Fun with uninitialized variables and compiler (GCC)

Question

The section §3.9.1/6 from the C++ Standard says,

Values of type bool are either true or false.

Now con

Answer 1

Just today I came across a version of this bug. I offer my experience here in case it's enlightening to anyone else.

I had some code which boiled down to

if(!(a == b && c.d())) { do_something(); }

The bug I was chasing was that do_something() was happening, wrongly. Yet a was definitely equal to b and c.d() was, it seemed, returning true.

As I was tracking this down, I temporarily added these test printouts:

if(  a == b && c.d() ) printf("yes\n"; else printf("no\n");
if(!(a == b && c.d())) printf("noo\n"; else printf("yess\n");

To my surprise this printed yes and noo, which confirmed both why do_something was happening, and that something very strange was going on.

It turned out that method d() was something like

bool whatever::d() {
    return _successful;
}

But _successful was uninitialized. When I printed out its value, it was 236, which is why earlier I had said "c.d() was, it seemed, returning true."

I didn't inspect the assembly code, but I'm guessing that under some circumstances, gcc was testing whether it was nonzero or not, but under others, it was just testing the low-order bit.

Properly initializing _successful made the bug go away. (It had been uninitialized for ten years, since an earlier programmer first wrote method d(). Yet the bug hadn't manifested until a few months ago. This is why, sometimes, Software Is Hard.)

Answer 2

I'm just curious to know why this sudden change in the behavior of uninitialized bool?

Disassemble the code and see what the compiler’s doing.

My guess: since the value is now only used locally, the compiler optimizes it away completely. Since the behaviour is undefined anyway, the compiler can safely just assume any value, e.g. false. This is a pretty obvious optimization since the value of b is constant as far as the compiler is concerned, and the whole logic of the switch is redundant. So why put it in the executable?

(The important point here is really that b is only ever used locally in the second code, and that in turn will trigger more optimizations even in unoptimized code. The first code has to be inlined before the compiler can do any such optimizations, or the code paths have to be traced which isn’t trivial).