Date: Sat, 2 Aug 2025 19:01:20 +0200
On 31/07/2025 17:26, Sebastian Wittmeier via Std-Proposals wrote:
> I was suggesting a function that returns true, if the address pointer is
> definitely invalid; not a definitely invalid range.
>
> There are microcontrollers running C++ with 16-bit pointers.
>
> There are 64-bit systems running C++ with pages of several megabytes or
> even 1 GiB.
>
> Doing pointer arithmetic on invalid pointers is UB.
>
> So the function below could not be implemented as a user function, but
> would have to be inside the standard library.
>
> Is there any advantage of guaranteeing an invalid range around the
> nullptr with a minimal size compared to leaving it as QoI to the
> implementation?
>
There are microcontrollers supporting C++ with 16-bit pointers where
there are /no/ invalid pointers - all are valid. (Dereferencing a null
pointer is UB in the standard - an implementation is free to consider it
as valid defined behaviour if it chooses.) It is common for
microcontrollers to have a reset vector, part of an interrupt table, or
the start of the program ROM or flash at address 0. And it is common
for software to access this, such as for running integrity tests on the
code storage.
So it is perfectly reasonable to have C++ platforms for which there are
no pointers that are invalid for at least some behaviours (such as read
access as lvalues of unsigned char or std::byte).
Conversely, on most modern platforms (32-bit or 64-bit), the vast
majority of pointers are invalid for any kind of access. And even those
pointers that /are/ valid for something, are usually invalid for other
kinds of access. And there is no feasible way for an implementation to
determine if a given pointer is valid or not, for any possible purpose.
(That would require a VM and/or a managed environment, far too much
overhead for typical C++ usage outside of debugging and sanitisers.)
So what possible use could there be for a function called
"isptrinvalid()"? If it returns true, the pointer is invalid. If it
returns false, that does not tell you that the pointer is valid - it
might still be invalid. The function could just as well be implemented
as "returns false;" and give you just the same information. But that
would clearly be a useless and misleading function.
There really is nothing that could be implemented by C++ compilers, or
useful to C++ programs, that goes beyond simply comparing a pointer to a
null pointer as specified in C since the beginning.
> I was suggesting a function that returns true, if the address pointer is
> definitely invalid; not a definitely invalid range.
>
> There are microcontrollers running C++ with 16-bit pointers.
>
> There are 64-bit systems running C++ with pages of several megabytes or
> even 1 GiB.
>
> Doing pointer arithmetic on invalid pointers is UB.
>
> So the function below could not be implemented as a user function, but
> would have to be inside the standard library.
>
> Is there any advantage of guaranteeing an invalid range around the
> nullptr with a minimal size compared to leaving it as QoI to the
> implementation?
>
There are microcontrollers supporting C++ with 16-bit pointers where
there are /no/ invalid pointers - all are valid. (Dereferencing a null
pointer is UB in the standard - an implementation is free to consider it
as valid defined behaviour if it chooses.) It is common for
microcontrollers to have a reset vector, part of an interrupt table, or
the start of the program ROM or flash at address 0. And it is common
for software to access this, such as for running integrity tests on the
code storage.
So it is perfectly reasonable to have C++ platforms for which there are
no pointers that are invalid for at least some behaviours (such as read
access as lvalues of unsigned char or std::byte).
Conversely, on most modern platforms (32-bit or 64-bit), the vast
majority of pointers are invalid for any kind of access. And even those
pointers that /are/ valid for something, are usually invalid for other
kinds of access. And there is no feasible way for an implementation to
determine if a given pointer is valid or not, for any possible purpose.
(That would require a VM and/or a managed environment, far too much
overhead for typical C++ usage outside of debugging and sanitisers.)
So what possible use could there be for a function called
"isptrinvalid()"? If it returns true, the pointer is invalid. If it
returns false, that does not tell you that the pointer is valid - it
might still be invalid. The function could just as well be implemented
as "returns false;" and give you just the same information. But that
would clearly be a useless and misleading function.
There really is nothing that could be implemented by C++ compilers, or
useful to C++ programs, that goes beyond simply comparing a pointer to a
null pointer as specified in C since the beginning.
Received on 2025-08-02 17:01:26