On Fri, Apr 27, 2012 at 03:49:51PM -0700, John Stultz wrote:On 04/27/2012 01:12 AM, Richard Cochran wrote:That is one problem, yes.* BenefitsJust to clarify this, so we've got the right scope on the problem,
- Fixes the buggy, inconsistent time reporting surrounding a leap
second event.
you're trying to address the fact that the leap second is not
actually applied until the tick after the leap second, correct?
Where basically you can see small offsets like:I can synchronize over the network to under 100 nanoseconds, so to me,
one second is a large offset.
My only concern is how weAre you planning to implement that? This approach is by no means
manage it along with possible smeared-leap-seconds ala:
http://googleblog.blogspot.com/2011/09/time-technology-and-leaping-seconds.html
( I shudder at the idea of managing two separate frequency
corrections for different time domains).
universally accepted.
In my view, what Google is doing is hack (albeit a sensible for
business applications). For test and measurement or scientific
applications, it does not make sense to introduce artifical frequency
errors in this way.
Another variant of this idea: http://www.cl.cam.ac.uk/~mgk25/time/utc-sls/I think this last point is very telling. Neither of the above options are really viable in my mind, as I don't see any real consensus to giving up UTC. What is in-practice is actually way more important then where folks wish things would go.
Here is a nice quote from that page:
All other objections to UTC-SLS that I heard were not directed
against its specific design choices, but against the (very well
established) practice of using UTC at all in the applications that
this proposal targets:
* Some people argue that operating system interfaces, such as the
POSIX "seconds since the epoch" scale used in time_t APIs, should
be changed from being an encoding of UTC to being an encoding of
the leap-second free TAI timescale.
* Some people want to go even further and abandon UTC and leap
seconds entirely, detach all civilian time zones from the
rotation of Earth, and redefine them purely based on atomic time.
While these people are usually happy to agree that UTC-SLS is a
sensible engineering solution as long as UTC remains the main time
basis of distributed computing, they argue that this is just a
workaround that will be obsolete once their grand vision of giving
up UTC entirely has become true, and that it is therefore just an
unwelcome distraction from their ultimate goal.
Until the whole world agrees to this "work around" I think we shouldWell, I think that Google shows some folks are starting to use workarounds like smeared-leap-seconds/UTC-SLS. So its something we should watch carefully and expect more folks to follow. Its true that you don't want to mix UTC-SLS and standard UTC time domains, but its likely this will be a site-specific configuration.
stick to current standards. If and when this practice becomes
standardized (I'm not holding my breath), then we could simply drop
the internal difference between the kernel time scale and UTC, and
steer out the leap second synchronously with the rest of the world.
If you would support the option to only insert leap seconds, then the* Performance ImpactsThis may not be so small when it comes to folks who are very
** con
- Small extra cost when reading the time (one integer addition plus
one integer test).
concerned about the clock_gettime hotpath.
cost is one integer addition and one integer test.
Also, once we have a rational time interface (like CLOCK_TAI), thenWell, performance sensitive and correctness sensitive are two different things. :) I think CLOCK_TAI is much cleaner for things, but at the same time, the world "thinks" in UTC, and converting between them isn't always trivial (very similar to the timezone presentation layer, which isn't fun). So I'd temper any hopes of mass conversion. :)
time sensitive will want to use that instead anyhow.
No. So, on architectures that support vsyscalls/vdso (x86_64, powerpc, ia64, and maybe a few others) getnstimeofday() is really only an internal interface for in-kernel access. Userland uses the vsyscall/vdso interface to be able to read the time completely from userland context (with no syscall overhead). Since this is done in different ways for each architecture, you need to export the proper information out via update_vsyscall() and also update the arch-specific vsyscall gettimeofday paths (which is non-trivial, as some arches are implemented in asm, etc - my sympathies here, its a pain).Further, the correction will be needed to be made in the vsyscallDo you mean __current_kernel_time? What did I miss?
paths, which isn't done with your current patchset (causing userland
to see different time values then what kernel space calculates).
One possible thing to consider? Since the TIME_OOP flag is onlyThis would mean that you would have to do the conditional somehow
visible via the adjtimex() interface, maybe it alone should have the
extra overhead of the conditional?
backwards in order to provide TAI time values. To me, the logical way
is to keep a continuous time scale, and then compute UTC from it.
For users of clock_gettime/gettimeofday, a leapsecond is an inconsistency. Neither interfaces provide a way to detect that the TIME_OOP flag is set and its not 23:59:59 again, but 23:59:60 (which can't be represented by a time_t). Thus even if the behavior was perfect, and the leapsecond landed at exactly the second edge, it is still a time hiccup to most applications anyway.I'm not excited about theNot sure what you mean, but to me it is not acceptable to deliver
gettimeofday field returned by adjtimex not matching what
gettimeofday actually provides for that single-tick interval, but
maybe its a reasonable middle ground?
inconsistent time values to userspace!
So its not really a cost-of-maintaining, but a cost-of-calculation. We only calculate the next leap second when its provided via adjtimex rather then doing the check periodically in the kernel.Only adjtimex calls timekeeper_gettod_status, where the leap second is** proNot sure I follow this last point. How are we pushing this
- Removes repetitive, periodic division (secs % 86400 == 0) the whole
day long preceding a leap second.
- Cost of maintaining leap second status goes to the user of the
NTP adjtimex() interface, if any.
maintenance to adjtimex() users?
calculated, outside of timekeeper.lock, on the NTP user space's kernel
time.
In current Linux, the modulus is done in update_wall_time andI don't know the kdb patch especially well, but I suspect kdb_summary might be triggered at unexpected times if you're trying to debug a remote kernel. Thus we want to be able to get the time_t value (which can be read safely without a lock on most systems) without trying to grab a lock that might be held. This avoids deadlock should kdb be blocking the lock-holder from running.
logarithmic_accumulation, on kernel time.
What about kdb_summary?* TodoThere's a few cases where we want the current second value when we
- The function __current_kernel_time accesses the time variables
without taking the lock. I can't figure that out.
already hold the xtime_lock, or we might possibly hold the
xtime_lock. Its an special internal interface for special users
(update_vsyscall, for example).