Re: [Ntp] Leap second draft
Warner Losh <imp@bsdimp.com> Mon, 27 January 2020 18:12 UTC
Return-Path: <wlosh@bsdimp.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7974F3A0903 for <ntp@ietfa.amsl.com>; Mon, 27 Jan 2020 10:12:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bsdimp-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fyBFxlh8ORlv for <ntp@ietfa.amsl.com>; Mon, 27 Jan 2020 10:12:14 -0800 (PST)
Received: from mail-pf1-x443.google.com (mail-pf1-x443.google.com [IPv6:2607:f8b0:4864:20::443]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31BA63A092C for <ntp@ietf.org>; Mon, 27 Jan 2020 10:11:55 -0800 (PST)
Received: by mail-pf1-x443.google.com with SMTP id i23so5275453pfo.2 for <ntp@ietf.org>; Mon, 27 Jan 2020 10:11:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=FbvDYhYvTjA3I7NFE3XRY4D+BeQQHybeAMvtaAV+4Bs=; b=W1AjG57Qx+gIDFbKHjn9AHKg1cEiNuS+/rDY4ZeCP5XwOxq7pGcyIISCJiEMaK5t9U x90ptvD8Rnv6p2of3Wjg9+LEimDqu17COLZ1LRIFn7wg3KkRk44XeAcAVIwy+VygmrjO noPO8seB231Ui43UWZiPnPTXIALnM/vHqeOgOYz8h8gZtjDSKVBkRSx+JJ+/0EqVfMyt lCNJ5AyIqHQaUaZCUYw0ERdBFOxv8tyW1UUr6mzk4spCjsX+INmb6lW+6l72fIrqxIRp EqnRCT09YFsu0p1DUXl2PV8sSFTNv0YnUJJfljwgOqc3FzG4lHE7pB2i2uBOrFcwxh9u SBvQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FbvDYhYvTjA3I7NFE3XRY4D+BeQQHybeAMvtaAV+4Bs=; b=dLtK3YsO/bJQA9TNbniC4VtdkCVD9V2bvK047JwGCBwntTFe/DD6GLaaTGpJzHBikw t/4uHZtxX5BgTPef5t5zOn0veRKZ2ZEGBIMsLUjvOc9OWCAh2yq3DxLbEkc0kM3MDmvv 0wvmrpPyq3mHN1HZp4lT/Z2CKXxFswuktKbY/CdpGAfUlULZoRxgybAT0OAR1xVEvXOP xZn4bjiEAOUyL/FMr06+Iix44Jr2Wc0NJ/3vaD4nMfUrTVg/VqA40j2tkIGKz9BMZbyH Sp4Bpqhb4x8Hq7/F9+Fk6A7qZnUGpWlb9nHgkuWCKiAqKJex9eQ6bp3+8+yG7bzld3E4 qOJw==
X-Gm-Message-State: APjAAAWyWXWETB+pz3QtPf5KRbqaq7v2/jOTEkik4jgpsrYMGaOkLATO dIBJkpBoDRpqHVefxHGi8KeqAynzwAoIigDAbxUOoo23
X-Google-Smtp-Source: APXvYqwwQClOUvIe3r3s4ehI47LVTNHnJ3v3b1k3CkLy1XSJbpYD7dvdJje1rVvZ2fgH5oxR2DeQ2aER6BYNMPJoKPA=
X-Received: by 2002:a05:6214:965:: with SMTP id do5mr17228449qvb.202.1580141984741; Mon, 27 Jan 2020 08:19:44 -0800 (PST)
MIME-Version: 1.0
References: <CAJm83bD5Ozkpg5TpkogOW6xeeNQL3ZziLO9URM7haqN8Wrp=Wg@mail.gmail.com> <CACsn0cmZkRifrnbVbPw2=9ww+ttmbAGCW39LhT+jhDLLyU8e+A@mail.gmail.com> <CANCZdfo_cbo3UngOWEc4mM4_nLK=J81zSiF0shvsu5mENUGPMw@mail.gmail.com> <CANCZdfo-OW7d454Qqo9eqfOpw367A4gg4-2UJ5XdC=n0u_t+BQ@mail.gmail.com> <F7D6BF99-260C-467B-9AF7-94F1F5E2721B@frobbit.se> <CANCZdfoh0dTDLeJtJHaVtdSnpTc-jzc+nSUk2qDzrFcGr7=zfg@mail.gmail.com> <01C94076-A916-42F8-8BA7-8AE8C4AB71D2@frobbit.se> <9b5a6a5e-7727-8b5c-0e70-959e03a91561@meinberg.de> <CACsn0cmKV+y3nof7LUDZGvDKPPK6Q2sNZ1DB+a6DfPgg+XBuqw@mail.gmail.com>
In-Reply-To: <CACsn0cmKV+y3nof7LUDZGvDKPPK6Q2sNZ1DB+a6DfPgg+XBuqw@mail.gmail.com>
From: Warner Losh <imp@bsdimp.com>
Date: Mon, 27 Jan 2020 09:19:33 -0700
Message-ID: <CANCZdfqibTM32k3_9bH7njxQYBm+Z+-yKoAUB+Oo+OZMQRPLMg@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: Martin Burnicki <martin.burnicki@meinberg.de>, Patrik Fältström <paf=40frobbit.se@dmarc.ietf.org>, NTP WG <ntp@ietf.org>, Daniel Franke <dfoxfranke@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000b2108f059d217909"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/2Ou6jusuXmXc6TlMaznFw2oI598>
Subject: Re: [Ntp] Leap second draft
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Jan 2020 18:12:26 -0000
On Mon, Jan 27, 2020 at 8:56 AM Watson Ladd <watsonbladd@gmail.com> wrote: > > > On Mon, Jan 27, 2020, 12:38 AM Martin Burnicki < > martin.burnicki@meinberg.de> wrote: > >> Patrik Fältström wrote: >> > On 24 Jan 2020, at 15:12, Warner Losh wrote: >> > >> >> No. That is wrong. The numbering of the leap second is undefined. This >> is one way to resolve the issue, but it is not the only way. You will not >> find this specified, except indirectly via math on the struct tm, which >> isn't definitive about what to do during the leap. >> > >> > What I see are two things. First the math: >> > >> >> If the year is <1970 or the value is negative, the relationship is >> undefined. If the year is >=1970 and the value is non-negative, the value >> is related to a Coordinated Universal Time name according to the C-language >> expression, where tm_sec, tm_min, tm_hour, tm_yday, and tm_year are all >> integer types: >> >> >> >> tm_sec + tm_min*60 + tm_hour*3600 + tm_yday*86400 + >> >> (tm_year-70)*31536000 + ((tm_year-69)/4)*86400 - >> >> ((tm_year-1)/100)*86400 + ((tm_year+299)/400)*86400 >> > >> > Then the definition of tm_sec which can have values [0,61]. >> > No. You can't have 61. That's a mistake. It can never be 61, you can't have double leap seconds. You've made an off by one error here. In fact, it's about the only leap second mistake POSIX has fixed. The fundamental problem here is that the formula assumes that there are no leap seconds. You can't get away from that, so any application of that formula for what to do during a leap second, which POSIX says doesn't exist, can't be done. The reason you get the answer you do is due to a property of gmtime/timegm that allows one to get a time, and then get a later or earlier time from that time by incrementing the appropriate field. So if I get a time where tm_sec=59, I get the next second by adding 1 to tm_sec to get 60. But you could also add 10 to tm_min to get a time 10 minutes in the future. The trouble is that neither of these operations returns the proper value across a leap second. In large part because the proper value may be different things to different people: some want exactly 10 minutes later (so 600 seconds), while others want the same time hands 10 minutes in the future and if there's a leap second inbetween, then the interval is one second longer (so 601 seconds). > Yes, you can set tm_sec to 61, but how should the conversion function of >> the runtime library know that it shoudld return second 61 of the current >> day instead of second 0 of the next day? In POSIX there is no way I'm >> aware of that can be used to tell the conversion function that a >> specific second is an inserted leap second. >> > > Operating systems with the ntp_adjtimex system call do return leapsecond > info. This includes linux and the *BSDs. > > System call interfaces can be extended if we have needs here. > The problem is more fundamental. It's not just about getting time stamps that somehow can be known / flagged to be the leap second, but also propagating that information. Let's say I touch a file during the leap second. I'd want ls -l to show that it was changed at 23:59:60 on that day. So how does a filesystem that stores its times as seconds since 1970 encode that? It can't. So I can't get that. And even if it stores it in TAI, then the kernel has to have a leap second table back to 1972 that's up to date at all times. This is in addition to the timezone files which also need to be up to date. Then the kernel can translate the TAI times back to UTC. Except, surprise, there's no unique encoding for a leap second so you're still stuck... And let's say we want to force the kernel to return TAI time, which some have proposed, and we paper over it by creating new system calls to get this TAI time (or use clock_ API that has provisions for it already). Then what? Well, there's about two dozen system calls that return UTC time that would need TAI time variants. And then you'd want to create a taitime/timetai to mirror timegm/gmtime. But you'd still have the math problem referenced above, so you'd need two sorts of compute future time functions (interval vs offset I talked about above). And you'd need good timezone data. And you'd need to update it on the running system, or you'd limit up time to ~18 months on the average. The problems aren't just getting a timestamp. They run much deeper and are more fundamental. The twin assumptions of UTC and there are no minutes with 61 seconds run quite deep and show up in bizarre places. And that's ignoring legacy code that doesn't follow the normal paths. And it also ignores a bit of how to exchange time because we've still not invented any metadata that goes along with the timestamp to ensure that it's sense (timezone / timescale if you will) is preserved. So, yea, sorry to be mr grumpy, but this is by no means just a problem of getting the right time during a leap second. The data flows and the data formats conspire together to make it hard. And that's why we have the evil smearing leap seconds because breaking the frequency domain, if done slowly enough, breaks little to nothing except correspondence to national lab time which some folks need for regulatory compliance, which can actually be back-computed for people that really care at least... This is why high quality ntpd servers return 'unsynchronized' as Martin has patiently explained, during a leap second so the remote knows it got a response (so the time server isn't down) and at the same time knows it should throw it away as being ill-timed. His explanation was much better than mine and got more of the details right than my recollections from long ago did. Warner > > >> >> Martin >> -- >> Martin Burnicki >> >> Senior Software Engineer >> >> MEINBERG Funkuhren GmbH & Co. KG >> Email: martin.burnicki@meinberg.de >> Phone: +49 5281 9309-414 >> Linkedin: https://www.linkedin.com/in/martinburnicki/ >> >> Lange Wand 9, 31812 Bad Pyrmont, Germany >> Amtsgericht Hannover 17HRA 100322 >> Geschäftsführer/Managing Directors: Günter Meinberg, Werner Meinberg, >> Andre Hartmann, Heiko Gerstung >> Websites: https://www.meinberg.de https://www.meinbergglobal.com >> Training: https://www.meinberg.academy >> >>
- [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Tony Finch
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Dieter Sibold
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Steve Allen
- Re: [Ntp] Leap second draft Steve Allen
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Steve Allen
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Steve Allen
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Steve Allen
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Daniel Franke
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Tony Finch
- Re: [Ntp] Leap second draft Tony Finch
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Tony Finch
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Miroslav Lichvar
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Kurt Roeckx
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Patrik Fältström
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Patrik Fältström
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Warner Losh
- Re: [Ntp] Leap second draft Patrik Fältström
- Re: [Ntp] Leap second draft Warner Losh
- [Ntp] Antw: Re: Leap second draft Ulrich Windl
- [Ntp] Antw: Re: Leap second draft Ulrich Windl
- [Ntp] Antw: Re: Leap second draft Ulrich Windl
- [Ntp] Antw: Re: Leap second draft Ulrich Windl
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Antw: Re: Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Watson Ladd
- Re: [Ntp] Leap second draft Martin Burnicki
- Re: [Ntp] Leap second draft Warner Losh