Incomputing, anull pointer (sometimes shortened tonullptr ornull) ornull reference is a value saved for indicating that thepointer orreference does not refer to a validobject. Programs routinely use null pointers to represent conditions such as the end of alist of unknown length or the failure to perform some action; this use of null pointers can be compared tonullable types and to theNothing value in anoption type.
A null pointer should not be confused with anuninitialized pointer: a null pointer is guaranteed to compare unequal to any pointer that points to a valid object. However, in general, most languages do not offer such guarantee for uninitialized pointers. It might compare equal to other, valid pointers; or it might compare equal to null pointers. It might do both at different times; or the comparison might beundefined behavior. Also, in languages offering such support, the correct use depends on the individual experience of each developer and linter tools. Even when used properly, null pointers aresemantically incomplete, since they do not offer the possibility to express the difference between "not applicable", "not known", and "future" values.[citation needed]
Because a null pointer does not point to a meaningful object, an attempt to access the data stored at that (invalid) memory location may cause a run-time error or immediate program crash. This is thenull pointer error, ornull pointer exception. It is one of the most common types of software weaknesses,[1] andTony Hoare, who introduced the concept, has referred to it as a "billion dollar mistake".[2]
InC, two null pointers of any type are guaranteed to compare equal.[3] Prior to C23, the preprocessor macroNULL was provided, defined as an implementation-defined null pointer constant in<stdlib.h>,[4] which inC99 can be portably expressed with#define NULL ((void*)0), the integer value0converted to the typevoid* (seepointer to void type).[5] SinceC23, a null pointer is represented withnullptr which is of typenullptr_t (first introduced to C++11), providing a type safe null pointer.[6]
The C standard does not say that the null pointer is the same as the pointer tomemory address 0, though that may be the case in practice.Dereferencing a null pointer isundefined behavior in C,[7] and a conforming implementation is allowed to assume that any pointer that is dereferenced is not null.
In practice, dereferencing a null pointer may result in an attempted read or write frommemory that is not mapped, triggering asegmentation fault or memory access violation. This may manifest itself as a program crash, or be transformed into a softwareexception that can be caught by program code. There are, however, certain circumstances where this is not the case. For example, inx86real mode, the address0000:0000 is readable and also usually writable, and dereferencing a pointer to that address is a perfectly valid but typically unwanted action that may lead to undefined but non-crashing behavior in the application; if a null pointer is represented as a pointer to that address, dereferencing it will lead to that behavior. There are occasions when dereferencing a pointer to address zerois intentional and well-defined; for example,BIOS code written in C for 16-bit real-mode x86 devices may write theinterrupt descriptor table (IDT) at physical address 0 of the machine by dereferencing a pointer with the same value as a null pointer for writing. It is also possible for the compiler to optimize away the null pointer dereference, avoiding a segmentation fault but causing other undesired behavior.[8]
In C++, while theNULL macro was inherited from C, the integer literal for zero has been traditionally preferred to represent a null pointer constant.[9] However,C++11 introduced the explicit null pointer constantnullptr and typenullptr_t to be used instead, providing a type safe null pointer.nullptr and typenullptr_t were later introduced to C in C23.
In languages with atagged architecture, a possibly null pointer can be replaced with atagged union which enforces explicit handling of the exceptional case; in fact, a possibly null pointer can be seen as atagged pointer with a computed tag.
Programming languages use different literals for thenull pointer. InJava andC#, the literalnull is provided as a literal for reference types. InPascal andSwift, a null pointer is callednil. InEiffel, it is called avoid reference. InRust, the absence of a value is denoted asNone, but a true null pointer isstd::ptr::null().
Because a null pointer does not point to a meaningful object, an attempt todereference (i.e., access the data stored at that memory location) a null pointer usually (but not always) causes a run-time error or immediate program crash.MITRE lists the null pointer error as one of the most commonly exploited software weaknesses.[10]
SIGSEGV signal to be issued. Although in C/C++ null dereferences are not exceptions which can be caught in C++try/catch blocks, it is possible to "catch" such an access violation by using (std::)signal() in C/C++ to specify a handler to be called when that signal is issued.NullPointerException class. Unlike Java, wherejava.lang.NullPointerException extendsjava.lang.RuntimeException,Poco::NullPointerException instead extendsPoco::LogicException.[11]Null_Exception.nil represents a null pointer to the first address in memory which is also used to initialize managed variables. Dereferencing it raises an external OS exception which is mapped onto a PascalEAccessViolation exception instance if theSystem.SysUtils unit is linked in theuses clause.null) causes aNullPointerException (NPE), which can be caught by error handling code, but the preferred practice is to ensure that such exceptions never occur.null) causes aNullReferenceException to be thrown. Although catching these is generally considered bad practice, this exception type can be caught and handled by the program.nil object (which is a null pointer) without causing the program to be interrupted; the message is simply ignored, and the return value (if any) isnil or0, depending on the type.[12]std::ptr::null()) in anunsafe block results in undefined behaviour, which usually results in a segmentation fault or corrupted memory.While there could be languages with no nulls, most do have the possibility of nulls so there are techniques to avoid or aid debugging null pointer dereferences.[14] Bond et al. suggest modifying theJava virtual machine (JVM) to keep track of null propagation.[14]
There are three levels of handling null references, in order of effectiveness:
Purefunctional languages are an example of level 1 since no direct access is provided to pointers and all code and data is immutable. User code running ininterpreted or virtual-machine languages generally does not suffer the problem of null pointer dereferencing.[dubious –discuss]
Where a language does provide or utilise pointers which could become void, it is possible to avoid runtime null dereferences by providingcompilation-time checking viastatic analysis or other techniques, with syntactic assistance from language features such as those seen in theEiffel programming language with Void safety[15] to avoid null dereferences,D,[16] andRust.[17]
In some languages analysis can be performed using external tools, but these are weak compared to direct language support with compiler checks since they are limited by the language definition itself.
The last resort of level 3 is when a null reference occurs at runtime, debugging aids can help.
In 2009,Tony Hoare stated[2][18][19]that he invented the null reference in 1965 as part of theALGOL W language. In that 2009 reference Hoare describes his invention as a "billion-dollar mistake":
I call it my billion-dollar mistake. It was the invention of the null reference in 1965. At that time, I was designing the first comprehensive type system for references in an object oriented language (ALGOL W). My goal was to ensure that all use of references should be absolutely safe, with checking performed automatically by the compiler. But I couldn't resist the temptation to put in a null reference, simply because it was so easy to implement. This has led to innumerable errors, vulnerabilities, and system crashes, which have probably caused a billion dollars of pain and damage in the last forty years.
const qualifier (§5.4) prevents accidental redefinition ofNULL and ensures thatNULL can be used where a constant is required.".The C++ Programming Language (14th printing of 3rd ed.). United States and Canada: Addison–Wesley. p. 88.ISBN 0-201-88954-4.{{cite book}}: CS1 maint: multiple names: authors list (link) CS1 maint: numeric names: authors list (link)