This study presents the first systematic quantification of C/C++ undefined behavior (UB) triggered by real user interactions in a typical Linux desktop environment. By integrating compiler-based sanitizers with automated task execution, stack trace analysis, and log collection, the authors conduct an empirical investigation across 59 common desktop tasks. Their findings reveal that UB occurs frequently and is heavily concentrated in critical components such as graphics libraries: merely logging into GNOME generates over 500 sanitizer warnings, and nearly 11,000 unique UB reports are captured across 32 programs, with vtable pointer violations being the dominant category. This work underscores the pervasiveness and distribution patterns of UB in desktop software, providing an empirical foundation for improving system stability and security hardening.

Undefined behavior is idiomatic to C and C++ programming; such behavior is a use of an erroneous program construct for which the languages impose no requirements, such as integer overflows. The paper presents an empirical experiment seeking to probe the extent of undefined behavior executing underneath typical desktop use of a Linux distribution. The analysis is based on an undefined behavior sanitizer implemented in a compiler. According to the results, undefined behavior is common. By completing 59 simple experimental tasks, nearly 11 thousand unique undefined behavior warnings were generated by 32 unique programs and libraries written in C or C++. Of these warnings, most were associated with the Mesa graphics library and generated by interacting with graphical user interfaces. Merely logging into the GNOME desktop environment generated over 500 unique warnings. Of all warnings, the clear majority was about virtual table pointers. The associated stack traces were also lengthy in general. With these and other results, the paper contributes to the empirical literature on C and C++.