Right, that makes sense. Perhaps it would be best to just leave sigint handling disabled inside julia code called by a cfunction so that people would have to opt for the unsafe behavior explicitly… as you say, the typical C code which is calling the typical cfunction won’t be longjmp safe. Is this feasible?