<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<TITLE>
    CWG Issue 1438</TITLE>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<STYLE TYPE="text/css">
  INS { text-decoration:none; font-weight:bold; background-color:#A0FFA0 }
  .INS { text-decoration:none; background-color:#D0FFD0 }
  DEL { text-decoration:line-through; background-color:#FFA0A0 }
  .DEL { text-decoration:line-through; background-color: #FFD0D0 }
  @media (prefers-color-scheme: dark) {
    HTML { background-color:#202020; color:#f0f0f0; }
    A { color:#5bc0ff; }
    A:visited { color:#c6a8ff; }
    A:hover, a:focus { color:#afd7ff; }
    INS { background-color:#033a16; color:#aff5b4; }
    .INS { background-color: #033a16; }
    DEL { background-color:#67060c; color:#ffdcd7; }
    .DEL { background-color:#67060c; }
  }
  SPAN.cmnt { font-family:Times; font-style:italic }
</STYLE>
</HEAD>
<BODY>
<P><EM>This is an unofficial snapshot of the ISO/IEC JTC1 SC22 WG21
  Core Issues List revision 118b.
  See http://www.open-std.org/jtc1/sc22/wg21/ for the official
  list.</EM></P>
<P>2025-09-28</P>
<HR>
<A NAME="1438"></A><H4>1438.
  
Non-dereference use of invalid pointers
</H4>
<B>Section: </B>_N4885_6.7.5.5.4&#160; [<A href="https://wg21.link/basic.stc.dynamic.safety">basic.stc.dynamic.safety</A>]
 &#160;&#160;&#160;

 <B>Status: </B>CD3
 &#160;&#160;&#160;

 <B>Submitter: </B>Anthony Williams
 &#160;&#160;&#160;

 <B>Date: </B>2012-01-03<BR>


<P>[Moved to DR at the October, 2012 meeting.]</P>



<P>The current Standard says that any use of an invalid pointer value
produces undefined behavior (6.8.6.5.3 [<A href="https://wg21.link/basic.stc.dynamic.deallocation#4">basic.stc.dynamic.deallocation</A>] paragraph 4).
This includes not only dereferencing the pointer but even just
fetching its value.  The reason for this draconian restriction is that
some architectures in the past used dedicated address registers for
pointer loads and stores and they could fault if, for example, a
segment number in a pointer was not currently mapped.</P>

<P>It is not clear whether such restrictions are necessary with
architectures currently in use or reasonably foreseen.  This should
be investigated to see if the restriction can be loosened to apply
only to dereferencing the pointer.</P>

<P><B>Proposed resolution (February, 2012):</B></P>

<P>Change 6.8.6.5.3 [<A href="https://wg21.link/basic.stc.dynamic.deallocation#4">basic.stc.dynamic.deallocation</A>] paragraph 4 as follows:</P>

<BLOCKQUOTE>

If the argument given to a deallocation function in the standard
library is a pointer that is not the null pointer value (7.3.12 [<A href="https://wg21.link/conv.ptr">conv.ptr</A>]), the deallocation function shall deallocate the storage
referenced by the pointer, rendering invalid all pointers referring to
any part of the <I>deallocated storage</I>.  <DEL>The effect of using
an invalid pointer value (including passing it to a deallocation
function) is undefined</DEL> <INS>Indirection through an invalid
pointer value and passing an invalid pointer value to a deallocation
function have undefined behavior. Any other use of an invalid pointer
value has implementation-defined behavior</INS>. [<I>Footnote:</I>
<DEL>On some</DEL> <INS>Some</INS> implementations<DEL>, it</DEL>
<INS>might define that copying an invalid pointer value</INS> causes a
system-generated runtime fault.  &#8212;<I>end footnote</I>]

</BLOCKQUOTE>

<BR><BR>
</BODY>
</HTML>
