<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - rodata size bloat with file names when using -fsanitize=function with -fsanitize=address"

   href="https://bugs.llvm.org/show_bug.cgi?id=39347">39347</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>rodata size bloat with file names when using -fsanitize=function with -fsanitize=address

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>LLVM Codegen

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>sugak@fb.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>I noticed a significant bloat of .rodata section when using both

-fsanitize=function and -fsanitize=address. Inspecting the section showed that

it's significant part are strings with file names. 

I tried to use `-fsanitize-undefined-strip-path-components=-1`, but it happens

to not work with this ubsan check, and the full string names still make it into

the binary.

The repro:

```

# verify file name is not in the rodata 

% cat main.cpp

int main() {return 0;}

% clang++ -fsanitize=function $(realpath main.cpp)

% readelf -p .rodata a.out | grep main.cpp

[Exit 1] # no match

# now enable ASAN

% clang++ -fsanitize=function -fsanitize=address $(realpath main.cpp)

% readelf -p .rodata a.out | grep main.cpp

[ 17680]  /very/long/path/main.cpp

# now use -fsanitize-undefined-strip-path-components=-1

% clang++ -fsanitize=function -fsanitize=address

-fsanitize-undefined-strip-path-components=-1 $(realpath main.cpp)

% readelf -p .rodata a.out | grep main.cpp

[ 17680]  /very/long/path/main.cpp # it didn't help

```

I've also verified that the file name is not emitted to rodata when only ASAN

is used. And `-fsanitize-undefined-strip-path-components=-1` works for the

other UBSAN checks that I've used.

I was able to narrow the problem down to this block

<a href="https://github.com/llvm-mirror/clang/blob/ebb3b3ca30bc377eeebfac5e56b940f9a22b5b64/lib/CodeGen/CGExpr.cpp#L4616">https://github.com/llvm-mirror/clang/blob/ebb3b3ca30bc377eeebfac5e56b940f9a22b5b64/lib/CodeGen/CGExpr.cpp#L4616</a>

Looks like -fsanize=function emits a global variable with a file name and then

ASAN instruments it. Not sure why the filename doesn't make it to the resulting

binary when ASAN is disabled.

I don't completely understand the consequences of the above-mentioned block,

but commenting it out and then rebuilding some of our binary reduses the bloat

by ~30%!</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>