When can the C++ compiler devirtualize a call?

Posted by lionkor 1 day ago

When can the C++ compiler devirtualize a call?(quuxplusone.github.io)

54 points | 21 comments

dkersten 54 minutes ago|

I’ve been programming C++ on and off for over 20 years and have had my moments where I’ve checked on godbolt to make sure classes got devirtualised.

This year, I’ve finally taken the plunge to properly learn Rust (I’ve used it for little things over the years, but never for anything particularly extensive) and one thing that jumped out at me is that you don’t need to think about it, because Rust makes it explicit: everything is statically known unless you explicitly ask for it to be virtual.

It’s was a little annoying at first because some things don’t just work automatically, but once I got used to it, it was wonderful to never have to think about when the compiler might do something. You also don’t need dynamism most of the time.

I still like tinkering in C++, but I probably wouldn’t choose it for a serious project anymore.

nly 14 minutes ago|

> everything is statically known unless you explicitly ask for it to be virtual.

This is true in C++ also...

zabzonk 16 minutes ago||

Maybe just me, but doesn't most C++ code being written today not use inheritance very much, and so make virtual dispatch moot?

gue-ni 6 minutes ago||

I think this is unfortunately wishful thinking, a lot of code is still written with traditional inheritance. It just makes unit testing with mocks much easier.

nly 15 minutes ago||

It's still the most convenient way to implement type erasure, so no.

fibonacci112358 4 hours ago||

MSVC (Microsoft's C++ compiler) had an pretty advanced inter-procedural (LTO) way of doing devirtualization, but it was so buggy and slow that it eventually got disabled. It was trying to prove that a pointer can only target a certain class all the time (or maybe a couple), but things get really messy with typical C/C++ code and even worse once you have DLLs which may inject new derived classes.

Panzerschrek 2 hours ago||

Conclusion: devirtualization optimization is so fragile, so that it's better to avoid using virtual calls in performance-critical code to be sure, that no virtual call happens.

nly 11 minutes ago||

The big problem with virtual calls is it hinders inlining, but if you design your API correctly that can usually be optimised away by design (put loops inside the call, don't call inside a loop)

Panzerschrek 2 minutes ago||

Putting loops inside virtual functions can't work in any cases. Like when a heterogenous collection is iterated and a virtual call is performed for each object.

In such cases I prefer using std::variant instead of inheritance, but this works only if all possible types are known ahead of time.

unnah 1 hour ago||

It's the same problem with autovectorization. Often the only way to tell whether a compiler optimization is successful is to check the produced assembly or benchmark the code.

It seems that for devirtualization GCC has a warning option -Wsuggest-final-types which is supposed to tell when devirtualization fails in link-time optimization. Not sure how reliable that is, or whether it will produce gobs of unhelpful warnings. Maybe it could be combined with some kind of hint that we want this particular call to be devirtualized, and don't care about calls without the hint.

stevefan1999 4 hours ago||

I also wonder what about devirtualization of dyn traits in Rust. Sure, impl traits like foo<T: AsRef>(bar: T) or foo(bar: impl AsRef) is for sure devirtualized, but foo(bar: &dyn AsRef) or most likely foo(bar: Box<dyn AsRef>), far as I remember, isn't always devirtualized. Sometimes it does, sometimes it doesn't. I wonder if it is MIR that did it, or just completely handed off to LLVM for detection.

IshKebab 1 hour ago|

Dynamic dispatch seems to be way less popular in Rust than C++. Presumably because it has worse ergonomics (you have to add `Box` everywhere) whereas in C++ the opposite is true (you have to deal with templates).

stevefan1999 41 minutes ago||

No. You don't have to add Box everywhere. You do need dynamic storage that is not guaranteed to be known in compile time. Box is just one of them, you can also use "thin box" or "stacked box" or a good ol' "&mut dyn T" would also do great. It basically means a construct of this object with this trait and solved on dynamic dispatch. In C++ that is virtual/pure virtual function.

terrelln 2 hours ago||

I ran into a fun crash a year or so ago in the interaction of clang’s profile guided speculative devirtualization and identical code folding (ICF) done by BOLT on the binary.

Clang relied on checking the address of a function pointer in the vtable to validate the class was the type it expected, but it wasn’t necessarily the function that is currently being called. But due to ICF two different subclasses with two different functions shared the same address, so the code made incorrect assumptions about the type. Then it promptly segfaulted.

lowbloodsugar 5 hours ago||

For comparison, Java will devirtualize calls if the call site typically calls only a single type. To the extent that writing a byte to a ByteBuffer, which looks like five or six virtual calls if you follow the java source code, actually ends up being a single assembly store instruction.

nnevatie 4 hours ago||

> final method

A pedantic Pete would mention C++ has member functions.

harry8 2 hours ago|

Would Pete get made fun of if he couldn't explain the difference between a member function and a method and why this distinction matters in C++ more than using the term understood everywhere else?

Go Pete!

5d41402abc4b 1 minute ago||

Whats the difference between a member function and a method?

akoboldfrying 5 hours ago||

Nice post, I had never thought about those tricky ways of proving leafness outside of the obvious "final".

Re "When we know the dynamic type", I made a similar assertion on HN years ago, and of course it turned out that there's a weird wrinkle:

If the code in your snippet is expanded to:

    Derived d;
    Base *p = &d;
    any_external_func(); // Added
    p->f();

where any_external_func() is defined in some other translation unit (and, I'm now fairly sure, Derived's ctor is also defined in another translation unit, or it transitively calls something that is), this would seem not to affect anything -- but in fact the compiler must not assume that p's dynamic type is still Derived by the final line. Why? Because the following insane sequence of events might have happened:

1. d's ctor registers its this pointer in some global table.

2. Using this table, any_external_func() calls d's dtor and then overwrites it in place with a fresh instance of Base using placement new, which replaces everything, including its vtable, meaning that p->f() should call Base's version, not Derived's.

(It might be UB to call placement new on static or automatic storage holding an in-lifetime object, I don't know. If so, the above construction is moot -- but the closely analogous situation where we instead dynamically allocate dp = new Derived() still goes through, and is nearly as surprising.)

jart 2 hours ago|

The compiler is still able to devirtualize and inline the p->f() call, even with an external linkage call preceding it. https://clang.godbolt.org/z/jE3o56ozz

Miagg 1 day ago|

[flagged]

a_t48 6 hours ago|

What's this a quote from?