On Fri, 2026-06-19 at 09:21 +0200, Nam Cao wrote:
> CLOCK_REALTIME is the only clock that often is misused in real-time
> applications. The other clocks either are safe for real-time uses
> (CLOCK_TAI, CLOCK_MONOTONIC, CLOCK_BOOTTIME) or are unlikely to be misused
> (CLOCK_AUX, CLOCK_PROCESS_CPUTIME_ID).
> 
> Update the monitor to only warn about CLOCK_REALTIME.
> 
> While at it, update the out-of-sync documentation.
> 
> Signed-off-by: Nam Cao <[email protected]>

Looks good, thanks.

Reviewed-by: Gabriele Monaco <[email protected]>

> ---
>  Documentation/trace/rv/monitor_rtapp.rst  | 17 +++++---
>  kernel/trace/rv/monitors/sleep/sleep.c    | 12 ++----
>  kernel/trace/rv/monitors/sleep/sleep.h    | 52 +++++++++++------------
>  tools/verification/models/rtapp/sleep.ltl |  2 +-
>  4 files changed, 39 insertions(+), 44 deletions(-)
> 
> diff --git a/Documentation/trace/rv/monitor_rtapp.rst
> b/Documentation/trace/rv/monitor_rtapp.rst
> index 01656bf7080a..570be67a8f3b 100644
> --- a/Documentation/trace/rv/monitor_rtapp.rst
> +++ b/Documentation/trace/rv/monitor_rtapp.rst
> @@ -51,12 +51,13 @@ The `sleep` monitor reports real-time threads sleeping in
> a manner that may
>  cause undesirable latency. Real-time applications should only put a real-time
>  thread to sleep for one of the following reasons:
>  
> -  - Cyclic work: real-time thread sleeps waiting for the next cycle. For this
> -    case, only the `clock_nanosleep` syscall should be used with
> `TIMER_ABSTIME`
> -    (to avoid time drift) and `CLOCK_MONOTONIC` (to avoid the clock being
> -    changed). No other method is safe for real-time. For example, threads
> -    waiting for timerfd can be woken by softirq which provides no real-time
> -    guarantee.
> +  - Cyclic work: real-time thread sleeps waiting for the next
> +    cycle. For this case, only the `clock_nanosleep` syscall should be
> +    used with `TIMER_ABSTIME` (to avoid time drift). Additionally,
> +    `CLOCK_REALTIME` should not be used (to avoid the clock being
> +    changed). No other method is safe for real-time. For example,
> +    threads waiting for timerfd can be woken by softirq which provides
> +    no real-time guarantee.
>    - Real-time thread waiting for something to happen (e.g. another thread
>      releasing shared resources, or a completion signal from another thread).
> In
>      this case, only futexes (FUTEX_LOCK_PI, FUTEX_LOCK_PI2 or one of
> @@ -99,14 +100,16 @@ The monitor's specification is::
>  
>    RT_VALID_SLEEP_REASON = FUTEX_WAIT
>                         or RT_FRIENDLY_NANOSLEEP
> +                       or EPOLL_WAIT
>  
>    RT_FRIENDLY_NANOSLEEP = CLOCK_NANOSLEEP
>                        and NANOSLEEP_TIMER_ABSTIME
> -                      and NANOSLEEP_CLOCK_MONOTONIC
> +                      and not NANOSLEEP_CLOCK_REALTIME
>  
>    RT_FRIENDLY_WAKE = WOKEN_BY_EQUAL_OR_HIGHER_PRIO
>                    or WOKEN_BY_HARDIRQ
>                    or WOKEN_BY_NMI
> +                  or ABORT_SLEEP
>                    or KTHREAD_SHOULD_STOP
>  
>    ALLOWLIST = BLOCK_ON_RT_MUTEX
> diff --git a/kernel/trace/rv/monitors/sleep/sleep.c
> b/kernel/trace/rv/monitors/sleep/sleep.c
> index d6b677fab8f8..638be7d8747f 100644
> --- a/kernel/trace/rv/monitors/sleep/sleep.c
> +++ b/kernel/trace/rv/monitors/sleep/sleep.c
> @@ -44,8 +44,7 @@ static void ltl_atoms_init(struct task_struct *task, struct
> ltl_monitor *mon, bo
>  
>       if (task_creation) {
>               ltl_atom_set(mon, LTL_KTHREAD_SHOULD_STOP, false);
> -             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, false);
> -             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, false);
> +             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, false);
>               ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, false);
>               ltl_atom_set(mon, LTL_CLOCK_NANOSLEEP, false);
>               ltl_atom_set(mon, LTL_FUTEX_WAIT, false);
> @@ -60,8 +59,7 @@ static void ltl_atoms_init(struct task_struct *task, struct
> ltl_monitor *mon, bo
>               /* kernel tasks do not do syscall */
>               ltl_atom_set(mon, LTL_FUTEX_WAIT, false);
>               ltl_atom_set(mon, LTL_FUTEX_LOCK_PI, false);
> -             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, false);
> -             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, false);
> +             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, false);
>               ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, false);
>               ltl_atom_set(mon, LTL_CLOCK_NANOSLEEP, false);
>               ltl_atom_set(mon, LTL_EPOLL_WAIT, false);
> @@ -136,8 +134,7 @@ static void handle_sys_enter(void *data, struct pt_regs
> *regs, long id)
>       case __NR_clock_nanosleep_time64:
>  #endif
>               syscall_get_arguments(current, regs, args);
> -             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, args[0] ==
> CLOCK_MONOTONIC);
> -             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, args[0] ==
> CLOCK_TAI);
> +             ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, args[0] ==
> CLOCK_REALTIME);
>               ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, args[1] ==
> TIMER_ABSTIME);
>               ltl_atom_update(current, LTL_CLOCK_NANOSLEEP, true);
>               break;
> @@ -178,8 +175,7 @@ static void handle_sys_exit(void *data, struct pt_regs
> *regs, long ret)
>  
>       ltl_atom_set(mon, LTL_FUTEX_LOCK_PI, false);
>       ltl_atom_set(mon, LTL_FUTEX_WAIT, false);
> -     ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_MONOTONIC, false);
> -     ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_TAI, false);
> +     ltl_atom_set(mon, LTL_NANOSLEEP_CLOCK_REALTIME, false);
>       ltl_atom_set(mon, LTL_NANOSLEEP_TIMER_ABSTIME, false);
>       ltl_atom_set(mon, LTL_EPOLL_WAIT, false);
>       ltl_atom_update(current, LTL_CLOCK_NANOSLEEP, false);
> diff --git a/kernel/trace/rv/monitors/sleep/sleep.h
> b/kernel/trace/rv/monitors/sleep/sleep.h
> index 403dc2852c52..2fe2ec7edae8 100644
> --- a/kernel/trace/rv/monitors/sleep/sleep.h
> +++ b/kernel/trace/rv/monitors/sleep/sleep.h
> @@ -20,8 +20,7 @@ enum ltl_atom {
>       LTL_FUTEX_WAIT,
>       LTL_KERNEL_THREAD,
>       LTL_KTHREAD_SHOULD_STOP,
> -     LTL_NANOSLEEP_CLOCK_MONOTONIC,
> -     LTL_NANOSLEEP_CLOCK_TAI,
> +     LTL_NANOSLEEP_CLOCK_REALTIME,
>       LTL_NANOSLEEP_TIMER_ABSTIME,
>       LTL_RT,
>       LTL_SCHEDULE_IN,
> @@ -46,8 +45,7 @@ static const char *ltl_atom_str(enum ltl_atom atom)
>               "fu_wa",
>               "ker_th",
>               "kth_sh_st",
> -             "na_cl_mo",
> -             "na_cl_ta",
> +             "na_cl_re",
>               "na_ti_ab",
>               "rt",
>               "sch_in",
> @@ -87,8 +85,7 @@ static void ltl_start(struct task_struct *task, struct
> ltl_monitor *mon)
>       bool schedule_in = test_bit(LTL_SCHEDULE_IN, mon->atoms);
>       bool rt = test_bit(LTL_RT, mon->atoms);
>       bool nanosleep_timer_abstime = test_bit(LTL_NANOSLEEP_TIMER_ABSTIME,
> mon->atoms);
> -     bool nanosleep_clock_tai = test_bit(LTL_NANOSLEEP_CLOCK_TAI, mon-
> >atoms);
> -     bool nanosleep_clock_monotonic =
> test_bit(LTL_NANOSLEEP_CLOCK_MONOTONIC, mon->atoms);
> +     bool nanosleep_clock_realtime =
> test_bit(LTL_NANOSLEEP_CLOCK_REALTIME, mon->atoms);
>       bool kthread_should_stop = test_bit(LTL_KTHREAD_SHOULD_STOP, mon-
> >atoms);
>       bool kernel_thread = test_bit(LTL_KERNEL_THREAD, mon->atoms);
>       bool futex_wait = test_bit(LTL_FUTEX_WAIT, mon->atoms);
> @@ -97,17 +94,17 @@ static void ltl_start(struct task_struct *task, struct
> ltl_monitor *mon)
>       bool clock_nanosleep = test_bit(LTL_CLOCK_NANOSLEEP, mon->atoms);
>       bool block_on_rt_mutex = test_bit(LTL_BLOCK_ON_RT_MUTEX, mon->atoms);
>       bool abort_sleep = test_bit(LTL_ABORT_SLEEP, mon->atoms);
> -     bool val42 = task_is_rcu || task_is_migration;
> -     bool val43 = futex_lock_pi || val42;
> -     bool val5 = block_on_rt_mutex || val43;
> -     bool val34 = abort_sleep || kthread_should_stop;
> -     bool val35 = woken_by_nmi || val34;
> -     bool val36 = woken_by_hardirq || val35;
> -     bool val14 = woken_by_equal_or_higher_prio || val36;
> +     bool val41 = task_is_rcu || task_is_migration;
> +     bool val42 = futex_lock_pi || val41;
> +     bool val5 = block_on_rt_mutex || val42;
> +     bool val33 = abort_sleep || kthread_should_stop;
> +     bool val34 = woken_by_nmi || val33;
> +     bool val35 = woken_by_hardirq || val34;
> +     bool val14 = woken_by_equal_or_higher_prio || val35;
>       bool val13 = !schedule_in;
> -     bool val26 = nanosleep_clock_monotonic || nanosleep_clock_tai;
> -     bool val27 = nanosleep_timer_abstime && val26;
> -     bool val18 = clock_nanosleep && val27;
> +     bool val25 = !nanosleep_clock_realtime;
> +     bool val26 = nanosleep_timer_abstime && val25;
> +     bool val18 = clock_nanosleep && val26;
>       bool val20 = val18 || epoll_wait;
>       bool val9 = futex_wait || val20;
>       bool val11 = val9 || kernel_thread;
> @@ -138,8 +135,7 @@ ltl_possible_next_states(struct ltl_monitor *mon, unsigned
> int state, unsigned l
>       bool schedule_in = test_bit(LTL_SCHEDULE_IN, mon->atoms);
>       bool rt = test_bit(LTL_RT, mon->atoms);
>       bool nanosleep_timer_abstime = test_bit(LTL_NANOSLEEP_TIMER_ABSTIME,
> mon->atoms);
> -     bool nanosleep_clock_tai = test_bit(LTL_NANOSLEEP_CLOCK_TAI, mon-
> >atoms);
> -     bool nanosleep_clock_monotonic =
> test_bit(LTL_NANOSLEEP_CLOCK_MONOTONIC, mon->atoms);
> +     bool nanosleep_clock_realtime =
> test_bit(LTL_NANOSLEEP_CLOCK_REALTIME, mon->atoms);
>       bool kthread_should_stop = test_bit(LTL_KTHREAD_SHOULD_STOP, mon-
> >atoms);
>       bool kernel_thread = test_bit(LTL_KERNEL_THREAD, mon->atoms);
>       bool futex_wait = test_bit(LTL_FUTEX_WAIT, mon->atoms);
> @@ -148,17 +144,17 @@ ltl_possible_next_states(struct ltl_monitor *mon,
> unsigned int state, unsigned l
>       bool clock_nanosleep = test_bit(LTL_CLOCK_NANOSLEEP, mon->atoms);
>       bool block_on_rt_mutex = test_bit(LTL_BLOCK_ON_RT_MUTEX, mon->atoms);
>       bool abort_sleep = test_bit(LTL_ABORT_SLEEP, mon->atoms);
> -     bool val42 = task_is_rcu || task_is_migration;
> -     bool val43 = futex_lock_pi || val42;
> -     bool val5 = block_on_rt_mutex || val43;
> -     bool val34 = abort_sleep || kthread_should_stop;
> -     bool val35 = woken_by_nmi || val34;
> -     bool val36 = woken_by_hardirq || val35;
> -     bool val14 = woken_by_equal_or_higher_prio || val36;
> +     bool val41 = task_is_rcu || task_is_migration;
> +     bool val42 = futex_lock_pi || val41;
> +     bool val5 = block_on_rt_mutex || val42;
> +     bool val33 = abort_sleep || kthread_should_stop;
> +     bool val34 = woken_by_nmi || val33;
> +     bool val35 = woken_by_hardirq || val34;
> +     bool val14 = woken_by_equal_or_higher_prio || val35;
>       bool val13 = !schedule_in;
> -     bool val26 = nanosleep_clock_monotonic || nanosleep_clock_tai;
> -     bool val27 = nanosleep_timer_abstime && val26;
> -     bool val18 = clock_nanosleep && val27;
> +     bool val25 = !nanosleep_clock_realtime;
> +     bool val26 = nanosleep_timer_abstime && val25;
> +     bool val18 = clock_nanosleep && val26;
>       bool val20 = val18 || epoll_wait;
>       bool val9 = futex_wait || val20;
>       bool val11 = val9 || kernel_thread;
> diff --git a/tools/verification/models/rtapp/sleep.ltl
> b/tools/verification/models/rtapp/sleep.ltl
> index 464c84b9df87..5923e58d7810 100644
> --- a/tools/verification/models/rtapp/sleep.ltl
> +++ b/tools/verification/models/rtapp/sleep.ltl
> @@ -9,7 +9,7 @@ RT_VALID_SLEEP_REASON = FUTEX_WAIT
>  
>  RT_FRIENDLY_NANOSLEEP = CLOCK_NANOSLEEP
>                      and NANOSLEEP_TIMER_ABSTIME
> -                    and (NANOSLEEP_CLOCK_MONOTONIC or NANOSLEEP_CLOCK_TAI)
> +                    and not NANOSLEEP_CLOCK_REALTIME
>  
>  RT_FRIENDLY_WAKE = WOKEN_BY_EQUAL_OR_HIGHER_PRIO
>                  or WOKEN_BY_HARDIRQ


Reply via email to