Page History

The C Standard, Section subclause 7.2.1.1 [ISO/IEC 9899:2011], defines assert() to have the following behavior:

...

Because assert() calls abort(), cleanup functions registered with atexit() are not called. If the intention of the programmer is to properly clean up in the case of a failed assertion, then runtime assertions should be replaced with static assertions where possible. (See DCL03-C. Use a static assertion to test the value of a constant expression.) When the assertion is based on runtime data, the assert should be replaced with a runtime check that implements the adopted error strategy . (See see ERR00-C. Adopt and implement a consistent and comprehensive error-handling policy).)

See ERR04-C. Choose an appropriate termination strategy for more information on program termination strategies and MSC11-C. Incorporate diagnostic tests using assertions for more information on using the assert() macro.

...

This noncompliant code example defines a function that is called before the program exits to clean up.:

Code Block

bgColor	#ffcccc
lang	c

void cleanup(void) {
  /* Delete temporary files, restore consistent state, etc. */
}

int main(void) {
  if (atexit(cleanup) != 0) {
    /* Handle error */
  }

  /* ... */

  assert(/* somethingSomething bad didn't happen */);

  /* ... */
}

...

In this compliant solution, the call to assert() is replaced with an if statement that calls exit() to ensure that the proper termination routines are run.:

Code Block

bgColor	#ccccff
lang	c

void cleanup(void) {
  /* deleteDelete temporary files, restore consistent state, etc. */
}

int main(void) {
  if (atexit(cleanup) != 0) {
    /* Handle error */
  }

  /* ... */

  if (/* somethingSomething bad happened */) {
    exit(EXIT_FAILURE);
  }

  /* ... */
}

...

Unsafe use of abort() may leave files written in an inconsistent state. It may also leave sensitive temporary files on the file system.