Manuel Fähndrich and K. Rustan M. Leino
Distinguishing non-null references from possibly-null references at the type level can detect null-related errors in objectoriented programs at compile-time. This paper gives a proposal for retrofitting a language such as C or Java with non-null types. It addresses the central complications that arise in constructors, where declared non-null fields may not yet have been initialized, but the partially constructed object is already accessible. The paper reports experience with an implementation for annotating and checking null-related properties in C programs.
In Proceedings of the 2003 ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2003