Bad Code:

undefined— The behavior for something incorrect, on which the standard does not impose any
requirements. Anything is allowed to happen, from nothing, to a warning message to program
termination, to CPU meltdown, to launching nuclear missiles (assuming you have the correct
hardware option installed).

Example: what happens when a signed integer overflows.

a constraint— This is a restriction or requirement that must be obeyed. If you don't, your program
behavior becomes undefined in the sense above. Now here's an amazing thing: it's easy to tell if
something is a constraint or not, because each topic in the standard has a subparagraph labelled
"Constraints" that lists them all. Now here's an even more amazing thing: the standard specifies [5] that
compilers only have to produce error messages for violations of syntax and constraints! This means
that any semantic rule that's not in a constraints subsection can be broken, and since the behavior is
undefined, the compiler is free to do anything and doesn't even have to warn you about it!

[5] In paragraph 5.1.1.3, "Diagnostics", if you must know. Being a language standard, it doesn't say

something simple like you've got to flag at least one error in an incorrect program. It says something grander
that looks like it was drawn up by a team of corporate lawyers being paid by the word, namely, a conforming
implementation shall [*] produce at least one diagnostic message (identified in an implementation-dependent
manner) for every translation unit that contains a violation of any syntax rule or constraint. Diagnostic
messages need not be produced in other circumstances.

[*] Useful rule from Brian Scearce [ ] —if you hear a programmer say "shall" he or she is quoting from a

standard.

[ ] Inventor of the nested footnote.

Example: the operands of the % operator must have integral type. So using a non-integral type with %

must cause a diagnostic.

Example of a rule that is not a constraint: all identifiers declared in the C standard header files are

reserved for the implementation, so you may not declare a function called malloc() because a

standard header file already has a function of that name. But since this is not a constraint, the rule can
be broken, and the compiler doesn't have to warn you! More about this in the section on
"interpositioning" in Chapter 5.

Software Dogma

Undefined Behavior Causes CPU Meltdown in IBM PC's!

The suggestion of undefined software behavior causing CPU meltdown isn't as farfetched as
it first appears.