Lecture 12: Practical Tools for Java Correctness

APL Lecture 12: Practical Tools for Java CorrectnessFriday’s lecture presented two different methods for Java programs that are intended to help with writing correct code: the standard Java assert statement; and JML, the Java Modeling Language.

Both of these approaches aim to record the programmers’ expectations about what code is doing. The most immediate effect of this is that the programmer has to actually consider and make precise what those expectations are; after that, making them explicit means that others can read, understand, and possibly challenge them. All this can happen without a formal annotation language or machine assistance. However, once we do use a precise language, it becomes possible to automatically check whether a program does meet the given specification.

There are many different routes to such checks. The assert statement in Java tests that running code behaves as expected. The more extensive JML framework uses a single Hoare-like annotation language to support many different kinds of check: automatic insertion of appropriate assert statements; machine-generated tests; static checking of  properties at compile-time; and more.

In all of these we are expanding the language not to write programs with a wider range of behaviours or effects, but to write programs that have the correct behaviours or effects for the task they are to perform.

Link: Slides for Lecture 12


JML is just one of many frameworks for specifying and verifying code. Other examples include Java annotations, FindBugs™, QuickCheck, the C specification language ACSL and the Frama-C platform, Spec#, and many more. Your homework is to find out about one particular such system.

Post this: Find some information online about Microsoft’s Code Contracts. Post about it to the mailing list, the Facebook page, or as a comment on this blog entry.


On assertions in Java and ways to use them.

Programming with Assertions Oracle Java Technology Network
Programming with Assertions
Oracle language technical note for Java 8 describing what assertions are and illustrating different ways of using them.
Link: Article
When to use an assertion and when to use an exception Stack Overflow
When to Use an Assertion and When to Use an Exception
“Most of the time I will use an exception to check for a condition in my code, I wonder when it is an appropriate time to use an assertion?”
Link: Discussion

On the Liskov substitution principle.

Barbara Liskov
ACM Turing Award 2008
For contributions to practical and theoretical foundations of programming language and system design, especially related to data abstraction, fault tolerance, and distributed computing.
Link: ACM Turing Award Citation
Jeannette Wing Jeannette Wing
Corporate Vice-President, Microsoft Research
Previously head of the Department of Computer Science at Carnegie Mellon University and assistant director of the US National Science Foundation. Strong advocate for computational thinking across multiple disciplines.
Links: Wing at Microsoft; Computational Thinking
A Behavioral Notion of Subtyping A Behavioral Notion of Subtyping
Barbara Liskov and Jeanette Wing
ACM Transactions on Programming Languages and Systems 16(6):1811–1841
DOI 10.1145/197320.197383
Links: Access through Edinburgh University Library (may require EASE login); Publisher’s page

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s