This ends up being accidentally safe because all comparisons involving NaN are false, so tm < endtm is false and the loop is never entered. However, if the loop is ever executed, this would invoke undefined behavior, as demonstrated if you run with ubsan on the branch https://github.com/jpdoyle/snore/tree/nan-unsafety:
$ ./snore 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d-10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d
-nan
snore.c:98:6: runtime error: store to null pointer of type 'char'
If you add
printf("%f\n",tm);
after https://github.com/clamiax/snore/blob/caad43cde564123b541df3cb2652df55937ac45f/snore.c#L118 you can observe that the number is NaN:This ends up being accidentally safe because all comparisons involving NaN are false, so
tm < endtm
is false and the loop is never entered. However, if the loop is ever executed, this would invoke undefined behavior, as demonstrated if you run with ubsan on the branch https://github.com/jpdoyle/snore/tree/nan-unsafety: