Eiffel: the language
Reusable software: the Base object-oriented component libraries
Reusable software: the Base object-oriented component libraries
Object-oriented software construction (2nd ed.)
Object-oriented software construction (2nd ed.)
Declaring and checking non-null types in an object-oriented language
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
The Spec# Programming System: Challenges and Directions
Verified Software: Theories, Tools, Experiments
Eiffel as a Framework for Verification
Verified Software: Theories, Tools, Experiments
Automatic Testing of Object-Oriented Software
SOFSEM '07 Proceedings of the 33rd conference on Current Trends in Theory and Practice of Computer Science
Freedom before commitment: a lightweight type system for object initialisation
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Making specifications complete through models
Proceedings of the 2004 international conference on Architecting Systems with Trustworthy Components
Non-null references by default in java: alleviating the nullity annotation burden
ECOOP'07 Proceedings of the 21st European conference on Object-Oriented Programming
| Hi-index | 0.00 |
The three problems of the title — the first two widely discussed in the literature, the third less well known but just as important for further development of object technology — are: – Eradicating the risk of void calls: x.f with, at run time, the target x not denoting any object, leading to an exception and usually a crash. – Eradicating the risk of “catcalls”: erroneous run-time situations, almost inevitably leading to crashes, resulting from the use of covariant argument typing. – Providing a simple way, in concurrent object-oriented programming, to lock an object handled by a remote processor or thread of control, or to access it without locking it, as needed by the context and in a safe way. A language mechanism provides a combined solution to all three issues. This mechanism also allows new solutions to two known problems: how to check that a certain object has a certain type, and then use it accordingly (“Run-Time Type Identification” or “downcasting”), for which it may provide a small improvement over previously proposed techniques; and how to provide a “once per object” facility, permitting just-in-time evaluation of certain object properties. The solution relies on a small extension to the type system involving a single symbol, the question mark. The idea is to declare certain types as “attached” (not permitting void values), enforce some new validity rules that rule out void calls, and validate a number of common programming schemes as “Certified Attachment Patterns” guaranteed to rule out void calls. (In addition, the design replaced an existing type-querying construct by a simpler one.) The mechanism is completely static: all checks can be performed by compilers as part of normal type system enforcement. It places no undue burden on these compilers — in particular, does not require dataflow analysis — and can be fairly quickly explained to programmers. Existing code, if reasonably well-written, will usually continue to work without change; for exceptions to this rule, often reflecting real risks of run-time crashes, backward-compatible options and a clear transition path are available.