2

There are many questions on Stack Overflow that explain that the following is undefined behavior in C++:

MyType* p = nullptr;
p->DoSomething();

but I can't find one that cites the C++ standard. Which part of the C++11 and/or C++14 standards say that this is undefined behavior?

John Kugelman
  • 349,597
  • 67
  • 533
  • 578
jacobsa
  • 5,719
  • 1
  • 28
  • 60

1 Answers1

4

C++14 [expr.ref]/2:

The expression E1->E2 is converted to the equivalent form (*(E1)).E2

C++14 [expr.unary.op]/1:

The unary * operator performs indirection: the expression to which it is applied shall be a pointer to an object type, or a pointer to a function type and the result is an lvalue referring to the object or function to which the expression points.

The pointer does not point to an object, therefore this quote does not define the behaviour of *p. Nowhere else in the standard defines it either, so it is undefined behaviour.

Regarding whether a null pointer can be said to point to an object, N4618 [basic.compound]/3 defines pointer values as:

Every value of pointer type is one of the following:

  • a pointer to an object or function (the pointer is said to point to the object or function), or
  • a pointer past the end of an object, or
  • the null pointer value for that type, or
  • an invalid pointer value.

which indicates that the null pointer value does not point to an object.

M.M
  • 138,810
  • 21
  • 208
  • 365
  • 1
    Thanks. Although it's a reasonable assumption, is there some language that says a null pointer doesn't point at an object? I'm also surprised this isn't explicitly called out as undefined, which is typical in the standard. – jacobsa Mar 03 '17 at 04:56
  • 1
    @jacobsa The text "A valid value of an object pointer type represents either the address of a byte in memory (1.7) or a null pointer (4.10). " suggests that the null pointer value is not the address of a byte in memory (therefore it cannot be the address of an object) – M.M Mar 03 '17 at 05:05
  • Nice find; will add that to the answer. – jacobsa Mar 03 '17 at 05:14
  • And talking about references, at 8.3.2.5 "... the only way to create such a reference would be to bind it to the “object” obtained by indirection through a null pointer, which causes undefined behavior." – Loreto Mar 03 '17 at 05:31
  • Isn't the quote talking about the types of expression to which the operator can be applied, rather than its set of allowed values? A "pointer to an object type" isn't a pointer that points to a valid object. – juanchopanza Mar 03 '17 at 06:18
  • @juanchopanza "lvalue referring to *the object* [...] to which the expression points" – M.M Mar 03 '17 at 07:12
  • Maybe you could emphasise that part? The preceding phrase kind of masks it. – juanchopanza Mar 03 '17 at 07:41
  • I've submitted an [edit](http://stackoverflow.com/review/suggested-edits/15404595) that adds the text from [basic.compound]/3, which is even clearer about null not being a pointer to an object in the latest [draft](http://eel.is/c++draft/basic.compound). – jacobsa Mar 03 '17 at 09:40