Assertion (software development): Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 17:51, 23 May 2022 edit AdaHephais (talk \| contribs) Extended confirmed users 2,549 edits Internal link Tags: Visual edit Mobile edit Mobile web edit ← Previous edit		Latest revision as of 10:45, 6 August 2025 edit undo LucasBrown (talk \| contribs) Extended confirmed users 61,991 edits Changing short description from "In computer programming, statement that a predicate is always true at that point in code execution" to "Statement that a predicate is always true at that point in code execution" Tag: Shortdesc helper
(14 intermediate revisions by 12 users not shown)
Line 1: {{~~short~~Short description\|~~In computer programming, statement~~Statement that a predicate is always true at that point in code execution}} {{About\|the computer programming concept\|assertions in the context of the [[Security Assertion Markup Language]] (SAML) open standard\|Security Assertion Markup Language#Assertions}} Line 9: The following code contains two assertions, <code>x > 0</code> and <code>x > 1</code>, and they are indeed true at the indicated points during execution: <syntaxhighlight lang="cjava"> x = 1; assert x > 0; Line 18: Programmers can use assertions to help specify programs and to reason about program correctness. For example, a [[precondition]]—an assertion placed at the beginning of a section of code—determines the set of states under which the programmer expects the code to execute. A [[postcondition]]—placed at the end—describes the expected state at the end of execution. For example: <code>x > 0 { x++ } x > 1</code>. The example above uses the notation for including assertions used by [[C. A. R. Hoare]] in his 1969 article.<ref>[[C. A. R. Hoare]], [http://lambda-the-ultimate.org/node/1912 An axiomatic basis for computer programming], ''[[Communications of the ACM]]'', 1969.</ref> That notation cannot be used in existing mainstream programming languages. However, programmers can include unchecked assertions using the [[Comment (computer programming)\|comment feature]] of their programming language. For example, in [[C ~~(programming language)\|C~~++]]: <syntaxhighlight lang="Cc"> x = 5; x = x + 1; Line 30: [[Library (computing)\|Libraries]] may provide assertion features as well. For example, in C using [[glibc]] with C99 support: <syntaxhighlight lang="Cc"> #include <assert.h> Line 60: <syntaxhighlight lang="java"> int total = countNumberOfUsers(); if (total % 2 == 0) { // total is even } else { // total is odd and non-negative assert total % 2 == 1; } </syntaxhighlight> Line 122: Most languages allow assertions to be enabled or disabled globally, and sometimes independently. Assertions are often enabled during development and disabled during final testing and on release to the customer. Not checking assertions avoids the cost of evaluating the assertions while (assuming the assertions are free of [[Side-effect (computer science)\|side effects]]) still producing the same result under normal conditions. Under abnormal conditions, disabling assertion checking can mean that a program that would have aborted will continue to run. This is sometimes preferable. Some languages, including [[C (programming language)\|C]], [[ZPE_Programming_Environment\|YASS]] and [[C++]], can completely remove assertions at compile time using the [[preprocessor]]. Similarly, launching the [[Python (programming language)\|Python]] interpreter with "{{Mono\|-O}}" (for "optimize") as an argument will cause the Python code generator to not emit any bytecode for asserts.<ref>[https://docs.python.org/3/reference/simple_stmts.html#grammar-token-assert-stmt Official Python Docs, ''assert statement'']</ref> Java requires an option to be passed to the run-time engine in order to ''enable'' assertions. Absent the option, assertions are bypassed, but they always remain in the code unless optimised away by a [[Just-in-time compilation\|JIT compiler]] at run-time or [[dead_code_elimination\|excluded at compile time]] via the programmer manually placing each assertion behind an <code>if (false)</code> clause. Programmers can build checks into their code that are always active by bypassing or manipulating the language's normal assertion-checking mechanisms. Line 132: == Comparison with error handling == Assertions are distinct from routine [[Exception handling\|error-handling]]. Assertions document logically impossible situations and discover programming errors: if the impossible occurs, then something fundamental is clearly wrong with the program. This is distinct from error handling: most error conditions are possible, although some may be extremely unlikely to occur in practice. Using assertions as a general-purpose error handling mechanism is unwise: assertions do not allow for recovery from errors; an assertion failure will normally halt the program's execution abruptly; and assertions are often disabled in production code. Assertions also do not display a user-friendly error message. Consider the following example of using an assertion to handle an error: <syntaxhighlight lang="c"> int ptr = malloc(sizeof(int) 10); assert(ptr); // use ptr ... </syntaxhighlight> Line 150: <syntaxhighlight lang="c"> int ptr; // Statement below fails if malloc() returns NULL, // but is not executed at all when compiling with -NDEBUG! assert(ptr = malloc(sizeof(int) 10)); // use ptr: ptr isn't initialised when compiling with -NDEBUG! ... </syntaxhighlight> Line 163: == History == In 1947 reports by [[John von Neumann\|von Neumann]] and [[Herman Goldstine\|Goldstine]]<ref>Goldstine and von Neumann. [https://library.ias.edu/files/pdfs/ecp/planningcodingof0103inst.pdf"Planning and Coding of problems for an Electronic Computing Instrument"] {{Webarchive\|url=https://web.archive.org/web/20181112230722/https://library.ias.edu/files/pdfs/ecp/planningcodingof0103inst.pdf \|date=2018-11-12 }}. Part II, Volume I, 1 April 1947, p. 12.</ref> on their design for the [[IAS machine]], they described algorithms using an early version of [[Flowchart\|flow charts]], in which they included assertions: "It may be true, that whenever C actually reaches a certain point in the flow diagram, one or more bound variables will necessarily possess certain specified values, or possess certain properties, or satisfy certain properties with each other. Furthermore, we may, at such a point, indicate the validity of these limitations. For this reason we will denote each area in which the validity of such limitations is being asserted, by a special box, which we call an assertion box." The assertional method for proving correctness of programs was advocated by [[Alan Turing]]. In a talk "Checking a Large Routine" at Cambridge, June 24, 1949 Turing suggested: "How can one check a large routine in the sense of making sure that it's right? In order that the man who checks may not have too difficult a task, the programmer should make a number of definite ''assertions'' which can be checked individually, and from which the correctness of the whole program easily follows".<ref>Alan Turing. [~~http~~https://~~www.~~turingarchive.~~org~~kings.cam.ac.uk/~~viewer~~publications-lectures-and-talks-amtb/~~?id=462&title=01~~amt-b-8 Checking a Large Routine], 1949; quoted in C. A. R. Hoare, "The Emperor's Old Clothes", 1980 Turing Award lecture.</ref> == See also == Line 183: * ''[http://discovery.ucl.ac.uk/4991/1/4991.pdf A historical perspective on runtime assertion checking in software development]'' by Lori A. Clarke, David S. Rosenblum in: ACM SIGSOFT Software Engineering Notes 31(3):25-37, 2006 * ''[~~http~~https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1203056 Assertions: a personal perspective]'' by C.A.R. Hoare in: IEEE Annals of the History of Computing, Volume: 25, Issue: 2 (2003), Page(s): ~~14 - 25~~14–25 * ''[http://queue.acm.org/detail.cfm?id=2220317 My Compiler Does Not Understand Me]'' by Poul-Henning Kamp in: ACM Queue 10(5), May 2012 * ''[https://blog.regehr.org/archives/1091 Use of Assertions]'' by John Regehr