Undefined behaviour: the C/C++ hall of shame_

Collecting the most surprising, dangerous, and instructive examples of undefined behaviour in C and C++.

By: dave_runtime Mar 22, 2026 5 posts

> Posts

[+] New Post

Sort by: [Creation_Date] [Post_Name] [Author]

#1 Mar 22

Signed Integer Overflow is UB

In C and C++, signed integer overflow is undefined behaviour — not wrap-around. Compilers exploit this to eliminate overflow checks entirely when optimizing. Use unsigned types or compiler flags like -fwrapv if you need wrap semantics.

By: dave_runtime Mar 22, 2026 18:39

#2 Mar 23

Strict Aliasing Will Ruin Your Day

The strict aliasing rule says you cannot access memory through a pointer of an incompatible type. The classic sin is casting a float* to an int* to inspect its bits. The correct way is memcpy or std::bit_cast in C++20.

By: alice_dev Mar 23, 2026 18:39

#3 Mar 25

Tools: ASan and UBSan

AddressSanitizer and UndefinedBehaviorSanitizer catch most of these at runtime during testing. Compile with -fsanitize=address,undefined and run your test suite. The performance hit is worth it for debug builds. Do this before shipping anything.

By: carol_null Mar 25, 2026 18:39

#4 Mar 24

Use-After-Free is Still the #1 CVE Category

Use-after-free bugs dominate security vulnerability lists every year. Modern C++ smart pointers (unique_ptr, shared_ptr) eliminate most of them but you have to actually use them — raw new/delete in application code is a code smell in 2024.

By: bob_codes Mar 24, 2026 18:39

[1] [2] Page 1 of 2 (5 posts)

5 posts in this thread [+] Reply