HowTo|
HowTo |
Make Assertions in C | Prof. Bartenstein |
Assertions are specifications of programming "truths"; at least assumptions that we assume are true. Assertions allow the software to check to make sure our assumptions hold. After an assertion, We can assume that our assumptions are true, and we don't need to add lots of extra checking and special case handling for cases when the assumptions are not true.
An assertion is a boolean expression in C that is expected to be true. If the assertion is false, the C infrastructure will abort the program and print some limited debug information that may make sense to a programmer, but will not be useful for an end user.
Since failed assertions are not end-user friendly, assertions should be used to check for bugs inserted by programmers, and not for end-user errors. For example, a utility function that may be called from a higher level function may want to assert that a specific parameter is greater than zero. However, if a user is prompted for a number that is expected to be greater than zero and it is not, an assertion should not be used. In this case, it's better to write a meaningful message to the end user like "You enterred the negative number, -42. Please enter a positive number.", and then re-prompt for a new value.
Assertions are provided in C code using the standard C library. In order to use assertions, we need to include the required standard library header, and then invoke the assert function.
To use assertions in a C file, include the following header at the top of the file:
#include <assert.h>
Invoke the assert function in your code at the location where you want an assertion checked. The assert function is a C standard library function that takes a single argument: a boolean expression that evaluates to either true or false. (In C, zero is false, and anything non-zero is true.) The assert function returns "void" or nothing, so there is no need to deal with a return value.
When the assert function is invoked, the infrastructure checks the argument. If the argument is true, nothing happens -- the assert function simply returns. If the argument is false, assert aborts the program and prints a message to standard error that cotnains the program name, the C file name and line number, the function name, and the argument code. For example, a failed assertion might print something like:
myProg: myFile.c:47: areaFunc: Assertion `width>0` failed.
If the assertion failed, the program aborts so no code after the assert statement will be executed.
After an assertion, it is valid to assume the assertion was true. If the assertion was false, the program would have aborted.
Assertions often take very little compute time to be evaluated, but in cases where performance is critical, and in which the software has been carefully tested, checking assertions can be redundant and hurt performance. Therefore, when working on well tested production code, there is a mechanism to ignore the assert function. If the NDEBUG pre-processor variable is defined when assert.h is included, then the assert function will not generate any code. When compiling, use the gcc flag -DNDEBUG to define the NDEBUG pre-processor variable and disable assertion checking.
For academic coding, we will not be able to detect any performance degradation because of asserts, so there is no reason to turn off assertions.