Software quality with Code Contracts and PEXSorin DAMIAN

ContractsDesign by Contract ™ Code contracts and runtime checking (Foxtrot)

Static verification (Clousot)DocumentationAutomated unit testing (PEX)

Design by contractDescribed in articles since 1986Around since the Eiffel language

Bertand MeyerAnalogy with business contractsContracts

Preconditions (What does the method expect?)

Postconditions (What does it guarantee?) Invariants (What does it maintain?)

Microsoft Code Contracts LibraryMicrosoft Research

Code contracts and runtime checking (Foxtrot)Static checker (Clousot)

Available for .NET 2.0 as an external assembly

Included in .NET 4.0Integration with Visual Studio 2008/2010Available in all .NET programming languages

Microsoft Code Contracts ToolsRuntime checking

ccrewrite.exeStatic program verification

cccheck.exeDocumentation generation

ccdoc.exeAutomatic testing tools like PEX can take advantage of contracts

Expressing contractsRequirement and specification documents

Code commentsGuards / defensive programmingCodeContracts

Contract.Requires(arg != null);Contract.Ensures(Contract.Result<int>() > 0);

Contract.Invariant(this.Total > 0);AssertionsAssumptions

Code Contracts Contracts vs. Validation Handling legacy code Pre and post conditions Documentation Handling contract failures

Contract violation events Assert on contract failure

Contracts on interfaces and base classes Contracts inheritance Adding contracts to external libraries

Contract reference assemblies Using a baseline for large projects

Demousing System.Diagnostics.Contracts;

Code ContractsPreconditionsLegacy contractsPost conditionsInvariantsSide effects and pure methods

DemoInterfaces and contracts inheritance

Known issues Build slowdown due to the assembly rewriter No mechanism to provide contracts on delegates Static checker doesn’t work with closures and yield

iterators You may get static checker errors for generated code No edit and continue support

Static verification Floyd-Hoare logic proposed in 1969

Sir Charles Antony Richard Hoare Design by Contract

Bertrand Meyer Spec#

Microsoft Research (credits go here..) Code contracts library in .NET Framework 4.0

Static verification Verification vs. Testing Abstract interpretation Working with existing projects

Pex Explorer

Pex Explorer Automated white box testing tool for .NET Parameterized unit tests Supports multiple frameworks Test cases for free!!!

Input• [runs the code +

monitors it]

Collects observed constraints• [picks a branch]

Builds constraints system to solve• [solve “Z3”]

Pex Explorer

Demo

Pex understands your code Pex does not guess

No random inputs No brute force

Pex analyzes Partitions inputs into equivalence classes One equivalence class per branching behavior Test inputs computed by Z3 (the constraint solver for program

analysis from Microsoft Research) Performs inter-procedural, path-sensitive analysis

Results: Small test suite with high test coverage (new test == new

branch in code)

Q&A

?

Thank You!And please fill the feedback forms

Links

http://research.microsoft.com/en-us/projects/contracts/

http://research.microsoft.com/en-us/projects/pex/ http://pexforfun.com/ http

://visualstudiogallery.msdn.microsoft.com/en-us/85f0aa38-a8a8-4811-8b86-e7f0b8d8c71b