A 30-year C/C++ veteran argues that all nontrivial C/C++ code contains undefined behavior, cataloging cases from unaligned pointers to float-to-int casts.
Key Takeaways
UB is not an optimizer trick: the compiler assumes UB cannot occur, so affected code has no defined meaning even at -O0.
Unaligned pointer creation is itself UB before any dereference; casting uint8_t* to int* on a misaligned address triggers it immediately.
isxdigit(char) is UB on platforms where char is signed and the value exceeds 127, potentially indexing arbitrary memory.
Float-to-int conversion requires six guards (isfinite, range clamps, post-cast check) to avoid UB; naive multiply-and-cast is wrong.
memset(&ptr, 0, sizeof(ptr)) does not guarantee a NULL pointer; the C abstract machine does not equate address zero with NULL.
Hacker News Comment Review
Commenters split on article quality: several noted the examples are conditional UB dependent on input, not unconditional, making the framing feel overstated.
The author confirmed unaligned pointer creation (not just dereference) is UB, covered in the “Actually, it was UB even before that” section, and that hardware crash examples address readers who claim “it works in practice.”
A recurring counterpoint: modern idiomatic C++ avoids raw pointers and direct casts; the article’s examples are code smells, not representative of contemporary practice.
Notable Comments
@muvlon: Demonstrates that reading a volatile int twice in one printf call is UB due to unsequenced side effects per 5.1.2.4.1 and 6.5.1.2, a case the article omits.
@matheusmoreira: Notes compilers already know how to emit correct unaligned or type-punned code when told (packed structs, union punning); the standard just withholds permission.
