Can NULL pointer after "dynamic_cast" actually be dereferenced?

Question

The following code compiles correctly and get the mysterious output:

special Investment function 00000000

(Environment: C++ VS2010)

#include <iostream>
#include <vector>
using namespace std;

class Security {
public:
  virtual ~Security() {}
};

class Stock : public Security {};

class Investment : public Security {
public:
  void special() {
    cout << "special Investment function" << endl;
  }
};

int main() {
  Security* p = new Stock;
  dynamic_cast<Investment*>(p)->special();
  cout << dynamic_cast<Investment*>(p) << endl;
  return 0;
}

How could it be? Dereferencing a NULL pointer and get a "correct" output instead of crash? Is it a special "characteristic" of VS2010?

Now I see. I did a test and it appears that dereferencing "this" in "special" function cause the program to crash.

Thanks for your help.

Answer 1

Dereferencing a null pointer is undefined behavior - you can get unexpected results. See this very similar question.

In this case Investment::special() is called in a non-virtual way, so you can think the compiler just creates a global function

Investment_special_impl( Investment* this )

and calls it passing a null this pointer as the implicit parameter.

You should not rely on this.

Answer 2

This is 'undefined bahviour'. Think of methods as having an implicit parameter, carrying 'this'. In your case, NULL was passed as actual argument for 'this'. Since you did not reference any object data refererenced (implicitly or explicitly) by 'this', it did not crash.

Had the method been virtual, it would most likely have crashed, since virtual calls are often dispatched through a lookup table associated with the object (and as a consequence 'this').

Since compiler writers are free to implement 'this' and virtual member lookup tables as they please, you shouldn't depend on this behaviour. It is undefined.

Answer 3

In most implementations of C++ non-virtual methods don't require a valid instance to be called (it's faster to not check this, since standard doesn't require it).

You can set your pointer to NULL and method will still succeed if you don't access instance fields.

Virtual methods require valid vtable, so they always dereference object and cause error in case it's not initialized.

Answer 4

Nowhere do you dereference a null pointer in here: you simply call the function Investment::special(NULL), which is non-virtual, and in its body does not dereference this. Although the spec probably tells this is undefined behavior, it's perfectly sane from the compiler not to put any dereferencing here, so that the program does not crash.

Answer 5

Dereferencing any NULL pointer is Undefined Behaivor.

Answer 6

You should NOT dereference the NULL pointer as it can cause Undefine Behavior. Why your code is working is because in the method:

void special() {
  cout << "special Investment function" << endl;
}

You really don't make any reference to this. To demo that, just declare a variable inside Investment class and try to print it inside special(). You will get a crash.

Answer 7

Dereferencing a null pointer invokes undefined behavior, irrespective of how you get the null pointer, whether as a result of dynamic_cast or something else.

Answer 8

I'm not sure about the dereference NULL question, but the behaviour of the code i can explain.

dynamic_cast< Investment* >(p)->special();

prints: "special Investment function"

cout << dynamic_cast < Investment* >(p) << endl;

prints: "0xABABABA" <- memory address of instance p

It's like running:

cout << p << endl;