USING THE CODE CONTRACTS API FOR DESIGN-BY-CONTRACT

IN .NET

Melbourne Patterns Group Presentation

By Clarence Bakirtzidis (clarenceb@gmail.com)

Agenda Overview Using Code Contracts Main Features Runtime Contract Checking Static Contract Checking Demo(s) API Reference Summary Resources Questions

* DbC = Design-by-Contract2

Overview

What is the Code Contracts API?Library with Static Methods for DbCIt is a spin-off from the learnings of the

Spec# project Obtaining and Installing

Academic and Commercial Licenses Tools Provided Integration with Visual Studio

3

Overview

What is Design-by-Contract?Originated from EiffelPrecondition

○ Condition that is checked on entry to methodPostcondition

○ Condition that is checked on exit of methodInvariant (constrain state of objects)

○ Condition checked on exit of constructor and all public methods and properties

Static (Compile-time) and Runtime checking

4

Overview

Benefits of Code ContractsRuntime Checking and Improved TestabilityStatic VerificationAPI Documentation

○ Examples

5

Using Code Contracts .NET 4.0

Part of the Base Class Library (BCL)No additional references required

.NET 3.5 or earlierSeparate assembly Microsoft.Contracts.dllNeed to add reference to assembly in your projects

Contract classes contains in:System.Diagnostics.Contracts namespace

Code Snippets for Visual Studioe.g. ci [TAB][TAB] => Contract.Requires(…)

6

Using Code Contracts

Project Properties

Visual Studio Project Properties• Runtime Checking• Static Checking• Contract Reference Assembly

7

Main Features

Design-by-ContractRuntime CheckingStatic Checking

Contract InheritanceSupports Abstract Methods and Interfaces

Generate API documentationHooks into XML documentation and inserts

contract requirements (requires, ensures)

8

Runtime Contract Checking Configuration options

Level of checkingOnly public surface contractsCall-site requiresCustom rewriter methods

Assembly rewriting via ccrewrite.exeInserts code in project assemblies to

enforce contracts at runtime

9

Static Contract Checking

Configuration optionsNull valuesArray boundsArithmetic (div-by-zero)

BaselineSuppress existing warnings in code base

10

Demo(s)

11

Demo

API Reference Preconditions

Contract.Requires(…) EndContractBlock (“legacy-requires”)

Postconditions Contract.Ensures(…) Contract.Ensures<E>(…) Contract.EnsuresOnThrow<E>(…)

Prestate Values Contract.Result<T>() Contract.OldValue<T>(…)

Out Parameters Contract.ValueAtReturn<T>(…)

Invariants Contract.Invariant(…)

Attributes Pure ContractInvariantMethod ContractVerification ContractPublicPropertyName

Quantifiers Contract.ForAll Contract.Exists

Interfaces and Abstract Methods ContractClass ContractClassFor

Other Contract.Assert(…) Contract.Assume(…

) ContractException

12

Summary Code Contracts bring DbC to the .NET framework Provides static and runtime checking of:

PreconditionsPostconditionsObject invariants

Extends generated XML documentation Some known issues (still work in progress)

Build slowdown - will be addressed in futureClosures - static checking does not work for closuresEdit-Continue does not work with code contract rewriting onNo contracts allowed on delegatesNo contracts on iterators that use “yield” as IL the code

changed into different form (workaround exists for this)13

Code Contracts Summary

14

Resources

Code Contracts Projecthttp://research.microsoft.com/en-us/projects/

contracts/

MSDN Forumhttp

://social.msdn.microsoft.com/Forums/en-US/codecontracts/threads

Spec# Projecthttp://

research.microsoft.com/en-us/projects/specsharp

15

Questions

16