Is it safe to calculate pointer offset using nullptr?

Question

Suppose I have two pointers:

char* p1 = nullptr;
char* p2 = std::malloc( 4 );
std::size_t offset = p2 - p1;

Is it safe to get offset in this way? So far it works fine on my computer. But I'm wondering if the offset can exceed the maximum number of size_t such that this method fails?

Answer 1

This is undefined behavior, from the draft C++ standard section 5.7 Additive operators:

When two pointers to elements of the same array object are subtracted, the result is the difference of the subscripts of the two array elements. The type of the result is an implementation-defined signed integral type; this type shall be the same type that is defined as std::ptrdiff_t in the header (18.2). [...] Unless both pointers point to elements of the same array object, or one past the last element of the array object, the behavior is undefined.⁸²

Also as the reference mentions, the result is std::ptrdiff_t not size_t.

you can on the other hand add or subtract the value 0 which is covered in paragraph 7:

If the value 0 is added to or subtracted from a pointer value, the result compares equal to the original pointer value. If two pointers point to the same object or both point one past the end of the same array or both are null, and the two pointers are subtracted, the result compares equal to the value 0 converted to the type std::ptrdiff_t.

If you want to convert a pointer to an integral value then you should use either intptr_t or uinitptr_t:

intptr_t   integer type capable of holding a pointer
uintptr_t  unsigned integer type capable of holding a pointer

For example:

uintptr_t ip = reinterpret_cast<uintptr_t>( p2 ) ;