|
| 1 | +================= |
| 2 | +RealtimeSanitizer |
| 3 | +================= |
| 4 | + |
| 5 | +.. contents:: |
| 6 | + :local: |
| 7 | + |
| 8 | +Introduction |
| 9 | +============ |
| 10 | +RealtimeSanitizer (a.k.a. RTSan) is a real-time safety testing tool for C and |
| 11 | +C++ projects. RTSan can be used to detect real-time violations,such as calls to |
| 12 | +methods that are not safe for use in functions with deterministic runtime |
| 13 | +requirements. |
| 14 | + |
| 15 | +The tool can detect the following types of real-time violations: |
| 16 | + |
| 17 | +* System calls |
| 18 | +* Allocations |
| 19 | +* Exceptions |
| 20 | + |
| 21 | +These checks are put in place when compiling with the |
| 22 | +``-fsanitize=realtime`` flag, for functions marked with |
| 23 | +``[[clang::nonblocking]]``. |
| 24 | + |
| 25 | +.. code-block:: c |
| 26 | +
|
| 27 | + void process_audio(float* buffer) [[clang::nonblocking]] { |
| 28 | + ... |
| 29 | + } |
| 30 | +
|
| 31 | +The runtime slowdown introduced by RealtimeSanitizer is trivial. Code in |
| 32 | +real-time contexts without real-time safety violations have no slowdown. |
| 33 | + |
| 34 | +How to build |
| 35 | +============ |
| 36 | + |
| 37 | +Build LLVM/Clang with `CMake <https://llvm.org/docs/CMake.html>` and enable the |
| 38 | +``compiler-rt`` runtime. An example CMake configuration that will allow for the |
| 39 | +use/testing of RealtimeSanitizer: |
| 40 | + |
| 41 | +.. code-block:: console |
| 42 | +
|
| 43 | + $ cmake -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_PROJECTS="clang" -DLLVM_ENABLE_RUNTIMES="compiler-rt" <path to source>/llvm |
| 44 | +
|
| 45 | +Usage |
| 46 | +===== |
| 47 | + |
| 48 | +There are two requirements: |
| 49 | + |
| 50 | +1. The code must be compiled with the ``-fsanitize=realtime`` flag. |
| 51 | +2. Functions that are subject to real-time constraints must be marked |
| 52 | + with the ``[[clang::nonblocking]]`` attribute. |
| 53 | + |
| 54 | +Typically, these attributes should be added onto the functions that are entry |
| 55 | +points for threads with real-time priority. These threads are subject to a fixed |
| 56 | +callback time, such as audio callback threads or rendering loops in video game |
| 57 | +code. |
| 58 | + |
| 59 | +.. code-block:: console |
| 60 | +
|
| 61 | + % cat example_realtime_violation.cpp |
| 62 | + int main() [[clang::nonblocking]] { |
| 63 | + int* p = new int; |
| 64 | + return 0; |
| 65 | + } |
| 66 | +
|
| 67 | + # Compile and link |
| 68 | + % clang -fsanitize=realtime -g example_realtime_violation.cpp |
| 69 | +
|
| 70 | +If a real-time safety violation is detected in a ``[[clang::nonblocking]]`` |
| 71 | +context, or any function invoked by that function, the program will exit with a |
| 72 | +non-zero exit code. |
| 73 | + |
| 74 | +.. code-block:: console |
| 75 | +
|
| 76 | + % clang -fsanitize=realtime -g example_realtime_violation.cpp |
| 77 | + % ./a.out |
| 78 | + Real-time violation: intercepted call to real-time unsafe function `malloc` in real-time context! Stack trace: |
| 79 | + #0 0x00010065ad9c in __rtsan::PrintStackTrace() rtsan_stack.cpp:45 |
| 80 | + #1 0x00010065abcc in __rtsan::Context::ExpectNotRealtime(char const*) rtsan_context.cpp:78 |
| 81 | + #2 0x00010065b8d0 in malloc rtsan_interceptors.cpp:289 |
| 82 | + #3 0x000195bd7bd0 in operator new(unsigned long)+0x1c (libc++abi.dylib:arm64+0x16bd0) |
| 83 | + #4 0xb338001000dbf68 (<unknown module>) |
| 84 | + #5 0x0001958960dc (<unknown module>) |
| 85 | + #6 0x45737ffffffffffc (<unknown module>) |
0 commit comments