Q&A

# What's the difference between null pointers and NULL?

+3
−1

Someone told me that I shouldn't write "NULL pointer" with capital letters, because a null pointer and NULL are different terms. And that NULL is a "null pointer constant". What's the meaning of this?

Does this have anything to do with some systems allowing a different representation of the null pointer other than zero? Can NULL be something other than zero?

Why does this post require moderator attention?
Why should this post be closed?

+6
−0

There are three different, related concepts that are easy to mix up:

• null pointers
• null pointer constants
• the NULL macro

Formal definitions

The first two of these terms are formally defined in C17 6.3.2.3/3:

An integer constant expression with the value `0`, or such an expression cast to type `void *`, is called a null pointer constant.67) If a null pointer constant is converted to a pointer type, the resulting pointer, called a null pointer, is guaranteed to compare unequal to a pointer to any object or function.

In other words, a null pointer is a pointer of any type pointing at a well-defined "nowhere". Any pointer can turn into a null pointer when it is assigned a null pointer constant.

The standard mentions `0` and `(void*)0` as two valid null pointer constants, but note that it says "an integer constant expression with the value `0`". This means that things like `0u`, `0x00` and other variations are also null pointer constants. These are particular special cases that can be assigned to any pointer type, regardless of the various type compatibility rules that would normally apply.

Notably, both object pointers and function pointers can be null pointers. Meaning that we must be able to assign null pointer constants to them, no matter the actual pointer type.

`NULL`

The note 67) from above adds (not normative):

67) The macro `NULL` is defined in `<stddef.h>` (and other headers) as a null pointer constant; see 7.19.

where 7.19 simply defines `NULL` as (normative):

`NULL` which expands to an implementation-defined null pointer constant;

In theory this could perhaps be something other than `0` and `(void*)0`, but the implementation-defined part is more likely saying that `NULL` can either be

`#define NULL 0` or `#define NULL (void*)0` or some other integer constant expression with the value zero, depending on the C library used. But all we need to know and care about is that `NULL` is a null pointer constant.

`NULL` is also the preferred null pointer constant to use in C code, because it is self-documenting and unambiguous (unlike `0`). It should only be used together with pointers and not for any other purpose.

Regarding non-zero null pointers

There's quite a lot of systems that allow direct access of physical or virtual memory address zero, particularly in the context of microcontroller programming. In such cases, C does in theory allow for a null pointer with an internal representation different than zero.

If we write `int* ptr = NULL;` on such a system, the compiler must then realize that we are creating a null pointer, and write a suitable value to the `ptr` variable. It would for example be possible to write an address which would result in a hardware exception/trap in case the null-pointer is de-referenced. That is, the compiler needs to treat a null pointer as a special case, rather than declaring some exotic non-zero NULL macro.

I have never encountered such a (theoretical?) system myself. But I have encountered a whole lot of systems with a valid address zero that also used zero for the internal representation of the null pointer. Meaning that accidental null-pointer writes results in GPIO getting activated or similar nasty stuff. I've even written that particular bug myself once. The compilers for these systems are arguably non-conforming, since they violate 6.3.2.3.

Modern microcontrollers (ARM, PowerPC etc) like to map the reset vector to physical address zero. Meaning that at least you get read-only flash at that location.

Why does this post require moderator attention?

+4
−0

In short, NULL is the 0 value, and a null pointer is a pointer variable that points to nothing.

some systems allowing a different representation of the null pointer other than zero

Years back compilers implemented some things on their own, partly because the language standards weren't strictly defined and imposed. For instance, I remember using a compiler that handled `random` related implementations in a different manner than other compilers. So, while some compilers defined their own null pointer implementation, NULL was always 0.

Can NULL be something other than zero?

No, I don't think so. However, you can tweak a compiler to replace instances of NULL with a value other than 0, but that wouldn't be a standard C compiler then.

Why does this post require moderator attention?

+1
−0

To answer one specific part of the question:

Does this have anything to do with some systems allowing a different representation of the null pointer other than zero?

Sort of. A null pointer constant is zero or zero cast to a `void *`, but that doesn't mean that a null pointer is necessarily represented by "all bits zero". If a null pointer is not "all bits zero", a compiler is obliged to recognize when it is being asked to assign a null pointer constant to a pointer variable, and assign the correct value. Similarly for comparisons.

(I have actually used a machine where a null pointer was not "all bits zero" - Prime eventually gave up and added an instruction "is pointer C null" which meant "all bits zero or proper null pointer".)

Why does this post require moderator attention?