Author(s)
Last week, I was at the FOSDEM conference. FOSDEM is specific in that it has multiple rooms, each dedicated to a different theme and organized by a team. I had two talks:
- Practical Introduction to OpenTelemetry Tracing, in the Monitoring and Observability devroom
- What I miss in Java, the perspective of a Kotlin developer, in the Friends of OpenJDK devroom
The second talk is from an earlier post. Martin Bonnin did a tweet from a single slide, and it created quite a stir, even attracting Brian Goetz.
In this post, I'd like to expand on the problem of nullability and how it's solved in Kotlin and Java and add my comments to the Twitter thread.
Nullability
I guess that everybody in software development with more than a couple of years of experience has heard the following quote:
I call it my billion-dollar mistake. It was the invention of the null reference in 1965. At that time, I was designing the first comprehensive type system for references in an object oriented language (ALGOL W). My goal was to ensure that all use of references should be absolutely safe, with checking performed automatically by the compiler. But I couldn't resist the temptation to put in a null reference, simply because it was so easy to implement. This has led to innumerable errors, vulnerabilities, and system crashes, which have probably caused a billion dollars of pain and damage in the last forty years.
-- Tony Hoare
The basic idea behind null is that one can define an uninitialized variable. If one calls a member of such a variable, the runtime locates the memory address of the variable... and fails to dereference it because there's nothing behind it.
Null values are found in many programming languages under different names:
- Python has
None - JavaScript has
null - So do Java, Scala, and Kotlin
- Ruby has
nil - etc.
Some languages do not allow uninitialized values, such as Rust.
Null-safety in Kotlin
As I mentioned, Kotlin does allow null values. However, they are baked into the type system. In Kotlin, every type X has two indeed two types:
X, which is non-nullable. No variable of typeXcan benull. The compiler guarantees it.val str: String = nullThe code above won't compile.
X?, which is nullable.val str: String? = nullThe code above does compile.
If Kotlin allows null values, why do its proponents tout its null safety? The compiler refuses to call members on possible null values, i.e., nullable types.
val str: String? = getNullableString() val int: Int? = str.toIntOrNull() //1
- Doesn't compile
The way to fix the above code is to check whether the variable is null before calling its members:
val str: String? = getNullableString()
val int: Int? = if (str == null) null
else str.toIntOrNull()
The above approach is pretty boilerplate-y, so Kotlin offers the null-safe operator to achieve the same:
val str: String? = getNullableString() val int: Int? = str?.toIntOrNull()
Null-safety in Java
Now that we have described how Kotlin manages null values, it's time to check how Java does it. First, there are neither non-nullable types nor null-safe operators in Java. Thus, every variable can potentially be null and should be considered so.
var MyString str = getMyString(); //1
var Integer anInt = null; //2
if (str != null) {
anInt = str.toIntOrNull();
}
Stringhas notoIntOrNull()method, so let's pretendMyStringis a wrapper type and delegates toString- A mutable reference is necessary
If you chain multiple calls, it's even worse as every return value can potentially be null. To be on the safe side, we need to check whether the result of each method call is null. The following snippet may throw a NullPointerException:
var baz = getFoo().getBar().getBaz();
Here's the fixed but much more verbose version:
var foo = getFoo();
var bar = null;
var baz = null;
if (foo != null) {
bar = foo.getBar();
if (bar != null) {
baz = bar.getBaz();
}
}
For this reason, Java 8 introduced the Optional type. Optional is a wrapper around a possibly null value. Other languages call it Maybe, Option, etc.
Java language's designers advise that a method returns:
- Type
XifXcannot benull - Type
OptionalifXcan benull
If we change the return type of all the above methods to Optional, we can rewrite the code in a null-safe way - and get immutability on top:
final var baz = getFoo().flatMap(Foo::getBar)
.flatMap(Bar::getBaz)
.orElse(null);
My main argument regarding this approach is that the Optional itself could be null. The language doesn't guarantee that it's not. Also, it's not advised to use Optional for method input parameters.
To cope with this, annotation-based libraries have popped up:
| Project | Package | Non-null annotation | Nullable annotation |
|---|---|---|---|
| JSR 305 | javax.annotation |
@Nonnull |
@Nullable |
| Spring | org.springframework.lang |
@NonNull |
@Nullable |
| JetBrains | org.jetbrains.annotations |
@NotNull |
@Nullable |
| Findbugs | edu.umd.cs.findbugs.annotations |
@NonNull |
@Nullable |
| Eclipse | org.eclipse.jdt.annotation |
@NonNull |
@Nullable |
| Checker framework | org.checkerframework.checker.nullness.qual |
@NonNull |
@Nullable |
| JSpecify | org.jspecify |
@NonNull |
@Nullable |
| Lombok | org.checkerframework.checker.nullness.qual |
@NonNull |
- |
However, different libraries work in different ways:
- Spring produces WARNING messages at compile-time
- FindBugs requires a dedicated execution
- Lombok generates code that adds a null check but throws a
NullPointerExceptionif it'snullanyway - etc.
Thanks to Sébastien Deleuze for mentioning JSpecify, which I didn't know previously. It's an industry-wide effort to deal with the current mess. Of course, the famous XKCD comic immediately comes to mind:
I still hope it will work out!
Conclusion
Java was incepted when null-safety was not a big concern. Hence, NullPointerException occurrences are common. The only safe solution is to wrap every method call in a null check. It works, but it's boilerplate-y and makes the code harder to read.
Multiple alternatives are available, but they have issues: they aren't bulletproof, compete with each other, and work very differently.
Developers praise Kotlin for its null-safety: it's the result of its null-handling mechanism baked into the language design. Java will never be able to compete with Kotlin in this regard, as Java language architects value backward compatibility over code safety. It's their decision, and it's probably a good one when one remembers the pain of migration from Python 2 to Python 3. However, as a developer, it makes Kotlin a much more attractive option than Java to me.
To go further:
Originally published at A Java Geek on February 12th, 2023
-
Much Ado About Nothing in Java
Occasionally something in Java pops up that I thought I knew about, but it turns out I didn’t appreciate all the subtle details.
This was recently the case for “nul”. Before I started using Java, the main programming language I used was C. This was great for things like operating systems and device drivers because it uses explicit pointers. References to data are through a numerical address that can be manipulated if required.
Although null might seem like a simple, straightforward concept, there are some edge cases that make its use require a little more thought. I hope this provides you with a better understanding of nothing (null).
Read More -
Handling Null: Optional and Nullable Types
Java is infamous for its NullPointerException: calling a method or accessing an attribute of an object that has not been initialized.
Read More -
Avoiding NullPointerException
The terrible NullPointerException (NPE for short) is the most frequent Java exception occurring in production, according to a 2016 study. In this article we’ll explore the main techniques to fight it: the self-validating model and the Optional wrapper.
You should consider upgrading your entity model to either reject a null via self-validation or present the nullable field via a getter that returns Optional. The effort of changing the getters of the core entities in your app is considerable, but along the way, you may find many dormant NPEs.
Read More
Author(s)
You should check out Nullaway, it checks the nullability in compile-time
https://github.com/uber/NullAway