meet their specifications, and are free from runtime errors such as divide-by-zero, array out-of-bounds and null dereferences.https://whileydave.com/publications/slater15_engr489/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/slater15_engr489/Abstract. Executing Whiley in the web browser requires a server for processing. With many people using Whiley in the web browser simultaneously, this server can become very slow. JavaScript is programming language designed to execute in the web browser without a server.https://whileydave.com/publications/shaw15_engr489/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/shaw15_engr489/Abstract. This project investigates tracing the method call information of Java JUnit Tests and using the information to identify redundant tests in a test suite. There are a variety of different methods implemented (and experimented on) to identify redundancy within a suite.https://whileydave.com/publications/pea15_seus/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/pea15_seus/Abstract: Programs written in the Whiley programming language are verified at compile-time to ensure all function specifications are met. The purpose of doing this is to eliminate as many software bugs as possible and, thus, Whiley is ideally suited for use in safety-critical systems.https://whileydave.com/publications/pea15_plateau/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/pea15_plateau/Abstract: The idea of specifying and verifying software to eliminate errors has been studied extensively over the last three decades or more. Recent advances in automated theorem proving have given rise to a range of new verification tools being developed.https://whileydave.com/publications/pea15_sle/Thu, 01 Jan 2015 00:00:00 +0000https://whileydave.com/publications/pea15_sle/Abstract: The Whiley Rewrite Language (WyRL) is a standalone tool providing a domain-specific declarative rewrite language and code generator. The tool is currently used to generate a critical component of the Whiley verifying compiler, namely the automated theorem prover.https://whileydave.com/2014/12/09/verification-with-data-from-untrusted-sources/Tue, 09 Dec 2014 00:00:00 +0000https://whileydave.com/2014/12/09/verification-with-data-from-untrusted-sources/Recently, I was listening to the latest edition of the Illegal Argument podcast, and it turns out they were discussing Whiley! (about 103:16 minutes in). The discussion was about how verification interacts with data from an untrusted source (e.https://whileydave.com/2014/09/05/a-story-of-cast-expressions/Fri, 05 Sep 2014 00:00:00 +0000https://whileydave.com/2014/09/05/a-story-of-cast-expressions/Issue #427 “Bug with Dereferencing Array Types” seemed like just another bug. Submitted by a user last week (@Matt–), I didn’t think too much of it. But, as sometimes happens, appearances can be deceiving.https://whileydave.com/2014/07/10/loop-variant-relations/Thu, 10 Jul 2014 00:00:00 +0000https://whileydave.com/2014/07/10/loop-variant-relations/Proving that a loop always terminates is a common requirement when verifying software. The usual approach to doing this is to provide a loop variant function. This is typically an integer expression which decreases on every iteration of the loop.https://whileydave.com/2014/06/20/understanding-ghost-variables-in-software-verification/Fri, 20 Jun 2014 00:00:00 +0000https://whileydave.com/2014/06/20/understanding-ghost-variables-in-software-verification/Verification tools often support the use of ghost variables to help in the verification process. A ghost variable is not needed for the program to execute, and will not be compiled into object code.https://whileydave.com/2014/05/15/loop-invariants-and-do/while-statements/Thu, 15 May 2014 00:00:00 +0000https://whileydave.com/2014/05/15/loop-invariants-and-do/while-statements/Recently, I encountered what I thought was a bug in the Whiley Compiler. The issue related to the current treatment of do/while loops and loop invariants. Having now spent a fair bit of time researching the issue, the answer is not so clear.https://whileydave.com/2014/05/02/loop-invariants-and-break-statements/Fri, 02 May 2014 00:00:00 +0000https://whileydave.com/2014/05/02/loop-invariants-and-break-statements/In this article, I’ll look at some interesting issues relating to the use of break statements within loops, and how this affects the idea of a loop invariant. For some general background on writing loop invariants in Whiley, see my previous post.https://whileydave.com/2014/03/02/flying-the-crazyflie-quadcopter/Sun, 02 Mar 2014 00:00:00 +0000https://whileydave.com/2014/03/02/flying-the-crazyflie-quadcopter/Last week, my CrazyFlie nano-quadcopter finally arrived and, since then, I’ve been learning how to fly! The copter is much smaller than I was expecting, and it requires you to solder a few bits together.https://whileydave.com/2014/01/31/more-tracked-arduino-fun/Fri, 31 Jan 2014 00:00:00 +0000https://whileydave.com/2014/01/31/more-tracked-arduino-fun/Recently, I’ve been upgrading my tracked arduino robot with a few more sensors. Check out the video: The robot has two medium range IR sensors (front and back), as well as a downward facing short-range IR sensor.https://whileydave.com/2014/01/23/thoughts-on-parsing-whiley-and-indentation-syntax/Thu, 23 Jan 2014 00:00:00 +0000https://whileydave.com/2014/01/23/thoughts-on-parsing-whiley-and-indentation-syntax/Recently, I have been reworking the Whiley compiler’s parser to make it more robust. Doing this has opened up some interesting issues, which I thought were worth discussing. Whiley uses indentation syntax without explicit end-of-statement terminators (e.https://whileydave.com/publications/klapaukh14_phd/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/klapaukh14_phd/Abstract: Force-directed graph layout is a widely used algorithm for the automatic layout of graphs. Little experimental work has been done exploring the behaviour of the algorithm under a variety of conditions.https://whileydave.com/publications/stevens14_engr489/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/stevens14_engr489/Abstract. Developing and verifying the software for safety critical embedded systems can be difficult and expensive due to unique constraints, including limited RAM and minimalist operating systems. This report looks at Whiley, a verifying compiler, which is intended to improve the correctness of code on a variety of systems.https://whileydave.com/publications/homer14_phd/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/homer14_phd/Abstract: Grace is a programming language under development aimed at education. Grace is object-oriented, imperative, and block-structured, and intended for use in first- and second-year object-oriented programming courses. We present a number of language features we have designed for Grace and implemented in our self-hosted compiler.https://whileydave.com/publications/haslett14_msc/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/haslett14_msc/Abstract: When developers collaborate on a project there are times when the code diverges. When this happens the code may need to be refactored to best suit the changes before they are applied.https://whileydave.com/publications/cpbv14_sle/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/cpbv14_sle/Proceedings of the 7th International Conference on Software Language Engineering (SLE). See the conference homepage here.https://whileydave.com/publications/kpm14_acsc/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/kpm14_acsc/Abstract: Many automatic graph layout algorithms can cause shaped vertices and edge labels (which have a size when drawn on the screen) to overlap in the resulting visualisation. Overlaps can hide information that users expect to see in cases where the graph is small.https://whileydave.com/publications/wylde14_engr489/Wed, 01 Jan 2014 00:00:00 +0000https://whileydave.com/publications/wylde14_engr489/Abstract. This project investigated the integration of external theorem proving tools with Whiley — specifically, Satisfiability Modulo Theories (SMT) solvers — to increase the number of verifiable Whiley programs. The current verifier, the Whiley Constraint Solver (WyCS), is limited and hence there is a difficulty in verifying Whiley programs.https://whileydave.com/2013/11/19/thoughts-on-writing-loop-invariants/Tue, 19 Nov 2013 00:00:00 +0000https://whileydave.com/2013/11/19/thoughts-on-writing-loop-invariants/As the Whiley system is taking better shape every day, I’m starting to play around more and discover things. In particular, there are some surprising issues surrounding while loops and their loop invariants.https://whileydave.com/2013/11/01/the-dafny-tutorial-at-splash13/Fri, 01 Nov 2013 00:00:00 +0000https://whileydave.com/2013/11/01/the-dafny-tutorial-at-splash13/Today I was attending the Dafny tutorial given by Rustan Leino at SPLASH'13. I have to say that this was the highlight of the conference for me. In case you haven’t come across it before, Dafny is a programming language designed for software verification.https://whileydave.com/2013/07/31/understanding-why-union-types-are-useful/Wed, 31 Jul 2013 00:00:00 +0000https://whileydave.com/2013/07/31/understanding-why-union-types-are-useful/The Whiley programming language uses union types as a way of combining types together. Here’s a simple example to illustrate: function indexOf(string str, char c) => null|int: for i in 0.https://whileydave.com/2013/06/26/the-architecture-of-verification-in-whiley/Wed, 26 Jun 2013 00:00:00 +0000https://whileydave.com/2013/06/26/the-architecture-of-verification-in-whiley/As the Whiley compiler continues to evolve, certain aspects of its architecture are really starting to mature. One of the more recent pieces to take shape is the verification pipeline. This is the process by which a Whiley file is converted into a series of verification conditions, which are then checked by the automated theorem prover.https://whileydave.com/2013/06/19/whiley-at-the-melbourne-java-user-group/Wed, 19 Jun 2013 00:00:00 +0000https://whileydave.com/2013/06/19/whiley-at-the-melbourne-java-user-group/A few weeks ago, I was in Melbourne attending the Australasian Software Engineering Conference and, whilst I was there, I gave a talk on Whiley at the Melbourne Java Users Group.Wed, 05 Jun 2013 00:00:00 +0000https://whileydave.com/2013/05/16/input-/-output-and-the-object-oriented-paradigm/Thu, 16 May 2013 00:00:00 +0000https://whileydave.com/2013/05/16/input-/-output-and-the-object-oriented-paradigm/Today, more then ever before, I/O dominates what software is about. Of course, it’s always been important but, with increasing bandwidths, I/O seems to be what most programs now spend most of their time doing.https://whileydave.com/2013/04/21/iso-recursive-versus-equi-recursive-types/Sun, 21 Apr 2013 00:00:00 +0000https://whileydave.com/2013/04/21/iso-recursive-versus-equi-recursive-types/An important component of the Whiley language is the use of recursive data types. Whilst these are similar to the algebraic data types found in languages like Haskell, they are also more powerful since Whiley employs a structural type system.https://whileydave.com/2013/04/09/compile-time-verification-and-i/o/Tue, 09 Apr 2013 00:00:00 +0000https://whileydave.com/2013/04/09/compile-time-verification-and-i/o/A surprisingly common question people ask me when I talk about compile-time checking of pre-/post-conditions and invariants is: how do you deal with I/O? To understand what the difficulty is, let’s consider a simple example in Whiley:https://whileydave.com/2013/01/29/understanding-loop-invariants-in-whiley/Tue, 29 Jan 2013 00:00:00 +0000https://whileydave.com/2013/01/29/understanding-loop-invariants-in-whiley/In this article, I’ll look at a common problem one encounters when verifying programs: namely, writing loop invariants. In short, a loop invariant is a property of the loop which:Sun, 27 Jan 2013 00:00:00 +0000https://whileydave.com/2013/01/14/whiley-puzzler/Mon, 14 Jan 2013 00:00:00 +0000https://whileydave.com/2013/01/14/whiley-puzzler/I was having an interesting discussion with a colleague today about various aspects of Whiley, and we came up with an interesting bit of example code which is something of a puzzler.https://whileydave.com/2013/01/10/whiley-features-in-the-dominion-post/Thu, 10 Jan 2013 00:00:00 +0000https://whileydave.com/2013/01/10/whiley-features-in-the-dominion-post/Today’s edition of the Dominion Post (Wellington’s Local Newspaper) features a nice article on Whiley: Obviously, I’m very excited to see Whiley being talked about in our local newspaper, and I think the article does a nice job of it.https://whileydave.com/publications/pea13_beat/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/pea13_beat/https://whileydave.com/publications/pea13_ftfjp/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/pea13_ftfjp/Abstract: Flow typing offers an alternative to traditional Hindley-Milner type inference. A key distinction is that variables may have different types at different program points. Flow typing systems are typically formalised in the style of a dataflow analysis.https://whileydave.com/publications/spgp13_wodet/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/spgp13_wodet/Abstract: Safe parallelisation of object-oriented programs requires static guarantees about the shape and/or intended usage of reachable objects. For example, transitively immutable objects lend themselves naturally to concurrent access. However, parallelising tasks which potentially mutate reachable objects is more challenging.https://whileydave.com/publications/ruarus13_engr489/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/ruarus13_engr489/Abstract. This project investigates improving the performance of Whiley programs by executing portions of these programs on GPUs while maintaining as closely as possible the semantics of the language. Programs written in languages such as Whiley are typically not well suited to execution on GPUs which exhibit large-scale data parallelism in contrast to small-scale task parallelism seen on CPUs.https://whileydave.com/publications/dpp13_aswec/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/dpp13_aswec/Abstract: Ownership and related systems impose restrictions on the object graph that can help improve program structure, exploit concurrency and verify software. Such systems rely on the presence of appropriate ownership annotations in the source code.https://whileydave.com/publications/pg13_ftscs/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/pg13_ftscs/Abstract: An ongoing challenge for computer science is the development of a tool which automatically verifies that programs meet their specifications, and are free from runtime errors such as divide-by-zero, array out-of-bounds and null dereferences.https://whileydave.com/publications/pea13_vmcai/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/pea13_vmcai/Abstract: Flow typing is becoming a popular mechanism for typing existing programs written in untyped languages (e.g. JavaScript, Racket, Groovy). Such systems require intersections for the true-branch of a type test, negations for the false-branch, and unions to capture the flow of information at meet points.https://whileydave.com/publications/pg13_sle/Tue, 01 Jan 2013 00:00:00 +0000https://whileydave.com/publications/pg13_sle/Abstract: An ongoing challenge for computer science is the development of a tool which automatically verifies programs meet their specifications, and are free from runtime errors such as divide-by-zero, array out-of-bounds and null dereferences.https://whileydave.com/2012/12/20/testing-out-my-papilio-fpga/Thu, 20 Dec 2012 00:00:00 +0000https://whileydave.com/2012/12/20/testing-out-my-papilio-fpga/Recently, I got hold of a Papilio One (which you can think of as the Arduino of FPGAs). The Papilio board has a Xilinx Spartan 3 on board, which is plenty enough to get started learning about FPGAs.https://whileydave.com/2012/12/12/building-an-arduino-robot-for-testing-whiley/Wed, 12 Dec 2012 00:00:00 +0000https://whileydave.com/2012/12/12/building-an-arduino-robot-for-testing-whiley/The Whiley programming language is about developing more reliable software and, of course, embedded systems is one of the biggest areas that could benefit. Obviously, then, we need an “embedded system” to test Whiley with, right?https://whileydave.com/2012/12/11/a-source-file-with-72kloc/Tue, 11 Dec 2012 00:00:00 +0000https://whileydave.com/2012/12/11/a-source-file-with-72kloc/Yesterday, I was looking at the stats on Ohloh for the Whiley project and noticed that my total line count for the project had increased from around 65KLOCto 143KLOC over a very short amount of time:https://whileydave.com/2012/12/04/generating-verification-conditions-for-whiley/Tue, 04 Dec 2012 00:00:00 +0000https://whileydave.com/2012/12/04/generating-verification-conditions-for-whiley/Probably the most interesting aspect of the Whiley language is that it supports compile-time verification of preconditions, postconditions and other invariants. There are two main aspects of how this works:https://whileydave.com/2012/11/28/comparing-i/o-in-c-with-java/Wed, 28 Nov 2012 00:00:00 +0000https://whileydave.com/2012/11/28/comparing-i/o-in-c-with-java/Recently, I was having a somewhat heated discussion with a friend about the Java I/O library (specificially java.io.*). His position was that the library is unnecessarily cluttered and verbose, and that I/O in C is much simpler and more productive.https://whileydave.com/2012/11/06/rustan-on-automatic-program-verification/Tue, 06 Nov 2012 00:00:00 +0000https://whileydave.com/2012/11/06/rustan-on-automatic-program-verification/Yesterday I came across an interesting talk given by Rustan Leino at the University of Edinburgh in 2011. Rustan takes an interesting look overview over the subject’s history, and then shows several tools in action (including Code Contracts and Dafny):https://whileydave.com/2012/10/31/formalising-flow-typing-with-union-intersection-and-negation-types/Wed, 31 Oct 2012 00:00:00 +0000https://whileydave.com/2012/10/31/formalising-flow-typing-with-union-intersection-and-negation-types/The Whiley language takes an unusual approaching to static typing called flow typing. This helps to give Whiley the look-and-feel of a dynamically typed language. The key idea behind flow typing is to allow variables to have different types at different points in a program.https://whileydave.com/2012/09/30/profiling-field-initialisation-in-java/Sun, 30 Sep 2012 00:00:00 +0000https://whileydave.com/2012/09/30/profiling-field-initialisation-in-java/Recently, I attended the annual Conference on Runtime Verification (RV2012) and gave a talk entitled “Profiling Field Initialisation in Java” (the paper itself is here). This is the work of my PhD student, Stephen Nelson, and he should take all the credit for the gory details.https://whileydave.com/2012/09/06/a-misconception-of-functional-programming/Thu, 06 Sep 2012 00:00:00 +0000https://whileydave.com/2012/09/06/a-misconception-of-functional-programming/Recently, I came across an article entitled “Useful Pure Functional Programming” which talks about the advantages of functional programming. However, something struck me about the way the author thinks about functional programming:https://whileydave.com/2012/08/15/autonomous-robotic-drone-which-flies-indoors/Wed, 15 Aug 2012 00:00:00 +0000https://whileydave.com/2012/08/15/autonomous-robotic-drone-which-flies-indoors/Very recently, I came across this article from MIT News about an autonomous robotic drone developed at MIT. It’s incredibly neat stuff … and I would love to get Whiley running on something like this!https://whileydave.com/2012/08/13/java-versus-c-performance/Mon, 13 Aug 2012 00:00:00 +0000https://whileydave.com/2012/08/13/java-versus-c-performance/Recently, I came across an interesting discussion of C++ versus Java performance over on Stack Exchange. There was also some good discussion of the article on Reddit which included a link to an interesting article from Google.https://whileydave.com/2012/07/30/whiley-interview-on-vbc-88.3fm/Mon, 30 Jul 2012 00:00:00 +0000https://whileydave.com/2012/07/30/whiley-interview-on-vbc-88.3fm/Recently, I was on VBC 88.3FM (Victoria University’s Student Radio) giving a 60s “speed summary” of my research, and generally chatting about some tech stuff. The station has been interviewing a whole range of people at the university to raise awareness of what research is going on.https://whileydave.com/2012/07/04/the-liquid-metal-project/Wed, 04 Jul 2012 00:00:00 +0000https://whileydave.com/2012/07/04/the-liquid-metal-project/One of the most interesting projects I came across at PLDI/ECOOP in Beijing was the Liquid Metal project being developed at IBM’s TJ Watson Research Center. From the Liquid Metal homepage:https://whileydave.com/2012/07/01/groovy-2.0-uses-flow-typing/Sun, 01 Jul 2012 00:00:00 +0000https://whileydave.com/2012/07/01/groovy-2.0-uses-flow-typing/Groovy 2.0 has just been released, and it contains something rather interesting … optional flow typing! For those who don’t know much about the language, Groovy is a JVM-based dynamically typed language which is similar to Java, but more compact.https://whileydave.com/2012/06/11/flow-typing-for-references-in-whiley/Mon, 11 Jun 2012 00:00:00 +0000https://whileydave.com/2012/06/11/flow-typing-for-references-in-whiley/The Whiley language splits into a fully functional “core” and an imperative “outer layer”. References and objects do not exist within the functional core. However, they can exist within the imperative outer layer and are necessary for supporting state and other side-effecting computation.https://whileydave.com/2012/06/06/exploring-the-verification-corner/Wed, 06 Jun 2012 00:00:00 +0000https://whileydave.com/2012/06/06/exploring-the-verification-corner/Recently, I was lucky enough to meet Rustan Leino whilst at a conference in Tallin, Estonia. The Whiley project owes a lot to Rustan, as much of his work has been the inspiration behind Whiley.https://whileydave.com/2012/05/22/variable-scoping-for-try-catch-blocks-in-whiley/Tue, 22 May 2012 00:00:00 +0000https://whileydave.com/2012/05/22/variable-scoping-for-try-catch-blocks-in-whiley/A friend of mine was talking about how variable scoping for try-catch blocks in Java really frustrated him sometimes. Specifically, the problem was related to variables declared inside try blocks not being visible in their catch handlers.https://whileydave.com/2012/04/17/termination-of-flow-typing-in-whiley/Tue, 17 Apr 2012 00:00:00 +0000https://whileydave.com/2012/04/17/termination-of-flow-typing-in-whiley/Whiley uses flow typing to give it the look-and-feel of a dynamically typed language (see this page for more on flow typing). In short, flow typing means that variables can have different types at different program points.https://whileydave.com/2012/04/10/are-checked-exceptions-always-caused-by-i/o/Tue, 10 Apr 2012 00:00:00 +0000https://whileydave.com/2012/04/10/are-checked-exceptions-always-caused-by-i/o/Recently, I’ve had the pleasure of working with Eclipse and trying to build a plugin. On the whole, I have to confess,* I find that Eclipse is an extremely well-designed and considered piece of software*.https://whileydave.com/2012/03/08/test-to-code-ratio/Thu, 08 Mar 2012 00:00:00 +0000https://whileydave.com/2012/03/08/test-to-code-ratio/I’ve just been watching the following talk over on InfoQ: Software Quality — You know it when you see it. Thanks to Craig over at SoftViz for pointing me to it.https://whileydave.com/2012/03/05/commonwealth-bank-of-australia-cba-denies-problem-with-leap-year/Mon, 05 Mar 2012 00:00:00 +0000https://whileydave.com/2012/03/05/commonwealth-bank-of-australia-cba-denies-problem-with-leap-year/It’s 8:30am on the 29th Februrary, 2012. After a large number of complaints, ATM and Eftpos services are finally restored for the Commonwealth Bank of Australia (CBA). See this, this and this for more details.https://whileydave.com/2012/03/05/jobs-versus-allen/Mon, 05 Mar 2012 00:00:00 +0000https://whileydave.com/2012/03/05/jobs-versus-allen/I’ve recently finished Paul Allen’s excellent memoir entitled “Idea Man” and the recent biography of Steve Jobs by Walter Isaacson. Obviously, I didn’t read them at the same time … but one after there other!https://whileydave.com/2012/03/02/type-aliasing-in-java/Fri, 02 Mar 2012 00:00:00 +0000https://whileydave.com/2012/03/02/type-aliasing-in-java/A problem I often encounter in Java is that I want to say “these two things are the same”, but Java won’t let me. Suppose I want to maintain an int[] array which is always sorted in my program.https://whileydave.com/2012/02/29/a-problem-of-decoupling/Wed, 29 Feb 2012 00:00:00 +0000https://whileydave.com/2012/02/29/a-problem-of-decoupling/Recently, I’ve been working on improving the core framework that underpins the Whiley compiler. This provides a platform for reading/writing files of specified content in a structured fashion. Like Java, Whiley provides a hierarchical namespace in which names live and can be imported by others.https://whileydave.com/2012/02/18/writing-a-png-decoder-in-whiley/Sat, 18 Feb 2012 00:00:00 +0000https://whileydave.com/2012/02/18/writing-a-png-decoder-in-whiley/Over the last few days, I have been writing GIF and PNG decoders in Whiley. These form part of an image manipulation benchmark which I’m planning to use for experimenting with the compiler.https://whileydave.com/2012/01/18/connecting-the-dots-on-the-future-of-programming-languages/Wed, 18 Jan 2012 00:00:00 +0000https://whileydave.com/2012/01/18/connecting-the-dots-on-the-future-of-programming-languages/Yesterday, I serendipitously came across two things which got me thinking about the future of programming languages: The first was an excellent article entitled “Welcome to the Hardware Jungle” by Herb Sutter.https://whileydave.com/2012/01/11/three-rules-for-programming-language-syntax/Wed, 11 Jan 2012 00:00:00 +0000https://whileydave.com/2012/01/11/three-rules-for-programming-language-syntax/I’m always pondering the question: what makes good programming language syntax? One thing occuring to me is that many languages often ignore the HCI aspect. For me, it’s a given that the purpose of a programming language is to simplify the programmer’s life, not the other way around.https://whileydave.com/publications/hnbbp12_dls/Sun, 01 Jan 2012 00:00:00 +0000https://whileydave.com/publications/hnbbp12_dls/Abstract: Object orientation and pattern matching are often seen as conflicting approaches to program design. Object oriented programs place type-dependent behaviour inside objects and invoke it via dynamic dispatch, while pattern matching programs place type-dependent behaviour outside data structures and invoke it via multiway conditionals (case statements).https://whileydave.com/publications/npn12_rv/Sun, 01 Jan 2012 00:00:00 +0000https://whileydave.com/publications/npn12_rv/Abstract: Java encourages programmers to use constructor methods to initialise objects, supports final modifiers for documenting fields which are never modified and employs static checking to ensure such fields are only ever initialised inside constructors.https://whileydave.com/publications/nelson12_phd/Sun, 01 Jan 2012 00:00:00 +0000https://whileydave.com/publications/nelson12_phd/Abstract: Freshly created objects are a blank slate: their mutable state and their constant properties must be initialised before they can be used. Programming languages like Java typically support object initialisation by providing constructor methods.https://whileydave.com/2011/12/27/merchants-of-doubt/Tue, 27 Dec 2011 00:00:00 +0000https://whileydave.com/2011/12/27/merchants-of-doubt/I’ve just finished reading this book, which I have to say was really good. The book is about how a handful of rogue scientists deliberately spread disinformation on a range of key issues, including tobacco, acid rain, the ozone hole and climate change.Tue, 20 Dec 2011 00:00:00 +0000https://whileydave.com/2011/12/13/efficient-value-semantics-for-whiley/Tue, 13 Dec 2011 00:00:00 +0000https://whileydave.com/2011/12/13/efficient-value-semantics-for-whiley/The latest release of the Whiley compiler (v0.3.12) includes an optimisation for passing compound structures (e.g. lists, sets and records) by value. This is really important because all compound structures in Whiley have value semantics, meaning they are always passed by value.https://whileydave.com/2011/12/06/final-should-be-default-for-classes-in-java/Tue, 06 Dec 2011 00:00:00 +0000https://whileydave.com/2011/12/06/final-should-be-default-for-classes-in-java/We were having an interesting discussion the other day, and the issue of final classes came up. For some reason, it suddenly occurred to me that all classes should be final by default.https://whileydave.com/downloads/tuttev0.9.16/Thu, 01 Dec 2011 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.16/The following updates have been made: Incorporated the vorder push heuristic suggested by Michael Monagan. As part of this, I’ve added the ability to sort the vertex order according to a depth-first or breadth-first search.https://whileydave.com/2011/10/26/fall-through-by-default-for-switch-statements/Wed, 26 Oct 2011 00:00:00 +0000https://whileydave.com/2011/10/26/fall-through-by-default-for-switch-statements/The switch statement has a long history, and most languages support it or something similar. In my experience, I found it to be very useful — both for conciseness, and also improving performance.https://whileydave.com/2011/10/19/what-kind-of-revert-are-you/Wed, 19 Oct 2011 00:00:00 +0000https://whileydave.com/2011/10/19/what-kind-of-revert-are-you/Reverting is tough. There’s no doubt about it! I don’t mean tough as in technically challenging — no, version control systems make this easy! I mean tough as in mentally challenging.https://whileydave.com/2011/09/03/namespaces-in-whiley/Sat, 03 Sep 2011 00:00:00 +0000https://whileydave.com/2011/09/03/namespaces-in-whiley/With the upcoming v0.3.10 release of Whiley, the way import statements are interpreted has changed in a fairly significant manner. The primary purpose of this is to give better support for namespaces.https://whileydave.com/downloads/tuttev0.9.15/Thu, 01 Sep 2011 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.15/The following updates have been made: For the --chromatic option, the tool now automatically removes multi-edges on the input graph. Thanks to Alan Sokal for pointing out this bug. For the `–chromatic1 option, the tool now reports the result as zero if the input graph contains a loop, and outputs an error message as well.https://whileydave.com/2011/08/30/simplification-vs-minimisation-of-types-in-whiley/Tue, 30 Aug 2011 00:00:00 +0000https://whileydave.com/2011/08/30/simplification-vs-minimisation-of-types-in-whiley/Recently, I’ve been trying to harden up the implementation of Whiley’s type system. The reason for this is fairly straightforward: bugs in the code often prevent me from compiling correct programs!https://whileydave.com/2011/08/29/a-subtyping-gotcha/Mon, 29 Aug 2011 00:00:00 +0000https://whileydave.com/2011/08/29/a-subtyping-gotcha/An interesting issue with the following piece of code has recently come to my attention: define Queue as process { [int] items } int Queue::get(): item = this.items[0] this.items = this.https://whileydave.com/2011/08/03/parallel-sum-in-whiley/Wed, 03 Aug 2011 00:00:00 +0000https://whileydave.com/2011/08/03/parallel-sum-in-whiley/Recently, I’ve been working on a variety of sequential and concurrent micro benchmarks for testing Whiley’s performance. An interesting and relatively simple example, is the parallel sum. The idea is to sum a large list of integers whilst performing as much work as possible in parallel.https://whileydave.com/2011/07/29/a-semantic-interpretation-of-types-in-whiley/Fri, 29 Jul 2011 00:00:00 +0000https://whileydave.com/2011/07/29/a-semantic-interpretation-of-types-in-whiley/An interesting and intuitive way of thinking about a type system is using a semantic interpretation. Typically, a set-theoretic model is used where a type T is a subtype of S iff every element in the set described by T is in the set described by S.https://whileydave.com/2011/07/21/implicit-coercions-in-whiley/Thu, 21 Jul 2011 00:00:00 +0000https://whileydave.com/2011/07/21/implicit-coercions-in-whiley/The issue of implicit coercions in Whiley is proving to be a particularly thorny issue. The following motivates why (I think) coercions make sense: real f(int x, real y): return x + y real g(int x, int y): return f(x,y) I believe the above should compile without error.https://whileydave.com/2011/07/12/compile-time-verification-its-not-just-for-type-safety-any-more/Tue, 12 Jul 2011 00:00:00 +0000https://whileydave.com/2011/07/12/compile-time-verification-its-not-just-for-type-safety-any-more/I just came across an interesting presentation over at InfoQ called “Compile-time Verification, It’s Not Just for Type Safety Any More”: The talk is by Greg Young and focuses on .https://whileydave.com/2011/07/06/regular-tree-automata/Wed, 06 Jul 2011 00:00:00 +0000https://whileydave.com/2011/07/06/regular-tree-automata/In my quest to understand the theory of recursive types in more detail, the notion of regular tree languages and Tree Automata has cropped up. These have been used, amongst other things, for describing XML schemas.https://whileydave.com/2011/07/04/bits-bytes-and-more-ambiguous-syntax/Mon, 04 Jul 2011 00:00:00 +0000https://whileydave.com/2011/07/04/bits-bytes-and-more-ambiguous-syntax/Recently, I added a first-class byte type to Whiley. Unlike Java, this is not interpreted as some kind of signed or unsigned int. That’s because I find that very confusing since a byte is really just a sequence of bits without any interpretation.https://whileydave.com/downloads/jpure-110711/Fri, 01 Jul 2011 00:00:00 +0000https://whileydave.com/downloads/jpure-110711/https://whileydave.com/2011/06/28/disambiguating-ambiguous-syntax/Tue, 28 Jun 2011 00:00:00 +0000https://whileydave.com/2011/06/28/disambiguating-ambiguous-syntax/When designing a programming language, being on the lookout for ambiguous syntax is important. You don’t want to realise down the track that your syntax is ambiguous in some subtle way.https://whileydave.com/2011/06/20/on-the-duality-of-types-the-ideals-versus-the-reals/Mon, 20 Jun 2011 00:00:00 +0000https://whileydave.com/2011/06/20/on-the-duality-of-types-the-ideals-versus-the-reals/I’ve been working hard over the last few weeks on the next release of Whiley, which should be out soon. However, I’ve got myself into a little bit of a pickle over the type system (again).https://whileydave.com/2011/06/17/design-by-contract-is-most-requested-feature/Fri, 17 Jun 2011 00:00:00 +0000https://whileydave.com/2011/06/17/design-by-contract-is-most-requested-feature/Thanks to Alex Potanin for pointing this out to me … it seems that Design by Contract is the most requested enhancement to the Java language. You can find the list of the top 25 RFEs here.https://whileydave.com/2011/06/13/language-complexity/Mon, 13 Jun 2011 00:00:00 +0000https://whileydave.com/2011/06/13/language-complexity/Some languages are complex, others are simple … right? C++ versus just about anything else is a good example here. But, it begs the question: what makes a language complex?https://whileydave.com/2011/06/03/what-a-racket/Fri, 03 Jun 2011 00:00:00 +0000https://whileydave.com/2011/06/03/what-a-racket/The other day I was listening to this podcast over at FLOSS weekly. It was an interview was with Matthew Flatt about the Racket language (formerly PLT Scheme). The language is a Lisp dialect which was primarily designed for teaching, and subsequently used as a research platform.https://whileydave.com/2011/05/26/javascript-playground/Thu, 26 May 2011 00:00:00 +0000https://whileydave.com/2011/05/26/javascript-playground/I’ve been doing a bit of JavaScript programming recently, and I came up with the “Creature Playground” (which is primarily aimed at teaching). Here’s a little taster (click on “Create” a few times):https://whileydave.com/2011/05/16/actor-syntax-in-whiley/Mon, 16 May 2011 00:00:00 +0000https://whileydave.com/2011/05/16/actor-syntax-in-whiley/Recently, I’ve been doing some work on the syntax for Actors in Whiley. After some deliberation, I’ve decided to go with explicit syntax for both synchronous and asynchronous message sends. This means any message can be sent either synchronously or asynchronously.https://whileydave.com/2011/04/25/got-any-quotes-from-coders-at-work/Mon, 25 Apr 2011 00:00:00 +0000https://whileydave.com/2011/04/25/got-any-quotes-from-coders-at-work/Recently, I finished reading Coders at Work by Peter Seibel. The book consists of a series of interviews with the following (impressive) list of programmers and computer scientists: Jamie Zawinski, Brad Fitzpatrick, Douglas Crockford, Brendan Eich, Josh Bloch, Joe Armstrong, Simon Peyton-Jones, Peter Norvig, Guy Steele, Dan Ingalls, Peter Deutsch, Ken Thompson, Fran Allen, Bernie Cosell and Don Knuth.https://whileydave.com/2011/04/15/one-thing-i-really-hate-about-the-jvm/Fri, 15 Apr 2011 00:00:00 +0000https://whileydave.com/2011/04/15/one-thing-i-really-hate-about-the-jvm/Whilst I think the Java Virtual Machine is generally speaking a fantastic piece of kit, there is one thing that I really hate about it: I can’t stop threads!!! Sure, there’s a method called Thread.https://whileydave.com/2011/03/22/actors-on-the-jvm/Tue, 22 Mar 2011 00:00:00 +0000https://whileydave.com/2011/03/22/actors-on-the-jvm/The Actor Model is an interesting alternative to the standard threading model used in languages like Java. Its been around for a while, but Erlang has recently brought it into the mainstream.https://whileydave.com/2011/03/07/implementing-structural-types/Mon, 07 Mar 2011 00:00:00 +0000https://whileydave.com/2011/03/07/implementing-structural-types/Introduction Over the last few months, I’ve been working on the type system underpinning Whiley. A key feature is the use of structural typing, rather than nominal typing, and I’ve blogged about this quite a bit already (see [1][2][3][4]).https://whileydave.com/2011/02/23/freakonomics/Wed, 23 Feb 2011 00:00:00 +0000https://whileydave.com/2011/02/23/freakonomics/Recently, I finished reading Freakonomics, by Steven Levitt and Stephen Dubner. and I have to say that I really liked it!! The book is focuses on the study of everyday aspects of life using the tools of economics and statistics.https://whileydave.com/2011/02/16/minimising-recursive-data-types/Wed, 16 Feb 2011 00:00:00 +0000https://whileydave.com/2011/02/16/minimising-recursive-data-types/Following on from my previous post about structural subtyping with recursive types, a related problem is that of minimising recursive types. Consider this (somewhat artificial) example: define InnerList as null | { int data, OuterList next } define OuterList as null | { int data, InnerList next } int sum(OuterList list): if list ~= null: return 0 else: return 1 + sum(list.https://whileydave.com/2011/02/15/a-problem-with-structural-subtyping-and-recusive-types/Tue, 15 Feb 2011 00:00:00 +0000https://whileydave.com/2011/02/15/a-problem-with-structural-subtyping-and-recusive-types/One problem causing me a headache is how to implement structural subtyping for recursive types (which I first blogged about here). The following example illustrates the basic idea: define Link as { int data, LinkedList next } define LinkedList as null | Link LinkedList f(Link list): return list This is a fairly straightforward definition of a linked list, along with a dumb function f() that just returns its parameter.https://whileydave.com/2011/02/07/what-motivates-us/Mon, 07 Feb 2011 00:00:00 +0000https://whileydave.com/2011/02/07/what-motivates-us/Here’s an interesting video that I just came across (adapted from Dan Pink’s talk at the RSA, which is currently doing the rounds: The video is about what motivates people to do things and, in particular, whether or not giving people more money means they do a better job.https://whileydave.com/downloads/tuttev0.9.14/Tue, 01 Feb 2011 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.14/The following updates have been made: Added better support for report statistical data on the operation of the cache. This is to help diagnosing cache behaviour, as there’s some interesting possibilities for optimising the caching strategies.https://whileydave.com/2011/01/26/the-case-against-structural-subtyping-.../Wed, 26 Jan 2011 00:00:00 +0000https://whileydave.com/2011/01/26/the-case-against-structural-subtyping-.../My previous post on structural subtyping generated quite a few comments over on reddit. There were a lot of mixed opinions as to the pros and cons of having a structural type system instead of a nominal type system.https://whileydave.com/2011/01/14/one-approach-to-efficient-structural-subtyping/Fri, 14 Jan 2011 00:00:00 +0000https://whileydave.com/2011/01/14/one-approach-to-efficient-structural-subtyping/An interesting challenge with structural subtyping is that of efficient implementation. In particular, without care, it may be impossible to determine a static offset for each field in a structure at runtime, meaning every field access will require a dictionary lookup.https://whileydave.com/publications/mppd11_scp/Sat, 01 Jan 2011 00:00:00 +0000https://whileydave.com/publications/mppd11_scp/Abstract. Java’s annotation mechanism allows us to extend its type system with non-null types. Checking such types cannot be done using the existing bytecode verification algorithm. We extend this algorithm to verify non-null types using a novel technique that identifies aliasing relationships between local variables and stack locations in the JVM.https://whileydave.com/publications/pn11_bytecode/Sat, 01 Jan 2011 00:00:00 +0000https://whileydave.com/publications/pn11_bytecode/Abstract. Dynamically typed languages are flexible and impose few burdens on the programmer. In contrast, static typing leads to software that is more efficient and has fewer errors. However, static type systems traditionally require every variable to have one type, and that relationships between types (e.https://whileydave.com/publications/jones11_engr489/Sat, 01 Jan 2011 00:00:00 +0000https://whileydave.com/publications/jones11_engr489/Abstract. Introducing concurrent behaviour into a program tends to also introduce unpredictable behaviour. The actor model is an attempt to simplify concurrency and reduce such problems. The Whiley programming language is structured around concurrent processes, which are analogous to actors, but it runs on top of the Java Virtual Machine, which does not provide support for the model.https://whileydave.com/publications/pea11_cc/Sat, 01 Jan 2011 00:00:00 +0000https://whileydave.com/publications/pea11_cc/Abstract: Purity Analysis is the problem of determining whether or not a method may have side-effects. This has applications in automatic parallelisation, extended static checking, and more. We present a novel purity system for Java that employs purity annotations which can be checked modularly.https://whileydave.com/publications/dymnikov11_msc/Sat, 01 Jan 2011 00:00:00 +0000https://whileydave.com/publications/dymnikov11_msc/Abstract: Object ownership allows us to statically control run-time aliasing in order to provide a strong notion of object encapsulation. Unfortunately in order to use ownership, code must first be annotated with extra type information.https://whileydave.com/2010/12/14/modular-purity-analysis-for-java/Tue, 14 Dec 2010 00:00:00 +0000https://whileydave.com/2010/12/14/modular-purity-analysis-for-java/Well, after an agonizing wait I finally heard the news that my paper on purity analysis was accepted to the Conference on Compiler Construction, 2011. Obviously, I’m stoked! The paper is:https://whileydave.com/2010/12/13/why-not-use-structural-subtyping/Mon, 13 Dec 2010 00:00:00 +0000https://whileydave.com/2010/12/13/why-not-use-structural-subtyping/Modern programming languages generally use what is known as a Nominal type system. This means types are associated with explicit names and subtyping relationships are explicit in the code (e.g. via extends or implements).https://whileydave.com/2010/12/06/the-future-of-programming-languages/Mon, 06 Dec 2010 00:00:00 +0000https://whileydave.com/2010/12/06/the-future-of-programming-languages/There’s an interesting panel discussion from the StrangeLoop2010 conference over on InfoQ: http://www.infoq.com/presentations/Future-of-Programming-Languages There panel covers quite a range of different topics, but there was one in particular that caught my eye:https://whileydave.com/2010/11/30/where-good-ideas-come-from/Tue, 30 Nov 2010 00:00:00 +0000https://whileydave.com/2010/11/30/where-good-ideas-come-from/I recently finished reading Steven Johnson’s “Where Good Ideas Come From”. This is a rather interesting book which takes a walk through history looking at how good ideas come to be.https://whileydave.com/2010/11/14/a-problem-on-typing-vs-verification/Sun, 14 Nov 2010 00:00:00 +0000https://whileydave.com/2010/11/14/a-problem-on-typing-vs-verification/Whiley uses a flow-sensitive type system, and a verification engine to enable Extended static checking. My desire in designing these two subsystems is to keep them completely isolated. In particular, such that we can always compile and run a Whiley program with verification turned off.https://whileydave.com/2010/11/09/more-on-flow-sensitive-typing/Tue, 09 Nov 2010 00:00:00 +0000https://whileydave.com/2010/11/09/more-on-flow-sensitive-typing/The idea behind flow-sensitive typing in Whiley is to give a statically typed language the look-and-feel of a dynamically typed language (as much as possible). The following illustrates: int average([int] items): v = 0 for i in items: v = v + items[i] return v / |items| Here, we see that there are only two type declarations: one for the parameter, and one for the return.https://whileydave.com/2010/10/28/the-design-of-design/Thu, 28 Oct 2010 00:00:00 +0000https://whileydave.com/2010/10/28/the-design-of-design/I just finished up reading “The Design of Design” by Fred Brookes JR (author of the Mythical Man Month). This book is a reflection on the design process itself and, in particular, what good designers are made of.https://whileydave.com/2010/10/25/implementing-actors-on-the-jvm/Mon, 25 Oct 2010 00:00:00 +0000https://whileydave.com/2010/10/25/implementing-actors-on-the-jvm/Whiley adopts the Actor model of concurrency, instead of the traditional multi-threading approach used in e.g. Java. The actor model is simple and easy to use, and is less likely to result in complex race conditions or deadlocks.https://whileydave.com/2010/10/18/indentation-syntax-in-whiley/Mon, 18 Oct 2010 00:00:00 +0000https://whileydave.com/2010/10/18/indentation-syntax-in-whiley/Like Python, Whiley uses indentation syntax instead of curly braces for delimiting blocks. When I started using indentation syntax with Python, I was pretty skeptical, but it grew on me fast and now I really like it.https://whileydave.com/2010/10/11/function-pointer-syntax-for-whiley/Mon, 11 Oct 2010 00:00:00 +0000https://whileydave.com/2010/10/11/function-pointer-syntax-for-whiley/One of the next big issues needing to be addressed is the syntax for function and method pointers. The syntax I’m thinking of is close to that used in C and C++ (see e.https://whileydave.com/2010/10/05/field-resolution-in-whiley/Tue, 05 Oct 2010 00:00:00 +0000https://whileydave.com/2010/10/05/field-resolution-in-whiley/An interesting issue has arisen as a result of my recent decision to move away from a declared-type model. The issue is essentially about scope resolution of fields and local variables.https://whileydave.com/2010/10/04/better-namespaces/Mon, 04 Oct 2010 00:00:00 +0000https://whileydave.com/2010/10/04/better-namespaces/An interesting problem I’ve encountered many times in Java is that of conflicting names. For example, suppose I have the following code: import wyil.lang.*; import wyil.lang.Type.*; ... public static Type T_Bool = new Type.https://whileydave.com/downloads/jpure-210410/Fri, 01 Oct 2010 00:00:00 +0000https://whileydave.com/downloads/jpure-210410/https://whileydave.com/2010/09/30/thoughts-on-loop-invariants/Thu, 30 Sep 2010 00:00:00 +0000https://whileydave.com/2010/09/30/thoughts-on-loop-invariants/With the recent addition of for and while loops to Whiley, I’ve been able to fiddle around with loop invariants and already I noticed a few things. Consider this little program:https://whileydave.com/2010/09/22/on-flow-sensitive-types-in-whiley/Wed, 22 Sep 2010 00:00:00 +0000https://whileydave.com/2010/09/22/on-flow-sensitive-types-in-whiley/In the ensuing months since the previous release of Whiley, I have been working away on a major rewrite of the compiler. This is now almost ready, at last! One of the “executive decisions” I made recently, was to move away from a declared variable model to a completely flow-sensitive typing model.https://whileydave.com/2010/09/20/java-pathfinder/Mon, 20 Sep 2010 00:00:00 +0000https://whileydave.com/2010/09/20/java-pathfinder/Recently, Simon Doherty gave a short talk on using Java Pathfinder to find bugs in Java programs. Java Pathfinder is a model checker for Java code, particularly suited to reasoning about multi-threaded code and finding concurrency bugs.https://whileydave.com/2010/09/19/normalising-recursive-data-types/Sun, 19 Sep 2010 00:00:00 +0000https://whileydave.com/2010/09/19/normalising-recursive-data-types/Recently, I came across an interesting problem with the type system I’m using in Whiley. Specifically, the problem relates to recursive types which are equivalent but not identical. Consider, for example, the following Whiley code:https://whileydave.com/2010/09/08/james-bach-on-software-testing/Wed, 08 Sep 2010 00:00:00 +0000https://whileydave.com/2010/09/08/james-bach-on-software-testing/I’ve just been watching this YouTube presentation by James Bach: James has a very tongue-in-cheek style, which I rather like, and he’s obviously not a great fan of the academic establishment:https://whileydave.com/2010/08/19/beautiful-code-.../Thu, 19 Aug 2010 00:00:00 +0000https://whileydave.com/2010/08/19/beautiful-code-.../Recently, I’ve been reading “Beautiful Code” (edited by Andy Oram & Greg Wilson). This is a collection of short papers by academics and professional software developers which explores the idea of beauty in software.Tue, 10 Aug 2010 00:00:00 +0000https://whileydave.com/2010/08/05/the-x10-programming-language/Thu, 05 Aug 2010 00:00:00 +0000https://whileydave.com/2010/08/05/the-x10-programming-language/X10 is an interesting and relatively new language from IBM being developed as part of DARPA’s High Productivity Computing Systems program. X10 is designed for high-performance parallel programming using a partitioned global address space model.https://whileydave.com/2010/08/02/infamous-software-failures-in-new-zealand/Mon, 02 Aug 2010 00:00:00 +0000https://whileydave.com/2010/08/02/infamous-software-failures-in-new-zealand/I’ve been writing a grant application recently, and wanted to list some example software failures that occurred in New Zealand. Here’s what I found: In 2012, the role out of the new Novopay system for handling the teachers salary payrole caused numerous and ongoing problems.https://whileydave.com/2010/07/25/thinking-about-recursive-constrained-types-in-whiley/Sun, 25 Jul 2010 00:00:00 +0000https://whileydave.com/2010/07/25/thinking-about-recursive-constrained-types-in-whiley/Whiley supports so-called Algebraic Data Types for constructing tree-like data structures. For example, an expression tree might be defined like so: define ADD as 1 define SUB as 2 define MUL as 3 define DIV as 4 define binop as {ADD,SUB,MUL,DIV} define expr as int | (binop op, expr lhs, expr rhs) Using this definition for expr, we can create a variety of trees representing compound arithmetic expressions.https://whileydave.com/2010/07/23/thinking-about-pre-and-post-conditions-in-whiley/Fri, 23 Jul 2010 00:00:00 +0000https://whileydave.com/2010/07/23/thinking-about-pre-and-post-conditions-in-whiley/The notion of pre- and post-conditions is well understood in the context of software verification. However, Whiley deviates from the norm by combining them into a single condition. The following illustrates a simple Whiley function:https://whileydave.com/2010/07/22/language-designers-...-who-wait/Thu, 22 Jul 2010 00:00:00 +0000https://whileydave.com/2010/07/22/language-designers-...-who-wait/Someone recently pointed me to the Rust programming language which has some very nice features, although it’s still in early stage development. In particular, the system statically prevents null pointer errors, and does not permit dangling pointers.https://whileydave.com/2010/07/15/on-object-oriented-programming/Thu, 15 Jul 2010 00:00:00 +0000https://whileydave.com/2010/07/15/on-object-oriented-programming/There’s an interesting interview with Ralph Johnson and Joe Armstrong over at QCon. They’re talking generally about whether OOP has been successful, and reflecting on the last few decades. A few things from the interview caught my eye.https://whileydave.com/2010/07/08/finding-bugs-in-the-real-world/Thu, 08 Jul 2010 00:00:00 +0000https://whileydave.com/2010/07/08/finding-bugs-in-the-real-world/There’s a really interesting article over on CACM about static analysis in the real world. Here’s the Link. The article is a report from experiences gained in the commercialisation of a tool by Coverity which uses static code analysis to find bugs.https://whileydave.com/2010/07/05/kiwi-language-creator-acknowledged/Mon, 05 Jul 2010 00:00:00 +0000https://whileydave.com/2010/07/05/kiwi-language-creator-acknowledged/The Dom Post ran a short article over the weekend on kiwi Ross Ihaka, about the R programming language which he created along with Robert Gentleman at the University of Auckland.https://whileydave.com/2010/06/30/example-sum-over-a-positive-list/Wed, 30 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/30/example-sum-over-a-positive-list/So, here’s the first Whiley programming example. Obviously, it’s pretty simple as Whiley is not quite ready for big code just yet. The idea is to compute the sum of a positive list which, of course, will give you a positive number.https://whileydave.com/2010/06/26/what-is-extended-static-checking/Sat, 26 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/26/what-is-extended-static-checking/Extended Static Checking (ESC) is the main technique used in Whiley. *But, what is it? *Since there isn’t a huge amount of information available on the web, I thought some discussion about this would be useful.https://whileydave.com/2010/06/23/rich-hickey-on-clojure-se-radio/Wed, 23 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/23/rich-hickey-on-clojure-se-radio/I’ve just been listening to an interesting interview with Rich Hickery on Clojure over at SE Radio. I’m a big fan of Clojure, since it shares a lot of similar ideas with Whiley (really, it does … trust me :).https://whileydave.com/2010/06/22/the-trouble-with-quantifier-instantiation-in-an-smt-solver-triggers./Tue, 22 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/22/the-trouble-with-quantifier-instantiation-in-an-smt-solver-triggers./So, i’ve been recently working through the quantifier instantiation mechanism in wyone. This is a tricky, yet important topic. There’s been a lot of interesting research in this area as well (see further reading below for some examples), although I found the papers often hard work at times.https://whileydave.com/2010/06/15/experimental-security-analysis-of-a-modern-automobile/Tue, 15 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/15/experimental-security-analysis-of-a-modern-automobile/Another good paper I found recently was the following: “Experimental Security Analysis of a Modern Automobile”, Hoscher, Czeskis, et al. In Proceedings of IEEE Symposium on Security and Privacy, 2010. [PDF]https://whileydave.com/2010/06/10/formal-methods-to-the-moon-and-back/Thu, 10 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/10/formal-methods-to-the-moon-and-back/I recently came across a rather interesting presentation by Gerard Holzmann (author of the SPIN model checker) who’s currently working for NASA’s Jet Propulsion Lab, and previously worked at Bell Labs:https://whileydave.com/2010/06/07/dafny-an-automatic-program-verifier-for-functional-correctness/Mon, 07 Jun 2010 00:00:00 +0000https://whileydave.com/2010/06/07/dafny-an-automatic-program-verifier-for-functional-correctness/So, last week the pl reading group chose to read this paper by Rustan Leino. Ignoring the fact that a number of people in our group are interested in this area, Rustan had recently given a presentation on Dafny here (his slides are here) and this was reason we chose this paper.https://whileydave.com/publications/pk10_acsc/Fri, 01 Jan 2010 00:00:00 +0000https://whileydave.com/publications/pk10_acsc/Abstract: The dynamic topological order problem is that of efficiently updating a topological order after some edge(s) are inserted into a graph. Much prior work exists on the unit-change version of this problem, where the order is updated after every single insertion.https://whileydave.com/publications/hpr10_toms/Fri, 01 Jan 2010 00:00:00 +0000https://whileydave.com/publications/hpr10_toms/Abstract: The Tutte polynomial of a graph is a 2-variable polynomial graph invariant of considerable importance in both combinatorics and statistical physics. It contains several other polynomial invariants, such as the chromatic polynomial and flow polynomial as partial evaluations, and various numerical invariants such as the number of spanning trees as complete evaluations.https://whileydave.com/publications/phr10_cjtcs/Fri, 01 Jan 2010 00:00:00 +0000https://whileydave.com/publications/phr10_cjtcs/Abstract. The Tutte polynomial of a graph, also known as the partition function of theq-statePotts model, is a 2-variable polynomial graph invariant of considerable importance in bothcombinatorics and statistical physics. It contains several other polynomial invariants, such asthe chromatic polynomial and flow polynomial as partial evaluations, and various numericalinvariants such as the number of spanning trees as complete evaluations.https://whileydave.com/projects/jpure/Fri, 01 Jan 2010 00:00:00 +0000https://whileydave.com/projects/jpure/Purity Analysis is the problem of determining whether or not a method may have side-effects. This has applications in automatic parallelisation, extended static checking, and more. JPure is a novel purity system for Java that employs purity annotations which can be checked modularly.https://whileydave.com/publications/npn10_tools/Fri, 01 Jan 2010 00:00:00 +0000https://whileydave.com/publications/npn10_tools/Abstract: Java provides a specification for a user-defined general purpose equivalence operator for objects, but collections such as Set have more stringent requirements. This inconsistency breaks polymorphism: programmers must take care to follow Set’s contract rather than the more general Object contract if their object could enter a Set.https://whileydave.com/projects/whiley/Fri, 01 Jan 2010 00:00:00 +0000https://whileydave.com/projects/whiley/Whiley is a hybrid imperative and functional programming language which has been under development since 2009. Find out more at whiley.org or try it online at whileylabs.com. The complete source code for the compiler and theorem prover is available on GitHub.https://whileydave.com/downloads/tuttev0.9.13/Sun, 01 Nov 2009 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.13/The following updates have been made: Version 0.9.12 introduced a feature whereby “large” graphs were never displaced from the cache. This was useful for us where we were computing the polynomial of the Truncated Icosahedron.https://whileydave.com/downloads/tuttev0.9.12/Sat, 01 Aug 2009 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.12/The following updates have been made: A long standing bug related to memory corruption has been fixed. Support for 64bit machines now works correctly. This means you can use very large caches (e.https://whileydave.com/publications/phr09_cats/Thu, 01 Jan 2009 00:00:00 +0000https://whileydave.com/publications/phr09_cats/Abstract: The Tutte polynomial of a graph, also known as the partition function of the q-state Potts model, is a 2-variable polynomial graph invariant of considerable importance in both combinatorics and statistical physics.https://whileydave.com/publications/npn09_raool/Thu, 01 Jan 2009 00:00:00 +0000https://whileydave.com/publications/npn09_raool/https://whileydave.com/publications/male09_msc/Thu, 01 Jan 2009 00:00:00 +0000https://whileydave.com/publications/male09_msc/Abstract: Static typing allows type errors to be revealed at compile time, which reduces the amount of maintenance and debugging that must occur later on. However, often the static type information included in source code is duplicate or redundant.https://whileydave.com/publications/walbran08_comp489/Sat, 01 Nov 2008 00:00:00 +0000https://whileydave.com/publications/walbran08_comp489/Abstract. Java programs often contain expressions involving method calls that are executed many times in a loop but will always return the same value, such as checking the length of a collection through which the loop is iterating.https://whileydave.com/publications/hibbard08_bitt489/Sat, 01 Nov 2008 00:00:00 +0000https://whileydave.com/publications/hibbard08_bitt489/Abstract. This document contains a full report on the Profiling Collections in Java project. The project focuses on the development of a tool that profiles the use of different implementations of the Collection interface in Java and allows us to analyse their use with regards to efficiency.https://whileydave.com/downloads/tuttev0.9.10/Fri, 01 Aug 2008 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.10/https://whileydave.com/downloads/tuttev0.9.11/Fri, 01 Aug 2008 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.11/https://whileydave.com/downloads/tuttev0.9.9/Tue, 01 Jul 2008 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.9/https://whileydave.com/downloads/tuttev0.9.8/Sun, 01 Jun 2008 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.8/https://whileydave.com/downloads/tuttev0.9.7/Tue, 01 Apr 2008 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.7/https://whileydave.com/publications/wpn08_oopsla/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/wpn08_oopsla/Abstract: Many contemporary object-oriented programming languages support first-class queries or comprehensions. These language extensions make it easier for programmers to write queries, but are generally implemented no more efficiently than the code using collections, iterators, and loops that they replace.https://whileydave.com/publications/npn08_raool/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/npn08_raool/https://whileydave.com/publications/npg08_formed/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/npg08_formed/https://whileydave.com/publications/mppd08_cc/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/mppd08_cc/Abstract: Java’s annotation mechanism allows us to extend its type system with non-null types. However, checking such types cannot be done using the existing bytecode verification algorithm. We extend this algorithm to verify non-null types using a novel technique that identifies aliasing relationships between local variables and stack locations in the JVM.https://whileydave.com/publications/pn08_mpool/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/pn08_mpool/https://whileydave.com/publications/pn08_plop/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/pn08_plop/Abstract: Operations on abstract data types can be classified as either queries or updates — those that either query the current state, or update it. Modern object-oriented programming languages require classes/interfaces to support a predefined set of such operations.https://whileydave.com/projects/jkit/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/projects/jkit/The Java Compiler Kit is a straightforward implementation of a Java compiler, designed with extensibility in mind. In building the JKit compiler, the aims were: firstly, to help with teaching compilers by considering an implementation for a fully fledged language (Java), rather than a stripped-down imitation language; secondly, to aid research in programming languages, compilers and verification.https://whileydave.com/publications/willis08_msc/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/willis08_msc/Abstract: This thesis describes JQL, an extension to Java which provides object querying. Object querying is an abstraction of operations over collections, including operations that combine multiple collections, which would otherwise have to be manually implemented.https://whileydave.com/publications/tpah08_softviz/Tue, 01 Jan 2008 00:00:00 +0000https://whileydave.com/publications/tpah08_softviz/https://whileydave.com/downloads/tuttev0.9.2/Wed, 01 Aug 2007 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.2/https://whileydave.com/downloads/tuttev0.9.3/Wed, 01 Aug 2007 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.3/https://whileydave.com/downloads/tuttev0.9.4/Wed, 01 Aug 2007 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.4/https://whileydave.com/downloads/tuttev0.9.5/Wed, 01 Aug 2007 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.5/https://whileydave.com/downloads/tuttev0.9.6/Wed, 01 Aug 2007 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.6/https://whileydave.com/downloads/tuttev0.9.1/Fri, 01 Jun 2007 00:00:00 +0000https://whileydave.com/downloads/tuttev0.9.1/https://whileydave.com/publications/pk07_jea/Mon, 01 Jan 2007 00:00:00 +0000https://whileydave.com/publications/pk07_jea/Abstract. We consider the problem of maintaining the topological order of a directed acyclic graph (DAG) in the presence of edge insertions and deletions. We present a new algorithm and, although this has inferior time complexity compared with the best previously known result, we find that its simplicity leads to better performance in practice.https://whileydave.com/publications/pkh07_toplas/Mon, 01 Jan 2007 00:00:00 +0000https://whileydave.com/publications/pkh07_toplas/Abstract. The subject of this paper is flow- and context-insensitive pointer analysis. We present a novel approach for precisely modelling struct variables and indirect function calls. Our method em- phasises efficiency and simplicity and is based on a simple language of set constraints.https://whileydave.com/publications/nspb07_europlop/Mon, 01 Jan 2007 00:00:00 +0000https://whileydave.com/publications/nspb07_europlop/Abstract: Aspect-oriented programming languages are becoming commonplace, and programmers are accumulating experience in building and maintaining aspect-oriented systems. This paper addresses how the use of these languages affects program design: how aspect-oriented languages change the design space, which designs should be emulated and which avoided, and the strengths and weaknesses of particular kinds of design.https://whileydave.com/publications/pwbk07_spe/Mon, 01 Jan 2007 00:00:00 +0000https://whileydave.com/publications/pwbk07_spe/Abstract. This paper investigates whether AspectJ can be used for efficient profiling of Java programs. Profiling differs from other applications of AOP (e.g. tracing), since it necessitates efficient and often complex interactions with the target program.https://whileydave.com/publications/tph07_sienz/Mon, 01 Jan 2007 00:00:00 +0000https://whileydave.com/publications/tph07_sienz/Abstract: The Tutte polynomial is an important concept in graph theory which captures many important properties of graphs (e.g. chromatic number, number of spanning trees etc). It also provides a normalised representation that can be used as an equivalence relation on graphs and has applications in diverse areas such micro-biology and physics.https://whileydave.com/publications/rpw06_acp4is/Sun, 01 Jan 2006 00:00:00 +0000https://whileydave.com/publications/rpw06_acp4is/Abstract: A multilevel security (MLS) system has two primary goals: first, it is intended to prevent unauthorised personnel from accessing information at higher classification than their authorisation. Second, it is intended to prevent personnel from declassifying information.https://whileydave.com/publications/wpn06_ecoop/Sun, 01 Jan 2006 00:00:00 +0000https://whileydave.com/publications/wpn06_ecoop/Abstract: Modern programming languages have little or no support for querying objects and collections. Programmers are forced to hand code such queries using nested loops, which is both cumbersome and inefficient.https://whileydave.com/publications/pn06_europlop/Sun, 01 Jan 2006 00:00:00 +0000https://whileydave.com/publications/pn06_europlop/Abstract: Relationships between objects are almost as important to designs as the objects themselves. Most programming languages do not support relationships well, so programmers must implement relationships in terms of more primitive constructs.https://whileydave.com/publications/pn06_aosd/Sun, 01 Jan 2006 00:00:00 +0000https://whileydave.com/publications/pn06_aosd/Abstract: The relationships between objects in object-oriented programs are as important as the objects themselves. Unfortunately, most object-oriented programming languages provide little support for such relationships, leaving the task of implementing them entirely to the programmer.https://whileydave.com/publications/nbtp06_ecap/Sun, 01 Jan 2006 00:00:00 +0000https://whileydave.com/publications/nbtp06_ecap/Abstract: Object-oriented design is based on the argument that objects in a program act as a simulation of objects in the real world. This paper will provide a semiotic account of object-oriented design patterns, treating an object as a sign comprised of some part of the real world, its realisation in the program, and the programmers intent about the program design (that the object model the world).https://whileydave.com/projects/tutte/Sun, 01 Jan 2006 00:00:00 +0000https://whileydave.com/projects/tutte/Overview. Tutte polynomials play an important role in graph theory, combinatorics, matroid theory, knot theory, and experimental physics. For example, the polynomials can be evaluated to find the number of spanning trees in a graph, the number of forests in a graph, the number of connected spanning subgraphs, the number of spanning subgraphs, and the number of acyclic orientations.https://whileydave.com/downloads/dtsv061205/Thu, 06 Oct 2005 00:00:00 +0000https://whileydave.com/downloads/dtsv061205/https://whileydave.com/downloads/dtsv260105/Wed, 26 Jan 2005 00:00:00 +0000https://whileydave.com/downloads/dtsv260105/https://whileydave.com/publications/pearce05_phd/Sat, 01 Jan 2005 00:00:00 +0000https://whileydave.com/publications/pearce05_phd/Abstract: This thesis is focused on improving execution time and precision of scalable pointer analysis. Such an analysis statically determines the targets of all pointer variables in a program. We formulate the analysis as a directed graph problem, where the solution can be obtained by a computation similar, in many ways, to transitive closure.https://whileydave.com/publications/pk04_wea/Thu, 01 Jan 2004 00:00:00 +0000https://whileydave.com/publications/pk04_wea/Abstract: We consider how to maintain the topological order of a directed acyclic graph (DAG) in the presence of edge insertions and deletions. We present a new algorithm and, although this has marginally inferior time complexity compared with the best previously known result, we find that its simplicity leads to better performance in practice.https://whileydave.com/publications/lmpl04_fpl/Thu, 01 Jan 2004 00:00:00 +0000https://whileydave.com/publications/lmpl04_fpl/Abstract: Function evaluation is at the core of many compute-intensive applications which perform well on reconfigurable platforms. Yet, in order to implement function evaluation efficiently, the FPGA programmer has to choose between a multitude of function evaluation methods such as table lookup, polynomial approximation, or table lookup combined with polynomial approximation.https://whileydave.com/projects/dts/Thu, 01 Jan 2004 00:00:00 +0000https://whileydave.com/projects/dts/The problem of topologically sorting a directed graph is about arranging its nodes so that all edges go in the same direction. For example, consider the following directed graph: A topological sort of this graph is:https://whileydave.com/publications/pkh04_paste/Thu, 01 Jan 2004 00:00:00 +0000https://whileydave.com/publications/pkh04_paste/Abstract: The subject of this paper is flow- and context-insensitive pointer analysis. We present a novel approach for precisely modelling struct variables and indirect function calls. Our method emphasises efficiency and simplicity and extends the language of set-constraints.https://whileydave.com/publications/pkh04_sqj/Thu, 01 Jan 2004 00:00:00 +0000https://whileydave.com/publications/pkh04_sqj/Abstract. This paper presents and evaluates a number of techniques to improve the execution time of interprocedural pointer analysis in the context of C programs. The analysis is formulated as a graph of set constraintsand solved using a worklist algorithm.https://whileydave.com/downloads/dtsv270803/Wed, 27 Aug 2003 00:00:00 +0000https://whileydave.com/downloads/dtsv270803/https://whileydave.com/publications/mphl03_fpt/Wed, 01 Jan 2003 00:00:00 +0000https://whileydave.com/publications/mphl03_fpt/Abstract: We consider speeding up general-purpose applications with hardware accelerators. Traditionally hardware accelera- tors are tediously hand-crafted to achieve top performance. ASC (A Stream Compiler) simplifies exploration of hard- ware accelerators by transforming the hardware design task into a software design process using only ’gcc’ and ’make’ to obtain a hardware netlist.https://whileydave.com/projects/djprof/Wed, 01 Jan 2003 00:00:00 +0000https://whileydave.com/projects/djprof/DJProf is an experimental Java profiling tool which employs AspectJ to insert the necessary instrumentation for profiling rather than, for example, the Java Machine Profiler Interface (JVMPI). DJProf can be used to profile Java programs without modification (i.https://whileydave.com/publications/pkh03_scam/Wed, 01 Jan 2003 00:00:00 +0000https://whileydave.com/publications/pkh03_scam/Abstract. This paper presents and evaluates a number of techniques to improve the execution time of interprocedural pointer analysis in the context of large C programs. The analysis is formulated as a graph of set constraints and solved using a worklist algorithm.https://whileydave.com/publications/pkfh02_tools/Tue, 01 Jan 2002 00:00:00 +0000https://whileydave.com/publications/pkfh02_tools/Abstract: This paper desribes a dynamic instrumentation tool for the Linux Kernal which allows a stock Linux kernel to be modified while in execution, with instruments implemented as kernel modules. The Intel x86 architecture poses a particular problem, due to variable length instructions, which this paper addresses for the first time.https://whileydave.com/projects/gilk/Sat, 01 Jan 2000 00:00:00 +0000https://whileydave.com/projects/gilk/The GILK project was part of my master’s thesis at Imperial College London. The project is all about dynamic instrumentation of the Linux Kernel. This means that a stock (i.e. without any source code modification) kernel can be instrumented whilst in execution!https://whileydave.com/publications/pearce00_meng/Sat, 01 Jan 2000 00:00:00 +0000https://whileydave.com/publications/pearce00_meng/Abstract: An instrumentation tool has been developed for the Linux kernel that uses the relatively new technique of runtime code splicing. This permits instrumentation of a running system, without any source code modification, by redirecting the flow of control to pass through carefully written code patches.