CERT C: Rec. DCL03-C

Use a static assertion to test the value of a constant expression

Since R2026a

expand all in page

Description

Use a static assertion to test the value of a constant expression1

Polyspace Implementation

The rule checker checks for Use of assert() macro with a constant expression

Examples

expand all

Issue

This issue occurs when the run-time macro assert() is called with a compile-time constant expression. Polyspace® does not report a violation for these constant expression arguments:

  • The literal value false

  • The literal value false coupled to a string literal with the && operator

Risk

The use of the run-time assert() macro for error-checking has several drawbacks:

  • The assert() macro increases the run-time overhead of your code.

  • If the assert() expression fails, the failure occurs only at runtime and only if the code path containing the assertion is executed. Errors for compile-time constants are not reported at compile time.

  • The assert() macro can be disabled by using the NDEBUG flag or by other means. If the macro is disabled, your code bypasses checks using the assert() macro and can show unexpected behavior.

Fix

To fix this issue, use static assertions with compile-time constant expressions. Static assertions are available in C11 and later. For older version of C, consider using the directive #error in an appropriate preprocessor conditional statement for checking the value of compile-time constants.

Example

In this example, the run-time assert() macro checks the validity of the object MyStruct. The argument of this macro is a compile-time constant. Polyspace reports a violation.

#include <stdio.h>
#include <assert.h>

typedef unsigned int uint;
typedef unsigned char uchar;
// Define a structure with several members
struct MyStruct {
    uint a;
    uchar c;
};

void foo() {
    // Use assert() to check the size of the structure
    assert(sizeof(struct MyStruct) >     //Noncompliant
        (sizeof(uint) + sizeof(uchar)));  

    printf("Assertion passed.\n");
    //..
}

Correction (C11)

To fix this violation, replace the assert() macro with static_assert(), which is evaluated at compile time. The static_assert() macro is available in C11 and later.

#include <stdio.h>
#include <assert.h>

typedef unsigned int uint;
typedef unsigned char uchar;
// Define a structure with several members
struct MyStruct {
    uint a;
    uchar c;
};

void foo() {
    // Use assert() to check the size of the structure
    static_assert(sizeof(struct MyStruct) >     //Compliant
        (sizeof(uint) + sizeof(uchar)));  

    printf("Assertion passed.\n");
    //..
}

Check Information

Group: Rec. 02. Declarations and Initialization (DCL)
PQL Name: std.cert.DCL03_C

Version History

Introduced in R2026a

See Also

Topics

External Websites

1 This software has been created by MathWorks incorporating portions of: the “SEI CERT-C Website,” © 2017 Carnegie Mellon University, the SEI CERT-C++ Web site © 2017 Carnegie Mellon University, ”SEI CERT C Coding Standard – Rules for Developing safe, Reliable and Secure systems – 2016 Edition,” © 2016 Carnegie Mellon University, and “SEI CERT C++ Coding Standard – Rules for Developing safe, Reliable and Secure systems in C++ – 2016 Edition” © 2016 Carnegie Mellon University, with special permission from its Software Engineering Institute.

ANY MATERIAL OF CARNEGIE MELLON UNIVERSITY AND/OR ITS SOFTWARE ENGINEERING INSTITUTE CONTAINED HEREIN IS FURNISHED ON AN "AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.

This software and associated documentation has not been reviewed nor is it endorsed by Carnegie Mellon University or its Software Engineering Institute.