Can we PLEASE stop saying shit like "doing whatever is UB and makes the compiler free to replace your code with `rm -rf`"
until somebody puts system() calls in the LLVM replacement engine, this is just lazy trite garbage
Conversation
Replying to
You're catching a lot of twitter flak for this, but you're right. There is ~zero chance that UB will lead to wiping your hard drive unless exploited by an attacker.
The correct phrasing is "You should care about UB because it raises the chance that an attacker can exploit it."
1
1
> unless exploited by an attacker
This is an enormous caveat, and it's also definitely not the only reason that you should care about it. If you want to write software that's reliable and safe, undefined behavior is a huge problem even without considering security.
1
9
Depends how you define “problem”.
The issue is that a vocal minority of programmers see UB code as a problem. while(1); is UB before C11, but it was never a problem, except to compiler authors.
After all, how would you make a thread loop forever without calling abort()?
2
That was never undefined behavior and still isn't undefined behavior. C11 makes a change to how infinite loops work but it doesn't make them undefined behavior and it doesn't impact the loop you gave as an example. It's a change, and it isn't one directly based on UB.