On Tue, 9 Sept 2025 at 18:58, Michael Matz <m...@suse.de> wrote: > So the fear is that the violation handler for the first contract is (to > the compiler) visibly no-op (side-effect-free), right? But then I have to > ask what the author of the contract intended with the in(p) constraint > when nothing is done when it fails? > > It would then be equivalent to just have written a single contract > in(*p > 5). What would prevent the segfault in that case?
For non-expert users, it's not a question of preventing the segfault, but trying to keep some sort of logging operation intact in the program, and not have that be optimized away, not even in the case of a subsequent segfault.
