Code Contracts rewriter misuse detection

[sharwell]

Diagnostic

Certain methods of the Contract class only behave properly when the code contracts rewriter is enabled during project builds. The simplest way to identify that the rewriter is considered is to check the following build property:

<CodeContractsAssemblyMode>1</CodeContractsAssemblyMode>

The proposed analyzer would operate when the rewriter is disabled, and locate uses of the problematic methods. The following methods are always a problem when the rewriter is disabled.

• Contract.Requires<TException>

In addition, the following methods are a problem only when the CONTRACTS_FULL is defined during the build.

• Contract.Ensures
• Contract.EnsuresOnThrow
• Contract.Invariant
• Contract.Requires

Code Fix

A code fix probably only needs to be implemented for uses of Contract.Requires<TException>. However, implementing the code fix methods is somewhat complicated, because the rewriter automatically adds verification code not only at the location of the call to Requires<TException>, but also in any method which overrides or implements the method containing that call. The following case is the most common usage:

Contract.Requires<ArgumentNullException>(arg != null, "arg");

This would get translated to the following code, and added to all relevant places:

if (!(arg != null))
    throw new ArgumentNullException("arg");