Gradually the writers of optimizing compilers have leaned so hard on the implementation-defined and undefined behaviors that, while far from useless, C and C++ have become non-portable and dangerously insecure, as well as often very surprising to the point that the US government arguing against using them.

-rob


On Mon, Sep 30, 2024 at 2:56 AM Douglas McIlroy <douglas.mcilroy@dartmouth.edu> wrote:
>>> malloc(0) isn't undefined behaviour but implementation defined.
>>
>> In modern C there is no difference between those two concepts.

> Can you explain more about your view 

There certainly is a difference, but in this case the practical implications are the same: avoid malloc(0). malloc(0) lies at the high end of a range of severity of concerns about implementation-definedness. At the low end are things like the size of ints, which only affects applications that may confront very large numbers. In the middle is the default signedness of chars, which generally may be mitigated by explicit type declarations.

For the size of ints, C offers guardrails like INT_MAX. There is no test to discern what an error return from malloc(0) means.

Is there any other C construct that implementation-definedness renders useless?

Doug