1 / 15

The Whiley Programming Language

The Whiley Programming Language. David J. Pearce School of Engineering and Computer Science, Victoria University of Wellington, New Zealand. Motivation. Ariane 5 (destroyed shortly after take off) Mars Global Surveyor (batteries overheated) F22-Raptor (“problem” crossing meridian line)

donovan-rice
Download Presentation

The Whiley Programming Language

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Whiley Programming Language David J. Pearce School of Engineering and Computer Science, Victoria University of Wellington, New Zealand

  2. Motivation • Ariane 5 (destroyed shortly after take off) • Mars Global Surveyor (batteries overheated) • F22-Raptor (“problem” crossing meridian line) • USS Yorktown (dead in water) • Therac-25 (lethal doses of X-Rays) • …

  3. State of Play class Date { private int day; private int month; private int year; public Date(int day, int month, int year){ this.day = day; this.month = month; this.year = year; } … }

  4. Java Modelling Language (JML) class Date { // 30 days hath Sept, Apr, Jun and Nov // all the rest have 31, … // except February, which has 28 … //@ invariant ((month!=9 && month!=4 && month!=6 //@ && month!=11) || day <= 30) && //@ 1 <= day <= 31 && 1 <= months <= 12 && //@ (month!=2 || day <= 28); private int day, month, year; … }

  5. Verifying OO Programs: The Challenge class TableRow<T> { private List<T> rows; … void set(List<T> rs) { rows = rs; } void copy(List<T> to) { for(int i=0;i!=rows.size();++i) { to.add(rows.get(i)); } } }

  6. Verifying OO Programs: The Challenge • Does this make sense ? class Date { … //@ ensures \result.compareTo(this) > 0; public Date nextDay() { … } public int compareTo(Date d) { … } }

  7. Introducting Whiley !!! • Hybrid OO – Functional Language • Compiles to JVM • Performs Compile-Time Checking of Constraints

  8. Functional Core • Functional functions • No aliasing or side-effects • Pass-by-value records, lists + sets • Constraints checked at compile time define int where$ >= 0as nat int f(nat a, nat b)ensures $ > 0: ifa == b: return 1 else: return a + b

  9. Quick Demo

  10. Numbers • OOP: Modular Arithimetic + Floating Point • Whiley: unbounded ints + rationals define int where$ >= 0&& $ < 256asbyte real f(byte x): if x > 0: return 18372.382349823409823409234 return x + 1

  11. Implicit Subtyping define int where$ >= 0as nat define int where$ > 0as pint pint f(nat a) : return a + 1 int g(nat x): return x – 1 nat y = … int z = g(y) • OOP: subtyping explicit via inheritance • Whiley: Subtyping is implicit, not explicit

  12. Lists + Quantifiers • OOP: sets/lists are objects • JML: quantifies may not be computable • Whiley: Support for first-class lists/sets • Whiley: Support for computable quantifiers define [int] whereno {x in $ | x<0} as nats int sum(nats ns, int i) requires 0<=i && i<|ns|, ensures $ >= 0: return ns[i]

  13. Imperative Outer Layer define process(int x, int y)as PointProc void PointProc::update(int z): this->y = z void System::main([string] args): PointProc pp = spawn (x:1,y:2) pp->update(3) print str(*pp) • OOP: objects may be concurrently modified • OOP: methods have re-entrant semantics • Whiley: process methods execute atomically • Whiley: methods are not re-entrant

  14. Parser Type Checker SMT Solver Bytecode Generator Verification Compiler Overview

  15. whiley.org (under construction)

More Related