alt Hacker NewsThe way I reason about it is that the contracts are more soft conditions that you expect to not really reach. If something always has to be true, even on not-safe mode, you use "actual" code inside the function/macro to check that condition and fail in the desired way.
Replies
cwillu • last Saturday at 7:21 PM
“However, violating either pre- or post-conditions is unspecified behaviour, and a compiler may optimize code as if they are always true – even if a potential bug may cause them to be violated”
This implies that a compiler would be permitted to remove precisely that actual code that checks the condition in non-safe mode.
Seems like a deliberately introduced footgun.
➕ show 1 reply
>The way I reason about it is that the contracts are more soft conditions that you expect to not really reach
What's the difference from an assert then?