Discern: Towards the Automatic Discovery of Software Contracts

Design by contract is a practical methodology for evolving code together with its specification; it helps prevent many errors, and catch others close to their sources. Unfortunately, writing (and maintaining) contracts requires a non-trivial investment of time and effort. We are developing a tool, called Discern, to statically analyze existing programs and discover draft contracts for them. Discern works by propagating weakest preconditions and strongest postconditions through the code. Known pre- and postconditions of operations used in the code help refine the contract; conversely, new assertions discovered can be propagated to clients of the method being analyzed. As usual, loops make the analysis difficult; heuristics are used to recognize the most common loop forms and extract useful information about them. Discern uses a library containing specifications of the most-used language libraries. With the manual addition of one postcondition and tagging of 3 assertions as invariants, Discern computed the correct preconditions for all but one method of Java´s Vector class, and similar results were obtained for StringBuffer