Issue
Consider the following code:
struct A {
virtual A& operator+=(const A& other) noexcept = 0;
};
void foo_inner(int *p) noexcept { *p += *p; }
void foo_virtual_inner(A *p) noexcept { *p += *p; }
void foo(int *p) noexcept
{
return foo_inner(p);
}
struct Aint : public A {
int i;
A& operator+=(const A& other) noexcept override final
{
// No devirtualization of foo_virtual with:
i += dynamic_cast<const Aint&>(other).i;
// ... nor with:
// i += reinterpret_cast<const Aint&>(other).i;
return *this;
}
};
void foo_virtual(Aint *p) noexcept
{
return foo_virtual_inner(p);
}
As far as I can tell, both foo()
and foo_virtual()
should compile to the same object code. The compiler has all the information it needs to de-virtualize the call to operator+=
in foo_virtual_inner()
, when it's called from foo_virtual
. But - neither GCC 8.3, nor MSVC 19.10, nor clang 8 do this. Naturally I used the maximum optimization flag (-O3
or /Ox
).
Why? Is this a bug, or am I missing something?
clang 8 output:
foo(int*): # @foo(int*)
shl dword ptr [rdi]
ret
foo_virtual(Aint*): # @foo_virtual(Aint*)
mov rax, qword ptr [rdi]
mov rax, qword ptr [rax]
mov rsi, rdi
jmp rax # TAILCALL
GCC 8.3 output:
foo(int*):
sal DWORD PTR [rdi]
ret
foo_virtual(Aint*):
mov rax, QWORD PTR [rdi]
mov rax, QWORD PTR [rax]
cmp rax, OFFSET FLAT:Aint::operator+=(A const&)
jne .L19
push rbx
xor ecx, ecx
mov edx, OFFSET FLAT:typeinfo for Aint
mov esi, OFFSET FLAT:typeinfo for A
mov rbx, rdi
call __dynamic_cast
test rax, rax
je .L20
mov eax, DWORD PTR [rax+8]
add DWORD PTR [rbx+8], eax
pop rbx
ret
.L19:
mov rsi, rdi
jmp rax
foo_virtual(Aint*) [clone .cold.1]:
.L20:
call __cxa_bad_cast
MSVC 19.10 output:
p$ = 8
void foo(int * __ptr64) PROC ; foo
mov eax, DWORD PTR [rcx]
add eax, eax
mov DWORD PTR [rcx], eax
ret 0
void foo(int * __ptr64) ENDP ; foo
p$ = 8
void foo_virtual(Aint * __ptr64) PROC ; foo_virtual
mov rax, QWORD PTR [rcx]
mov rdx, rcx
rex_jmp QWORD PTR [rax]
void foo_virtual(Aint * __ptr64) ENDP
PS - What's the explanation for all of that typeinfo business in the compiled code under GCC?
Solution
GCC guesses that Aint *p points to instance of Aint *p (but does not think this is guaranteed to happen) and therefore it devirtualises speculatively the call to operator+= and the typeinfo checking is an inlined copy of it. -fno-devirtualize-speculatively leads to same code as Clang and MSVC produces.
_Z11foo_virtualP4Aint:
.LFB4:
.cfi_startproc
movq (%rdi), %rax
movq %rdi, %rsi
movq (%rax), %rax
jmp *%rax
Answered By - Jan Hubička Answer Checked By - Timothy Miller (WPSolving Admin)