"Alex Fraser said:(In N869,) 6.6 says that a constant expression is (grammatically) a
conditional expression - with some constraints, of course.
Grammatically, a primary expression is a conditional expression.
But it is not a null pointer constant, because 0xFFFFFFFF doesn't have a
value of zero.
Christian Bau said:All your compiler has to do is to make sure that a cast from an integer
zero to a pointer type produces a null pointer, and a cast from a null
pointer to an integer type produces an integer zero.
Joe Wright said:Pointer values share some characteristics of numbers. You can add to
them, subtract from them and subtract one from another. Pointers have
a range from 0 to the maximum allowed memory address.
As the C programmer doesn't know the memory model of the target, the
natural choice for a 'pointer to nothing' would be 0 or (void*)0.
Consider..
int *ptr;
ptr = malloc(100 * sizeof *ptr);
if (ptr == NULL) {/* do something about the failure */}
.. use ptr with careless abandon ..
free(ptr);
.. use ptr at your peril ..
The value of ptr probably hasn't changed but the call to free(ptr) has
made it indeterminate. You can't examine ptr to determine its validity.
[...]Christian Bau said:(e-mail address removed) writes: [...]
- AFAIK I can't `#define NULL 0x10000' since `void* p=0;' should work
just like `void* p=NULL'. Is this correct?
You, as programmer, are not allowed to do this.
You, as compiler implementor, are allowed to do this.
The NULL macro must expand to a null pointer constant. 0x10000 is not
a null pointer constant as the term is defined by the standard, so
it's not immediately obvious that
#define NULL 0x10000
is legal for an implementation, even if converting that value to a
pointer always yields a null pointer value.
On the other hand, C99 6.6p10 says:
An implementation may accept other forms of constant expressions.
I think the C Standard defines "constant expressions" a bit before null
pointer constants. A null pointer constant is then defined as a
"constant expression" which has some additional properties, for example
either being an integer expression of value 0, or such an expression
cast to void*. 0x10000 cannot be a null pointer constant, because it
doesn't have a value of zero.
[...]Christian Bau said:No. Saying "NULL is zero" is nonsense. NULL can either be an integer
constant with a value of 0, or it is such a constant cast to void*. In
that case is a pointer. Saying that a pointer is zero is pure nonsense.
A pointer can point to an object, or it can point past the last byte of
an object, or it can be a null pointer which points to no object at all,
or it can be some indeterminate value, but it cannot be zero. It cannot
be pi, or e, or sqrt (2), or one, or zero, or any other number. It
cannot be green, yellow, red or blue either. These are all things that
don't make any sense for pointers.
Is that really true if
((void *)0xffffffff) == 0
which an implementation can ensure?
The pedantic argument is that ((void *) 0) is not an integer constant
with value 0, cast to void*, but an integer constant with value 0, cast
to void*, and put into parentheses.
I am quite sure it was not the intention of the C Standard that this
should make a difference.
Christian said:No. Saying "NULL is zero" is nonsense. NULL can either be an integer
constant with a value of 0, or it is such a constant cast to void*. In
that case is a pointer. Saying that a pointer is zero is pure nonsense.
A pointer can point to an object, or it can point past the last byte of
an object, or it can be a null pointer which points to no object at all,
or it can be some indeterminate value, but it cannot be zero. It cannot
be pi, or e, or sqrt (2), or one, or zero, or any other number. It
cannot be green, yellow, red or blue either. These are all things that
don't make any sense for pointers.
In a comparison (p == 0), where p is a pointer, the integer constant 0
is converted to a null pointer because there is a special rule in the C
language that in this kind of situation, integer constants of value 0
are automatically converted to pointers, while any other integer
constants, for example those with a value of 1, are not converted. The
pointer p is _never_ compared with a zero. It is always compared with
another pointer value.
Joe Wright said:1. What are you drinking?
2. Can I have some?
The pedancy award has to go to Keith Thompson, not you or me.
NULL is a text replacement macro, not any kind of pointer. A pointer
is an object which can hold the address of another object.
Common usage be damned, a value of pointer type is not a pointer. Our
friend malloc() returns a value of (void*) type, not a pointer.
char *p;
p = malloc(100);
The object p is the pointer here, not the value returned by
malloc(). It is argued that functions can return pointers. They can't.
You say a special rule in C requires an integer constant of value 0 to
be converted to a pointer. But a pointer is an object. I presume you
mean a value of pointer type. And you say further that the rule
applies to constants of 0 but not 1. C&V please.
Keith said:Joe Wright said:[...]Keith said:Joe Wright <[email protected]> writes:
The zero value is
chosen specifically because it is within the range of all possible
pointer values.
I'm not sure what this means. Pointers are not numbers; they don't
have ranges.
Pointer values share some characteristics of numbers. You can add to
them, subtract from them and subtract one from another. Pointers have
a range from 0 to the maximum allowed memory address.
Yes, they share *some* of the characteristics of numbers, but not all
of them. For example, pointer arithmetic is defined only with a
single object. There is nothing in the standard that supports the
idea that pointers range from 0 to the "maximum allowed memory
address".
As the C programmer doesn't know the memory model of the target, the
natural choice for a 'pointer to nothing' would be 0 or (void*)0.
There's nothing natural about it *unless* you assume a particular
linear memory model. C's definition of null pointer constants is a
relic of the early systems on which it was implemented, which happened
to have such a model (as do many, probably most, systems today).
Think of a pointer as a nearly opaque entity that can designate an
object or function.
A function pointer could be implemented as an index into a table of
functions, having nothing to do with a machine address.
Any valid object pointer value is one of the following:
A null pointer;
A pointer to an object plus an offset (possibly zero) within that
object; or
Something implementation-specific.
(The second is a special case of the third, with a zero offset.) An
implementation could represent each object pointer as a structure
consisting of an object descriptor (perhaps a table index, perhaps
something else) and an offset. Pointer arithmetic would act only on
the offset. No portable code can tell the difference between this and
the more common implementation as a machine address.
And a null pointer is just a special representation (or
representations) indicating that the pointer doesn't point to
anything. There's no fundamental reason why all-bits-zero is a good
choice for this. It's like a floating-point NaN (Not-a-Number);
there's no reason for portable code to care how it's represented.
In fact, I think that demonstrates a flaw in the C model. It's
assumed that there's a "zero" value for each scalar type, and that
these zero values are somehow analagous to each other. But in fact,
there is no integer value corresponding to a null pointer. 0 is just
another ordinary value within the range of valid values; likewise for
a floating-point 0.0. The best analogy is between a nul pointer value
and a floating-point "quiet NaN".
A language slightly better designed than C would have a keyword,
perhaps "nil", to denote a null pointer value; it would be the *only*
valid null pointer constant. Instead, we have some special-case rules
about integer constant expressions with the value 0. These rules are
probably necessary for backward compatibility. Fortunately we can
hide the ugly details behind the NULL macro.
If a program needs to get closer to the metal and use the underlying
machine address representation, an implementation can provide rules
for converting integers to pointers -- but those rules are entirely
implementation-defined (except for the null pointer constant anomaly)
and might not even make sense on a machine with non-linear addressing.
Consider..
int *ptr;
ptr = malloc(100 * sizeof *ptr);
if (ptr == NULL) {/* do something about the failure */}
.. use ptr with careless abandon ..
free(ptr);
.. use ptr at your peril ..
The value of ptr probably hasn't changed but the call to free(ptr) has
made it indeterminate. You can't examine ptr to determine its validity.
Right, but that doesn't support your earlier statement. *Any* pointer
value other than an indetermine one can be tested for validity; you
did so on the second line of your example (if malloc() succeeded).
I think you have a funny definition of "implementation-defined".
Joe said:.... snip ...
Pointer values share some characteristics of numbers. You can add
to them,
subtract from them
and subtract one from another.
Pointers have a range from 0 to the maximum allowed memory address.
Joe Wright said:What? "Any pointer value other than an indeterminate one can be tested
for validity." How would you determine whether the value of ptr, not
NULL, in the above example was indeterminate? You can't.
Some say even accessing ptr, if its value is indeterminate, invokes
Undefined Behaviour. Does it?
You clearly (from the above paragraph) do know what I mean. I'm sorry ifYes, accessing the value of ptr invokes undefined behavior if its
value is indeterminate.
You said that
No pointer value other than NULL can be tested for validity.
The real problem, I think, is that I honestly have no idea what you
mean by that.
Perhaps if you can show an example of "testing a pointer value for
validity", I can understand why a null pointer value is special in
that context.
Assuming that either a null pointer value or a pointer value that
points to an object is considered "valid", *no* pointer value can
meaningfully be tested for validity. If you *know* that it's valid
(either null or non-null), there's no point in testing it. If you
don't know (it might be indeterminate), you can't test it without
risking undefined behavior.
You're right, pedantry. No thanks necessary. You deserve it.Keith said:Um, I almost hesitate to point this out, but I think, you mean
"pedantry". But thanks for the award anyway.
I'm going to concede that point, at least until it really annoys meSo your point is that "pointer" should refer only to pointer objects,
and the value of a pointer object should be referred to as an
"address". As I've mentioned before, I actually agree with that, but
the standard doesn't. C99 7.20.3.3, for example, says:
The malloc function returns either a null pointer or a pointer to
the allocated space.
And note that the standard uses the defined term "null pointer", not
"null address", to refer to a particular value. A null pointer is
clearly a value, not an object, and we don't have another common term
for it. You or I might have used different terminology, but if we're
going to communicate meaningfully we need to at least acknowledge the
existence of the terminology used by the standard.
I usually try to use the phrases "pointer value" and "null pointer
value" to avoid any possible confusion, but if I happen to forget I'm
sure you can figure out what I mean from context -- and from common
usage.
Consider that the value of an integer object is commonly called an
integer; why shouldn't the value of a pointer object be called a
pointer?
That was meant as a joke. If Christian is reading, if I have offended IAnd it hardly seems fair to accuse someone who uses the standard
terminology of being drunk.
Sure, lots of times. Even as Chief Pedant, talking down doesn't win points.Yes, of course it means a value of pointer type; that's how the
standard uses the term "pointer".
The C&V is C99 6.3.2.3p3:
An integer constant expression with the value 0, or such an
expression cast to type void *, is called a _null pointer
constant_.55) If a null pointer constant is converted to a pointer
type, the resulting pointer, called a _null pointer_, is
guaranteed to compare unequal to a pointer to any object or
function.
Footnote 55 says:
The macro NULL is defined in <stddef.h> (and other headers) as a
null pointer constant; see 7.17.
You've read sections 4 and 5 of the comp.lang.c FAQ, right?
Joe Wright said:You clearly (from the above paragraph) do know what I mean. I'm sorry
if I was confusing. But further if I might,
char *p = malloc(100);
if (p == NULL)
The test is valid because malloc will return NULL or a valid pointer
(OK I said pointer, not address). But if then..
free(p);
...
if (p == NULL)
This test is invalid because p is now indeterminate. Right?
Joe Wright said:Keith Thompson wrote: [...]Sure, lots of times. Even as Chief Pedant, talking down doesn't win points.You've read sections 4 and 5 of the comp.lang.c FAQ, right?
That core memory module you describe is indeed interesting. If I had oneCBFalconer said:Joe Wright wrote:
... snip ...
Within sharp limits.
Within even sharper limits.
and this operation is very heavily restricted to pointers to
locations within the same object. Otherwise meaningless.
Not so. A pointer only has to point. It can do this in any way it
likes, including specifying the phase of the moon when dereferenced
or the need for sacrificial virgins.
As a real life example, consider a magnetic core memory.
Addressing is in terms of x, y, and plane coordinates. This is not
a number. It is a tuple. In modern systems it may be made up of
process id, segment id, page id, page offset, and bit or byte.
Consider it dropped. You and I agree here, we just can't seem to say so.Keith said:[[ big snip ]]
You clearly (from the above paragraph) do know what I mean. I'm sorry
if I was confusing. But further if I might,
char *p = malloc(100);
if (p == NULL)
The test is valid because malloc will return NULL or a valid pointer
(OK I said pointer, not address). But if then..
free(p);
...
if (p == NULL)
This test is invalid because p is now indeterminate. Right?
I don't mean to be picky, but I really, truly, honestly, do not
understand what you meant. You wrote:
No pointer value other than NULL can be tested for validity.
And to support that statement, you show code in which you perform a
test on a pointer value other than NULL (or rather, one that will be
non-NULL if malloc() succeeds). I really have no idea what you mean
by "tested for validity"; *no* pointer value can be tested for
validity in portable code, for reasons I mentioned above and with
which you seem to agree.
If you can show code in which you test a pointer value of NULL for
validity (whatever that means), and can explain why the same test
could not be performed on a non-NULL pointer, perhaps I can understand
what your statement meant.
(Of course I'm using "NULL" as a verbal shorthand for a null pointer
value.)
Yes, I'm picking on a single statement you made several articles
upthread, but you keep insisting that it's meaningful. Either it
isn't, or I'm missing something important (the latter has certainly
happened before). Perhaps it was just inartfully phrased; if so, I'll
be glad to drop this.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.