Thomas Habets on the Impossibility of Valid C

The Pitch

Thomas Habets argues that the C programming language is fundamentally invalid because its formal specification defines almost every complex operation as Undefined Behavior (UB). This has triggered significant debate on Hacker News, as developers grapple with the reality that writing "formally correct" C is nearly impossible under modern standards.

Under the Hood

The ISO C23 standard (ISO/IEC 9899:2024) has tightened restrictions, turning previously common patterns like realloc(ptr, 0) into formal Undefined Behavior (source: i-programmer.info). This shift means legacy codebases migrating to C23 or the upcoming C2y face silent failures as compilers become more aggressive.

Unaligned pointer casting is now classified as UB even if no memory access occurs, a nuance often missed by developers relying on older C11 or C17 assumptions (source: HN). Furthermore, volatile reads are classified as side effects under section 5.1.2.4.1, leading to surprising UB in unsequenced expressions (source: HN).

Modern compilers like GCC 16 and Clang 22 leverage these UB definitions for extreme optimizations. These optimizations can "erase" safety checks that were perfectly functional in older environments, creating a widening gap between "what works on my machine" and "valid C" (UsedBy Dossier).

Current reasoning-based tools like Claude 4.5 Opus and GPT-5 have shifted the security landscape by identifying these deep UB bugs that traditional static analyzers miss (source: devops.com). Companies like Notion, DuckDuckGo, and Quora currently use the Claude Code Security suite to audit these specific scenarios.
See Claude profile

We don't know yet how the WG14 committee will respond to the Habets article. Additionally, a comprehensive benchmark comparing Claude 4.5 Opus and GPT-5 performance on the "TrapC" memory-safe fork analysis is not yet public (UsedBy Dossier).

Marcus's Take

Habets is technically correct, but his conclusion is predictably sensationalist for a Google engineer. Production systems have never survived on pure ISO-compliant C; they survive on implementation-defined behavior and specific GCC/Clang flags that override the standard's more pedantic traps. If you are starting a new project in 2026 and still choosing C over a memory-safe alternative, you are essentially signing a contract to spend your weekends debugging pointer provenance.

Ship clean code,
Marcus.