Describe the validity of null managed pointers

- Declare that it is valid to have a null managed pointer, but declare it invalid to actually read from such a pointer - In practice this has always been legal, as it has been legal to managed pointer locals for years, and they are included in the list of values that are zeroinitialized on method start - Also clarify the rules to permit a managed pointer to the location directly following a managed object. - This is a new capability in the spec that will likely be useful for accessing fixed size data buffers held in objects of the GC heap. However, the GC has been able to tolerate this behavior for many years, so there is no code change necessary. Fixes dotnet#69690
davidwrighton · Jul 7, 2022 · b3b6174 · b3b6174
1 parent 9868dfc
commit b3b6174
Showing 1 changed file with 10 additions and 0 deletions.
diff --git a/docs/design/specs/Ecma-335-Augments.md b/docs/design/specs/Ecma-335-Augments.md
@@ -987,6 +987,10 @@ https://www.ecma-international.org/publications-and-standards/standards/ecma-335
 ### I.8.9.2
 - Insert at the end of the first paragraph “An unmanaged pointer type cannot point to a managed pointer.”
 
+### II.14.4.2
+- Replace the sentence "Managed pointers (&) can oint to an instance of a value type, a field of an object, a field of a value type, an element of an array, or the address where an element just past the end of an array would be stored (for pointer indexes into managed arrays)." with  "Managed pointers (&) can point to a local variable, a method argument, a field of an object, a field of a value type, an element of an array, a static field, the address just past the end of an object, or the address where an element just past the end of an array would be stored (for pointer indexes into managed arrays)."
+- Replace the sentence "Managed pointers cannot be null, and they shall be reported to the garbage collector even if they do not point to managed memory." with "Managed pointers shall be reported to the garbage collector even if they do not point to managed memory. A null managed pointer must not be dereferenced."
+
 Changes to signatures:
 ### II.23.2.10
 - Remove special case for TYPEDBYREF
@@ -997,6 +1001,12 @@ Changes to signatures:
 ### II.23.2.12
 - Add TYPEDBYREF as a form of Type
 
+### III.1.1.5.2
+- Replace "Managed pointers (&) can point to a local variable, a method argument, a field of an object, a field of a value type, an element of an array, a static field, or the address where an element just past the end of an array would be stored (for pointer indexes into managed arrays)." with "Managed pointers (&) can point to a local variable, a method argument, a field of an object, a field of a value type, an element of an array, a static field, the address just past the end of an object, or the address where an element just past the end of an array would be stored (for pointer indexes into managed arrays)."
+- Remove the sentence "Managed pointers cannot be null."
+- Add a bullet point
+  - Managed pointers which point at null, the address just past the end of an object, or the address where an element just past the end of an array would be stored, are considered to be an invalid address.
+
 ## Rules for IL Rewriters
 
 There are apis such as `System.Runtime.CompilerServices.RuntimeHelpers.CreateSpan<T>(...)` which require that the PE file have a particular structure. In particular, that api requires that the associated RVA of a FieldDef which is used to create a span must be naturally aligned over the data type that `CreateSpan` is instantiated over. There are 2 major concerns.