Introduction
At last year’s Audio Developer Conference, RealtimeSanitizer, a tool for detecting function calls that are unsafe in a realtime context, was presented. RTSan is now being upstreamed to LLVM 20 and will be presented at cppcon this Monday.
Motivation
Outside audio, Julia is already being used in some realtime applications. However, there are currently no runtime or compile-time checks to mark a function realtime-safe. Some related tooling (e.g. AllocCheck.jl) exists.
Feasibility
Although implemented for C++, RTSan is designed with future use in other LLVM-based languages in mind. The language front-end only has to add a single attribute to the LLVM intermediate representation (IR), and activate the RealtimeSanitizer “optimization” where sanitization is desired. The authors have indicated that they are willing to help implement this in other languages, but cannot commit to the resulting maintenance.
4 Likes
From the ADC conference and RealtimeSanitizer — Clang 20.0.0git documentation RTSan works by intercepting call to C/C++ functions malloc
, pthread_mutex_lock
at runtime instead of compile time. I think the reason is that they want to detect realtime violations in closed-source precompiled library: https://youtu.be/P8rDWmmMmlg?si=HyL5VPZbcUFE2uUz&t=1161
In Julia we can do better, as we have access to LLVM IR of most(?) of the functions, so we can analyze it and detect call to realtime-unsafe functions at compile time. This is how AllocCheck.jl works. We can even detect inlined system calls.
My feeling is that AllocCheck.jl is our RTSan, we need to blacklist more functions in AllocCheck.jl/src/classify.jl at main · JuliaLang/AllocCheck.jl · GitHub . For example AllocCheck.jl/src/classify.jl at 481adc452f966a8f13c4f12e1607b33654fcbee8 · JuliaLang/AllocCheck.jl · GitHub says that gc_collect
is a ‘safe’ non-allocating function, which might be true, but garbage collection is definitely not realtime safe
3 Likes
Yes, RTSan works for opaque binaries created with C/C++ (or any other “extern C” languages). Since Julia is a general-purpose language, this is a supported workflow.
Therefore, I don’t see RTSan as a replacement for AllocCheck.jl, but rather complementary functionality.
Update from this year’s ADC presentation: in addition to the runtime checks, Clang now has complementary compile-time checks that work with function annotations:
2 Likes
I’d like to stress once again that the LLVM tooling is not only for runtime checks. A comparison between the 2 methods:
1 Like