Safely creating correct subclasses without seeing superclass code

Authors:
Clyde Ruby

Department of Computer Science, Iowa State University, 226 Atanasoff Hall, Ames, IA

Department of Computer Science, Iowa State University, 226 Atanasoff Hall, Ames, IA
View Profile

,
Gary T. Leavens

Department of Computer Science, Iowa State University, 226 Atanasoff Hall, Ames, IA

Department of Computer Science, Iowa State University, 226 Atanasoff Hall, Ames, IA
View Profile

OOPSLA '00: Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applicationsOctober 2000Pages 208–228https://doi.org/10.1145/353171.353186

Published:01 October 2000Publication History

OOPSLA '00: Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications

Pages 208–228

ABSTRACT

A major problem for object-oriented frameworks and class libraries is how to provide enough information about a superclass, so programmers can safely create new subclasses without giving away the superclass's code. Code inherited from the superclass can call down to methods of the subclass, which may cause nontermination or unexpected behavior. We describe a reasoning technique that allows programmers, who have no access to the code of the superclass, to determine both how to safely override the superclass's methods and when it is safe to call them. The technique consists of a set of rules and some new forms of specification. Part of the specification would be generated automatically by a tool, a prototype of which is planned for the formal specification language JML. We give an example to show the kinds of problems caused by method overrides and how our technique can be used to avoid them. We also argue why the technique is sound and give guidelines for library providers and programmers that greatly simplify reasoning about how to avoid problems caused by method overrides.

References

1.P. America. Designing an object-oriented programming language with behavioural subtyping. In J. W. de Bakker, W. P. de Roever, and G. Rozenberg, editors, Foundations of Object-Oriented Languages, REX School/Workshop, Noordwijkerhout, The Netherlands, May/June 1990, volume 489 of Lecture Notes in Computer Science, pages 60-90. Springer-Verlag, New York, NY, 1991. Google ScholarDigital Library
2.R.-J. Back and J. von Wright. Refinement Calculus: A Systematic Introduction. Springer-Verlag, 1998. Google ScholarDigital Library
3.Y. Chen and B. H. C. Cheng. A semantic foundation for specification matching. In G. T. Leavens and M. Sitaraman, editors, Foundations of Component-Based Systems, pages 91-109. Cambridge University Press, New York, NY, 2000. Google ScholarDigital Library
4.K. K. Dhara and G. T. Leavens. Forcing behavioral subtyping through specification inheritance. In Proceedings of the 18th International Conference on Software Engineering, Berlin, Germany, pages 258-267. IEEE Computer Society Press, Mar. 1996. A corrected version is Iowa State University, Dept. of Computer Science TR #95-20c. Google ScholarDigital Library
5.S. H. Edwards. Representation inheritance: A safe form of "white box" code inheritance. In Fourth International Conference on Software Reuse, pages 195-204. IEEE Computer Society Press, Apr. 1996. Google ScholarDigital Library
6.P. H. B. Gardier and C. Morgan. A single complete rule for data refinement. In Morgan and Vickers {30}, pages 111-126.Google Scholar
7.P. H. B. Gardiner and C. Morgan. Data refinement of predicate transformers. In Morgan and Vickers {30}, pages 71-84.Google Scholar
8.J. V. Guttag, J. J. Horning, S. Garland, K. Jones, A. Modet, and J. Wing. Larch: Languages and Tools for Formal Specification. Springer-Verlag, New York, NY, 1993. Google ScholarDigital Library
9.E. C. R. Hehner. A Practical Theory of Programming. Texts and Monographs in Computer Science. Springer-Verlag, 1993. Google ScholarDigital Library
10.C. A. R. Hoare. Proof of correctness of data representations. Acta Informatica, 1(4):271-281, 1972.Google ScholarDigital Library
11.G. Kiczales, J. des Rivieres, and D. G. Bobrow. The Art of the Metaobject Protocol. The MIT Press, Cambridge, Mass., 1991. Google ScholarDigital Library
12.G. Kiczales and J. Lamping. Issues in the design and documentation of class libraries. ACM SIGPLAN Notices, 27(10):435-451, Oct. 1992. OOPSLA '92 Proceedings, Andreas Paepcke (editor). Google ScholarDigital Library
13.J. Lamping. Typing the specialization interface. ACM SIGPLAN Notices, 28(10):201-214, Oct. 1993. OOPSLA '93 Proceedings, Andreas Paepcke (editor). Google ScholarDigital Library
14.G. T. Leavens, A. L. Baker, and C. Ruby. JML: A notation for detailed design. In H. Kilov, B. Rumpe, and I. Simmonds, editors, Behavioral Specifications of Businesses and Systems, pages 175-188. Kluwer Academic Publishers, Boston, 1999.Google ScholarDigital Library
15.G. T. Leavens, A. L. Baker, and C. Ruby. Preliminary design of JML: A behavioral interface specification language for Java. Technical Report 98-06i, Iowa State University, Department of Computer Science, Feb. 2000. See www.cs.iastate.edu/~leavens/JML.html.Google Scholar
16.G. T. Leavens and W. E. Weihl. Specification and verification of object-oriented programs using supertype abstraction. Acta Informatica, 32(8):705-778, Nov. 1995.Google ScholarDigital Library
17.K. R. M. Leino. Toward Reliable Modular Programs. PhD thesis, California Institute of Technology, 1995. Available as Technical Report Caltech-CS-TR-95-03. Google ScholarDigital Library
18.K. R. M. Leino. Data groups: Specifying the modification of extended state. In OOPSLA '98 Conference Proceedings, volume 33(10) of ACM SIGPLAN Notices, pages 144-153. ACM, Oct. 1998. Google ScholarDigital Library
19.B. Liskov and J. Guttag. Abstraction and Specification in Program Development. The MIT Press, Cambridge, Mass., 1986. Google ScholarDigital Library
20.B. Liskov and J. Wing. A behavioral notion of subtyping. ACM Trans. Prog. Lang. Syst., 16(6):1811-1841, Nov. 1994. Google ScholarDigital Library
21.B. Liskov and J. M. Wing. Specifications and their use in defining subtypes. ACM SIGPLAN Notices, 28(10):16-28, Oct. 1993. OOPSLA '93 Proceedings, Andreas Paepcke (editor). Google ScholarDigital Library
22.C. Lucas. Documenting Reuse and Evolution with Reuse Contracts. PhD thesis, Vrije Universiteit Brussel, Brussels, Belgium, Sept. 1997.Google Scholar
23.O. L. Madsen, B. M~ller-Pedersen, and K. Nygaard. Object-Oriented Programming in the BETA programming Language. Addison-Wesley Inc, 1993. Google ScholarDigital Library
24.B. Meyer. Object-oriented Software Construction. Prentice Hall, New York, NY, 1988. Google ScholarDigital Library
25.B. Meyer. Applying "design by contract". Computer, 25(10):40-51, Oct. 1992. Google ScholarDigital Library
26.M. Mezini. Maintaining the consistency and behavior of class libraries during their evolution. ACM SIGPLAN Notices, 32(10):1-21, Oct. 1997. Conference Proceedings of OOPSLA '97. Google ScholarDigital Library
27.L. Mikhajlov and E. Sekerinski. A study of the fragile base class problem. In E. Jul, editor, ECOOP '98 - Object-Oriented Programming, 12th European Conference , Brussels, Proceedings, volume 1445 of Lecture Notes in Computer Science, pages 355-382. Springer-Verlag, July 1998. Google ScholarDigital Library
28.C. Morgan. Programming from Specifications: Second Edition. Prentice Hall International, Hempstead, UK, 1994. Google ScholarDigital Library
29.C. Morgan and P. H. B. Gardiner. Data refinement by calculation. Acta Informatica, 27(6):481-503, May 1990. Google ScholarDigital Library
30.C. Morgan and T. Vickers, editors. On the refinement calculus. Formal approaches of computing and information technology series. Springer-Verlag, New York, NY, 1994. Google ScholarDigital Library
31.P. Muller and A. Poetzsch-Heffter. Modular specification and verification techniques for object-oriented software components. In G. T. Leavens and M. Sitaraman, editors, Foundations of Component-Based Systems, chapter 7, pages 137-159. Cambridge University Press, 2000. Google ScholarDigital Library
32.W. Opdyke. Refactoring Object-Oriented Frameworks. PhD thesis, University of Illinois at Urbana-Champaign, 1992. Google ScholarDigital Library
33.D. E. Perry and G. E. Kaiser. Adequate testing and object-oriented programming. Journal of Object-Oriented Programming, 2(5):13-19, Jan/Feb 1990. Google ScholarDigital Library
34.A. D. Raghavan. Design of a JML documentation generator. Technical Report 00-12, Iowa State University, Department of Computer Science, July 2000.Google Scholar
35.R. Stata. Modularity in the presence of subclassing. Technical Report 145, Digital Equipment Corporation, Systems Research Center, 130 Lytton Avenue Palo Alto, CA 94301, Apr 1997. Order from [email protected] or ftp from gatekeeper.dec.com. Google ScholarDigital Library
36.R. Stata and J. V. Guttag. Modular reasoning in the presence of subclassing. ACM SIGPLAN Notices, 30(10):200-214, Oct. 1995. Proceedings of OOPSLA '95 Tenth Annual Conference on Object-Oriented Programming Systems, Languages, and Applications. Google ScholarDigital Library
37.S. Stepney, R. Barden, and D. Cooper, editors. Object Orientation in Z. Workshops in Computing. Springer-Verlag, Cambridge CB2 1LQ, UK, 1992. Google ScholarDigital Library
38.P. Steyaert, C. Lucas, K. Mens, and T. D'Hondt. Reuse contracts: Managing the evolution of reusable assets. In OOPSLA '96 Conference on Object-Oriented Programming Systems, Languagges and Applications, pages 268-285. ACM Press, October 1996. ACM SIGPLAN Notices, Volume 31, Number 10. Google ScholarDigital Library
39.C. Szyperski. Component Software: Beyond Object-Oriented Programming. ACM Press and Addison-Wesley, New York, NY, 1998. Google ScholarDigital Library

Index Terms

Safely creating correct subclasses without seeing superclass code
1. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language types
        Object oriented languages
    2. System description languages
      1. Specification languages

Recommendations

Safely creating correct subclasses without seeing superclass code

A major problem for object-oriented frameworks and class libraries is how to provide enough information about a superclass, so programmers can safely create new subclasses without giving away the superclass's code. Code inherited from the superclass can ...
Read More
Safely creating correct subclasses without seeing superclass code
OOPSLA '00: Addendum to the 2000 proceedings of the conference on Object-oriented programming, systems, languages, and applications (Addendum)

A major problem for object-oriented frameworks and class libraries is how to provide enough information about an extensible superclass so that programmers can safely create new subclasses without studying superclass code. The goal of my work is to ...
Read More
JML (poster session): notations and tools supporting detailed design in Java
OOPSLA '00: Addendum to the 2000 proceedings of the conference on Object-oriented programming, systems, languages, and applications (Addendum)

JML is a notation for specifying the detailed design of Java classes and interfaces. JML's assertions are stated using a slight extension of Java's expression syntax. This should make it easy to use. Tools for JML aid in static analysis, verification, ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
OOPSLA '00: Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
October 2000
402 pages
ISBN:158113200X
DOI:10.1145/353171
Chairmen:
Mary Beth Rosson
Virginia Tech.
,
Doug Lea
SUNY Oswego
ACM SIGPLAN Notices Volume 35, Issue 10
Oct. 2000
402 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/354222
Issue’s Table of Contents
Copyright © 2000 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 October 2000
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
JML language
Java language
downcalls
method refinement
semantic fragile subclassing problem
specification inheritance
subclass
subclassing contract
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate268of1,244submissions,22%
Upcoming Conference
SPLASH '24

Sponsor:

sigplan

ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity

October 20 - 25, 2024

Pasadena , CA , USA
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 35
  Total Citations
  View Citations
- 763
  Total Downloads
- Downloads (Last 12 months)37
- Downloads (Last 6 weeks)8
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Safely creating correct subclasses without seeing superclass code

OOPSLA '00: Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications

ABSTRACT

References

Cited By

Index Terms

Recommendations

Safely creating correct subclasses without seeing superclass code

Safely creating correct subclasses without seeing superclass code

JML (poster session): notations and tools supporting detailed design in Java