User assertion

assert statement fails

expand all in page

Description

This check determines whether the argument to an assert macro is true.

The argument to the assert macro must be true when the macro executes. Otherwise the program aborts and prints an error message. Polyspace® models this behavior by treating a failed assert statement as a run-time error. This check allows you to detect failed assert statements before program execution.

Examples

expand all

#include<stdio.h>
#define size 20

int getArrayElement();

void initialize(int* array) {
 for(int i=0;i<size;i++)
   array[i] = getArrayElement();
} 

void printElement(int* array,int index) {
 assert(index < size);
 printf("%d", array[index]);
}

int getIndex() {
 int i = size;
 return i;
}

void main() {
 int array[size];
 int index; 
 
 initialize(array);
 index = getIndex();
 printElement(array,index);
 
}

In this example, the assert statement in printElement causes program abort if index >= size. The assert statement makes sure that the array index is not outside array bounds. If the code does not contain exceptional situations, the assert statement must be green. In this example, getIndex returns an index equal to size. Therefore the assert statement appears red.

Correction — Correct cause of assert failure

When an assert statement is red, investigate the cause of the exceptional situation. In this example, one possible correction is to force getIndex to return an index equal to size-1.

#include<stdio.h>
#define size 20

int getArrayElement();

void initialize(int* array) {
 for(int i=0;i<size;i++)
  array[i] = getArrayElement();
} 

void printElement(int* array,int index) {
 assert(index < size);
 printf("%d", array[index]);
}

int getIndex() {
 int i = size;
 return (i-1);
}

void main() {
 int array[size];
 int index;
 
 initialize(array);
 index = getIndex();
 printElement(array,index);
 
}
#include <stdlib.h>

void initialize(int*);
int getNumberOfElements();

void main() {
 int numberOfElements, *myArray;
 
 numberOfElements = getNumberOfElements();
 
 myArray = (int*)malloc(numberOfElements);
 assert(myArray!=NULL);
 
 initialize(myArray);
}

In this example, malloc can return NULL to myArray. Therefore, myArray can have two possible values:

  • myArray == NULL: The assert condition is false.

  • myArray != NULL: The assert condition is true.

Combining these two cases, the User assertion check on the assert statement is orange. After the orange assert, Polyspace considers that myArray is not equal to NULL.

Correction — Check return value for NULL

One possible correction is to write a customized function myMalloc where you always check the return value of malloc for NULL.

#include <stdio.h>
#include <stdlib.h>

void initialize(int*);
int getNumberOfElements();

void myMalloc(int **ptr, int num) {
 *ptr = (int*)malloc(num);
 if(*ptr==NULL) {
    printf("Memory allocation error");
    exit(1);
  }
}

void main() {
 int numberOfElements, *myArray=NULL;
 
 numberOfElements = getNumberOfElements();
 
 myMalloc(&myArray,numberOfElements);
 assert(myArray!=NULL);
 
 initialize(myArray);
}
#include<stdio.h>
#include<math.h>

float getNumber();
void squareRootOfDifference(float firstNumber, float secondNumber) {
   assert(firstNumber > secondNumber);
   if(firstNumber > 0 && secondNumber > 0)
   printf("Square root = %.2f",sqrt(firstNumber-secondNumber));
}

void main() {
   double firstNumber = getNumber(), secondNumber = getNumber();
   squareRootOfDifference(firstNumber,secondNumber);
}

In this example, the assert statement in squareRootOfDifference() causes program abort if firstNumber is less than secondNumber. Because Polyspace does not have enough information about firstNumber and secondNumber, the assert is orange.

Following the assert, all execution paths that cause assertion failure terminate. Therefore, following the assert, Polyspace considers that firstNumber >= secondNumber. The Invalid use of standard library routine check on sqrt is green.

Use assert statements to help Polyspace determine:

  • Relationships between variables

  • Constraints on variable ranges

Check Information

Group: Other
Language: C | C++
Acronym: ASRT

See Also

Topics