<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<TITLE>
    CWG Issue 1190</TITLE>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<STYLE TYPE="text/css">
  INS { text-decoration:none; font-weight:bold; background-color:#A0FFA0 }
  .INS { text-decoration:none; background-color:#D0FFD0 }
  DEL { text-decoration:line-through; background-color:#FFA0A0 }
  .DEL { text-decoration:line-through; background-color: #FFD0D0 }
  @media (prefers-color-scheme: dark) {
    HTML { background-color:#202020; color:#f0f0f0; }
    A { color:#5bc0ff; }
    A:visited { color:#c6a8ff; }
    A:hover, a:focus { color:#afd7ff; }
    INS { background-color:#033a16; color:#aff5b4; }
    .INS { background-color: #033a16; }
    DEL { background-color:#67060c; color:#ffdcd7; }
    .DEL { background-color:#67060c; }
  }
  SPAN.cmnt { font-family:Times; font-style:italic }
</STYLE>
</HEAD>
<BODY>
<P><EM>This is an unofficial snapshot of the ISO/IEC JTC1 SC22 WG21
  Core Issues List revision 118b.
  See http://www.open-std.org/jtc1/sc22/wg21/ for the official
  list.</EM></P>
<P>2025-09-28</P>
<HR>
<A NAME="1190"></A><H4>1190.
  
Operations on non-safely-derived pointers
</H4>
<B>Section: </B>_N4885_6.7.5.5.4&#160; [<A href="https://wg21.link/basic.stc.dynamic.safety">basic.stc.dynamic.safety</A>]
 &#160;&#160;&#160;

 <B>Status: </B>C++11
 &#160;&#160;&#160;

 <B>Submitter: </B>Hans Boehm
 &#160;&#160;&#160;

 <B>Date: </B>2010-09-01<BR>


<P>[Voted into the WP at the March, 2011 meeting as part of paper N3262.]</P>



<P>_N4885_6.7.5.5.4 [<A href="https://wg21.link/basic.stc.dynamic.safety#4">basic.stc.dynamic.safety</A>] paragraph 4 only prohibits the
dereferencing and deallocation of non-safely-derived pointers. This is
insufficient.  Explicit deallocation of storage is described as
rendering invalid all pointers to that storage, with the result that
<I>all</I> operations on such a pointer value causes undefined
behavior (6.8.6.5.3 [<A href="https://wg21.link/basic.stc.dynamic.deallocation#4">basic.stc.dynamic.deallocation</A>] paragraph 4).  The same should
be true if the storage pointed to by a non-safely-derived pointer is
garbage collected.  In particular, the promise of objects having
distinct addresses (6.8.2 [<A href="https://wg21.link/intro.object#6">intro.object</A>] paragraph 6) should not
apply if one of those objects is designated by a non-safely-derived
pointer.</P>

<P><B>Proposed resolution (November, 2010) [SUPERSEDED]:</B></P>

<P>Change _N4885_6.7.5.5.4 [<A href="https://wg21.link/basic.stc.dynamic.safety#4">basic.stc.dynamic.safety</A>] paragraph 4 as follows:</P>

<BLOCKQUOTE>

...Alternatively, an implementation may have <I>strict pointer
safety</I>, in which case, <DEL>if</DEL> a pointer value that is not a
safely-derived pointer value is <DEL>dereferenced or deallocated,
and</DEL> <INS>an invalid pointer value, unless</INS> the referenced
complete object is of dynamic storage duration and has <DEL>not</DEL>
previously been declared reachable (_N4700_.23.11.2 [<A href="https://wg21.link/util.smartptr">util.smartptr</A>])<DEL>, the behavior is undefined</DEL>. [<I>Note:</I>
<DEL>this</DEL> <INS>The effect of using an invalid pointer value
(including passing it to a deallocation function) is undefined, see
6.8.6.5.3 [<A href="https://wg21.link/basic.stc.dynamic.deallocation">basic.stc.dynamic.deallocation</A>]. This</INS> is true even if the
unsafely-derived pointer value might compare equal to some
safely-derived pointer value. &#8212;<I>end note</I>] It is
implementation defined...

</BLOCKQUOTE>

<BR><BR>
</BODY>
</HTML>
