Date: Thu, 31 Jul 2025 07:17:33 -0700
On Thursday, 31 July 2025 04:16:23 Pacific Daylight Time zxuiji via Std-
Proposals wrote:
> Uh, what is wrong with NULL? Nobody expects a pointer to be below
> sysconf(SC_PAGE_SIZE) so regardless of if the pointer is incremented or not
> one would recognise it as an invalid pointer while debugging.
The standard doesn't *guarantee* that. The only officially-mandated invalid
address is that of nullptr itself (which as others have said, doesn't need to
be a bitwise zero). Strictly speaking, the address of (char*)nullptr + 1 could
be valid and could be the result of some memory allocation.
In practice, it doesn't happen. In practice, the smallest granularity that
virtual memory managers can control is a full page, so they make the full page
containing nullptr invalid. And in practice nullptr is the lowest address in
that page.
Interestingly, the addresses before nullptr are by necessity invalid, not
because one could decrement nullptr, but because you're not allowed to
calculate one-past-the-end of a valid object and reach nullptr. Considering
this depends on object size, everything prior to nullptr within "reasonable
object size" is also invalid. In practice, that's also one page.
Though in practice it's actually more than one page, for "defence in depth".
Proposals wrote:
> Uh, what is wrong with NULL? Nobody expects a pointer to be below
> sysconf(SC_PAGE_SIZE) so regardless of if the pointer is incremented or not
> one would recognise it as an invalid pointer while debugging.
The standard doesn't *guarantee* that. The only officially-mandated invalid
address is that of nullptr itself (which as others have said, doesn't need to
be a bitwise zero). Strictly speaking, the address of (char*)nullptr + 1 could
be valid and could be the result of some memory allocation.
In practice, it doesn't happen. In practice, the smallest granularity that
virtual memory managers can control is a full page, so they make the full page
containing nullptr invalid. And in practice nullptr is the lowest address in
that page.
Interestingly, the addresses before nullptr are by necessity invalid, not
because one could decrement nullptr, but because you're not allowed to
calculate one-past-the-end of a valid object and reach nullptr. Considering
this depends on object size, everything prior to nullptr within "reasonable
object size" is also invalid. In practice, that's also one page.
Though in practice it's actually more than one page, for "defence in depth".
-- Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org Principal Engineer - Intel Platform & System Engineering
Received on 2025-07-31 14:17:41