...
Conforming implementation cans can deal with undefined behavior in a variety of fashions, from ignoring the situation completely with unpredictable results, to behaving during translation translating or executing the program execution in a documented manner characteristic of the environment (with or without the issuance of a diagnostic message), to terminating a translation or execution (with the issuance of a diagnostic message). Because compilers are not obligated to generate code for undefined behavior, these behaviors are ripe candidates for optimization. By assuming that undefined behaviors will not occur, compilers can generate code with better performance characteristics.
Unfortunately, undefined behaviors can do occur, particularly in the presence of an an attacker, making . Optimizations make it more difficult to determine how these systems will behave in the presence of undefined behaviors. This is particularly true when examining the visually inspecting source code, because if the code relies on undefined behaviors, a code reviewer cannot be certain if the code will be compiled or if it will be compiled optimized out. Furthermore, just because a compiler currently generates objects code for an undefined behavior, does not mean that future versions of the compiler are obligated to do the same; and this behavior may eventually be viewed as an opportunity for further optimization. Compilers are also not required to issue diagnostics for undefined behavior, so this code could simply be compiled outthere is frequently no easy way to identify undefined behavior in code.
All of this puts the onerous onus on the programmer to write conforming applications, with or without the help of the compiler. Because performance is a primary emphasis of the C language, this situation is likely to get worse before it gets better.
...