On Fri, 2026-06-19 at 09:21 +0200, Nam Cao wrote: > CLOCK_REALTIME is the only clock that often is misused in real-time > applications. The other clocks either are safe for real-time uses > (CLOCK_TAI, CLOCK_MONOTONIC, CLOCK_BOOTTIME) or are unlikely to be misused > (CLOCK_AUX, CLOCK_PROCESS_CPUTIME_ID). > > Update the monitor to only warn about CLOCK_REALTIME. > > While at it, update the out-of-sync documentation. > > Signed-off-by: Nam Cao <[email protected]>
Looks good, thanks. Reviewed-by: Gabriele Monaco <[email protected]> > --- > Documentation/trace/rv/monitor_rtapp.rst | 17 +++++--- > kernel/trace/rv/monitors/sleep/sleep.c | 12 ++---- > kernel/trace/rv/monitors/sleep/sleep.h | 52 +++++++++++------------ > tools/verification/models/rtapp/sleep.ltl | 2 +- > 4 files changed, 39 insertions(+), 44 deletions(-) > > diff --git a/Documentation/trace/rv/monitor_rtapp.rst > b/Documentation/trace/rv/monitor_rtapp.rst > index 01656bf7080a..570be67a8f3b 100644 > --- a/Documentation/trace/rv/monitor_rtapp.rst > +++ b/Documentation/trace/rv/monitor_rtapp.rst > @@ -51,12 +51,13 @@ The `sleep` monitor reports real-time threads sleeping in > a manner that may > cause undesirable latency. Real-time applications should only put a real-time > thread to sleep for one of the following reasons: > > - - Cyclic work: real-time thread sleeps waiting for the next cycle. For this > - case, only the `clock_nanosleep` syscall should be used with > `TIMER_ABSTIME` > - (to avoid time drift) and `CLOCK_MONOTONIC` (to avoid the clock being > - changed). No other method is safe for real-time. For example, threads > - waiting for timerfd can be woken by softirq which provides no real-time > - guarantee. > + - Cyclic work: real-time thread sleeps waiting for the next > + cycle. For this case, only the `clock_nanosleep` syscall should be > + used with `TIMER_ABSTIME` (to avoid time drift). Additionally, > + `CLOCK_REALTIME` should not be used (to avoid the clock being > + changed). No other method is safe for real-time. For example, > + threads waiting for timerfd can be woken by softirq which provides > + no real-time guarantee. > - Real-time thread waiting for something to happen (e.g. another thread > releasing shared resources, or a completion signal from another thread). > In > this case, only futexes (FUTEX_LOCK_PI, FUTEX_LOCK_PI2 or one of > @@ -99,14 +100,16 @@ The monitor's specification is:: > > RT_VALID_SLEEP_REASON = FUTEX_WAIT > or RT_FRIENDLY_NANOSLEEP > + or EPOLL_WAIT > > RT_FRIENDLY_NANOSLEEP = CLOCK_NANOSLEEP > and NANOSLEEP_TIMER_ABSTIME > - and NANOSLEEP_CLOCK_MONOTONIC > + and not NANOSLEEP_CLOCK_REALTIME > > RT_FRIENDLY_WAKE = WOKEN_BY_EQUAL_OR_HIGHER_PRIO > or WOKEN_BY_HARDIRQ > or WOKEN_BY_NMI > + or ABORT_SLEEP > or KTHREAD_SHOULD_STOP > > ALLOWLIST = BLOCK_ON_RT_MUTEX > diff --git a/kernel/trace/rv/monitors/sleep/sleep.c > b/kernel/trace/rv/monitors/sleep/sleep.c > index d6b677fab8f8..638be7d8747f 100644 > --- a/kernel/trace/rv/monitors/sleep/sleep.c > +++ b/kernel/trace/rv/monitors/sleep/sleep.c > @@ -44,8 +44,7 @@ static void ltl_atoms_init(struct task_struct *task, struct > ltl_monitor *mon, bo > > if (task_creation) { > ltl_atom_set(mon, LTL_KTHREAD_SHOULD_STOP, false); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, false); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, false); > + ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, false); > ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, false); > ltl_atom_set(mon, LTL_CLOCK_NANOSLEEP, false); > ltl_atom_set(mon, LTL_FUTEX_WAIT, false); > @@ -60,8 +59,7 @@ static void ltl_atoms_init(struct task_struct *task, struct > ltl_monitor *mon, bo > /* kernel tasks do not do syscall */ > ltl_atom_set(mon, LTL_FUTEX_WAIT, false); > ltl_atom_set(mon, LTL_FUTEX_LOCK_PI, false); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, false); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, false); > + ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, false); > ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, false); > ltl_atom_set(mon, LTL_CLOCK_NANOSLEEP, false); > ltl_atom_set(mon, LTL_EPOLL_WAIT, false); > @@ -136,8 +134,7 @@ static void handle_sys_enter(void *data, struct pt_regs > *regs, long id) > case __NR_clock_nanosleep_time64: > #endif > syscall_get_arguments(current, regs, args); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, args[0] == > CLOCK_MONOTONIC); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, args[0] == > CLOCK_TAI); > + ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, args[0] == > CLOCK_REALTIME); > ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, args[1] == > TIMER_ABSTIME); > ltl_atom_update(current, LTL_CLOCK_NANOSLEEP, true); > break; > @@ -178,8 +175,7 @@ static void handle_sys_exit(void *data, struct pt_regs > *regs, long ret) > > ltl_atom_set(mon, LTL_FUTEX_LOCK_PI, false); > ltl_atom_set(mon, LTL_FUTEX_WAIT, false); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, false); > - ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, false); > + ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, false); > ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, false); > ltl_atom_set(mon, LTL_EPOLL_WAIT, false); > ltl_atom_update(current, LTL_CLOCK_NANOSLEEP, false); > diff --git a/kernel/trace/rv/monitors/sleep/sleep.h > b/kernel/trace/rv/monitors/sleep/sleep.h > index 403dc2852c52..2fe2ec7edae8 100644 > --- a/kernel/trace/rv/monitors/sleep/sleep.h > +++ b/kernel/trace/rv/monitors/sleep/sleep.h > @@ -20,8 +20,7 @@ enum ltl_atom { > LTL_FUTEX_WAIT, > LTL_KERNEL_THREAD, > LTL_KTHREAD_SHOULD_STOP, > - LTL_NANOSLEEP_CLOCK_MONOTONIC, > - LTL_NANOSLEEP_CLOCK_TAI, > + LTL_NANOSLEEP_CLOCK_REALTIME, > LTL_NANOSLEEP_TIMER_ABSTIME, > LTL_RT, > LTL_SCHEDULE_IN, > @@ -46,8 +45,7 @@ static const char *ltl_atom_str(enum ltl_atom atom) > "fu_wa", > "ker_th", > "kth_sh_st", > - "na_cl_mo", > - "na_cl_ta", > + "na_cl_re", > "na_ti_ab", > "rt", > "sch_in", > @@ -87,8 +85,7 @@ static void ltl_start(struct task_struct *task, struct > ltl_monitor *mon) > bool schedule_in = test_bit(LTL_SCHEDULE_IN, mon->atoms); > bool rt = test_bit(LTL_RT, mon->atoms); > bool nanosleep_timer_abstime = test_bit(LTL_NANOSLEEP_TIMER_ABSTIME, > mon->atoms); > - bool nanosleep_clock_tai = test_bit(LTL_NANOSLEEP_CLOCK_TAI, mon- > >atoms); > - bool nanosleep_clock_monotonic = > test_bit(LTL_NANOSLEEP_CLOCK_MONOTONIC, mon->atoms); > + bool nanosleep_clock_realtime = > test_bit(LTL_NANOSLEEP_CLOCK_REALTIME, mon->atoms); > bool kthread_should_stop = test_bit(LTL_KTHREAD_SHOULD_STOP, mon- > >atoms); > bool kernel_thread = test_bit(LTL_KERNEL_THREAD, mon->atoms); > bool futex_wait = test_bit(LTL_FUTEX_WAIT, mon->atoms); > @@ -97,17 +94,17 @@ static void ltl_start(struct task_struct *task, struct > ltl_monitor *mon) > bool clock_nanosleep = test_bit(LTL_CLOCK_NANOSLEEP, mon->atoms); > bool block_on_rt_mutex = test_bit(LTL_BLOCK_ON_RT_MUTEX, mon->atoms); > bool abort_sleep = test_bit(LTL_ABORT_SLEEP, mon->atoms); > - bool val42 = task_is_rcu || task_is_migration; > - bool val43 = futex_lock_pi || val42; > - bool val5 = block_on_rt_mutex || val43; > - bool val34 = abort_sleep || kthread_should_stop; > - bool val35 = woken_by_nmi || val34; > - bool val36 = woken_by_hardirq || val35; > - bool val14 = woken_by_equal_or_higher_prio || val36; > + bool val41 = task_is_rcu || task_is_migration; > + bool val42 = futex_lock_pi || val41; > + bool val5 = block_on_rt_mutex || val42; > + bool val33 = abort_sleep || kthread_should_stop; > + bool val34 = woken_by_nmi || val33; > + bool val35 = woken_by_hardirq || val34; > + bool val14 = woken_by_equal_or_higher_prio || val35; > bool val13 = !schedule_in; > - bool val26 = nanosleep_clock_monotonic || nanosleep_clock_tai; > - bool val27 = nanosleep_timer_abstime && val26; > - bool val18 = clock_nanosleep && val27; > + bool val25 = !nanosleep_clock_realtime; > + bool val26 = nanosleep_timer_abstime && val25; > + bool val18 = clock_nanosleep && val26; > bool val20 = val18 || epoll_wait; > bool val9 = futex_wait || val20; > bool val11 = val9 || kernel_thread; > @@ -138,8 +135,7 @@ ltl_possible_next_states(struct ltl_monitor *mon, unsigned > int state, unsigned l > bool schedule_in = test_bit(LTL_SCHEDULE_IN, mon->atoms); > bool rt = test_bit(LTL_RT, mon->atoms); > bool nanosleep_timer_abstime = test_bit(LTL_NANOSLEEP_TIMER_ABSTIME, > mon->atoms); > - bool nanosleep_clock_tai = test_bit(LTL_NANOSLEEP_CLOCK_TAI, mon- > >atoms); > - bool nanosleep_clock_monotonic = > test_bit(LTL_NANOSLEEP_CLOCK_MONOTONIC, mon->atoms); > + bool nanosleep_clock_realtime = > test_bit(LTL_NANOSLEEP_CLOCK_REALTIME, mon->atoms); > bool kthread_should_stop = test_bit(LTL_KTHREAD_SHOULD_STOP, mon- > >atoms); > bool kernel_thread = test_bit(LTL_KERNEL_THREAD, mon->atoms); > bool futex_wait = test_bit(LTL_FUTEX_WAIT, mon->atoms); > @@ -148,17 +144,17 @@ ltl_possible_next_states(struct ltl_monitor *mon, > unsigned int state, unsigned l > bool clock_nanosleep = test_bit(LTL_CLOCK_NANOSLEEP, mon->atoms); > bool block_on_rt_mutex = test_bit(LTL_BLOCK_ON_RT_MUTEX, mon->atoms); > bool abort_sleep = test_bit(LTL_ABORT_SLEEP, mon->atoms); > - bool val42 = task_is_rcu || task_is_migration; > - bool val43 = futex_lock_pi || val42; > - bool val5 = block_on_rt_mutex || val43; > - bool val34 = abort_sleep || kthread_should_stop; > - bool val35 = woken_by_nmi || val34; > - bool val36 = woken_by_hardirq || val35; > - bool val14 = woken_by_equal_or_higher_prio || val36; > + bool val41 = task_is_rcu || task_is_migration; > + bool val42 = futex_lock_pi || val41; > + bool val5 = block_on_rt_mutex || val42; > + bool val33 = abort_sleep || kthread_should_stop; > + bool val34 = woken_by_nmi || val33; > + bool val35 = woken_by_hardirq || val34; > + bool val14 = woken_by_equal_or_higher_prio || val35; > bool val13 = !schedule_in; > - bool val26 = nanosleep_clock_monotonic || nanosleep_clock_tai; > - bool val27 = nanosleep_timer_abstime && val26; > - bool val18 = clock_nanosleep && val27; > + bool val25 = !nanosleep_clock_realtime; > + bool val26 = nanosleep_timer_abstime && val25; > + bool val18 = clock_nanosleep && val26; > bool val20 = val18 || epoll_wait; > bool val9 = futex_wait || val20; > bool val11 = val9 || kernel_thread; > diff --git a/tools/verification/models/rtapp/sleep.ltl > b/tools/verification/models/rtapp/sleep.ltl > index 464c84b9df87..5923e58d7810 100644 > --- a/tools/verification/models/rtapp/sleep.ltl > +++ b/tools/verification/models/rtapp/sleep.ltl > @@ -9,7 +9,7 @@ RT_VALID_SLEEP_REASON = FUTEX_WAIT > > RT_FRIENDLY_NANOSLEEP = CLOCK_NANOSLEEP > and NANOSLEEP_TIMER_ABSTIME > - and (NANOSLEEP_CLOCK_MONOTONIC or NANOSLEEP_CLOCK_TAI) > + and not NANOSLEEP_CLOCK_REALTIME > > RT_FRIENDLY_WAKE = WOKEN_BY_EQUAL_OR_HIGHER_PRIO > or WOKEN_BY_HARDIRQ
