Affiliation:
1. Microsoft Research, Redmond, WA, USA
Abstract
Contracts are a simple yet very powerful form of specification. They consists of method preconditions and post-conditions, of object invariants, and of assertions and loop invariants. Ideally, the programmer will annotate all of her code with contracts which are mechanically checked by some static analysis tool. In practice, programmers only write few contracts, mainly preconditions and some object invariants. The reason for that is that other contracts are "clear from the code": Programmers do not like to repeat themselves. As a consequence, any usable static verification tool should provide some form of contract inference.
Publisher
Association for Computing Machinery (ACM)