I wonder how much the pile of undefined behavior contributed to C's success. I can imagine that vendors picked C over alternatives due to C giving them more freedom with their implementation.
What you are thinking about there is perhaps implementation defined behavior, which is distinct from undefined behavior; and the sequence was the other way round - hardware with different behaviors already existed, and not specifying them in the language allowed C to succeed because it wasn't tied to a particular machine.
The answer is different for different kinds of undefined behavior, but spatial memory safety violations are basically always possible in a language you can write an OS in, since you need to convert from hardware buffers to higher level types. temporal memory safety wasn't possible to enforce at the time on a low level language, it's taken decades for it to be implemented in a mainstream non-garbage-collected language. Integer overerflow is still not caught by default even in rust for efficiency reasons (it would take all the processor vendors to implement an efficient way of catching it)
> Integer overerflow is still not caught by default even in rust for efficiency reasons
Honestly, I don't think that was the right default, but it is configurable at the project level for release builds. If I were deploying tools, I would certainly enable them, just like the Android team does.
I'd say that's more of an annoyance than a feature. The reason vendors use C is because it is there, comes with compilers, ides, tools, operating systems, etc. that will all work out of the box as soon as they get the compiler going on a new hardware platform. Just a critical mass of stuff that they need that conveniently is right there. And when you need to add just a few tiny things, you are going to stick with what's right in front of you instead of rebuilding all of that from scratch.
Isn't the other way around? Vendors already had picked C and they wanted to claim compliance to the then brand new C89 standard so anything they didn't want to give up on was deemed "implementation-defined behavior" and anything they couldn't give up on[0] was deemed "undefined behavior".
[0] because their machines worked very differently from the others' machines
