In message <E1DzXzW-0007xt-00_at_mta1.cl.cam.ac.uk>, Markus Kuhn writes:
>Whenever I test leap seconds in an operating system function, I simply
>insert one leap second, and a short time later, I delete another one. In
>between, I run test software that shows me the evolution of the 1-second
>time offset relative to a comparison system that does not execute the
>test leap seconds. If the API you are testing requires you to jump to
>the end of June or December, then it simply is a very badly designed API
>and should be redone.
No, it is an API which is carefully designed to reject illegal or invalid
leapsecond information.
The NTP kernel support will allow leapseconds on any midnight, but the
NTP daemon is more strict.
>The API of a kernel clock driver should be able to
>schedule the insertion and deletion of a leap second any any start of a
>UTC second, usually expressed in POSIX's "Seconds Since the Epoch"
>scale.
No. The leapsecond support, like any other operating facility
examine and reject illegal data.
Leapseconds and *defined* as happening on midnight at the end of a month
and the operating system should not allow them anywhere else.
The kernel restricts itself to checking the midnight part, and that is
a sensible shortcut.
But even having to test it at midnight means stepping the clock when
testing.
>In addition, it is always good practice to keep test and operational
>environments strictly separated, for any sort of test, not just those
>involving clocks.
You should know that this is only economically feasible in very critical
systems.
>(With virtalization tools such as Xen or VMware, it
>have become very easy to run such tests completely isolated on the same
>hardware.)
Yes, that's very nice if your concept of "the system" involves the
PC on your desk.
For those of us who work in environments where "the system" is not
a PC, but rather something that takes a lot of racks which contain
computers interconnected with other stuff WMvare will just not cut it.
And from a testing point of view, the UNIX computers are almost the
smallest bits, it's all the weird crap people connect to them that
makes testing a problem.
>> Leapseconds is such a stone for real-world IT installations.
>
>Incompetent test design is an orders of magnitude heavier stone...
Ohh, I fully agree, but that doesn't justify forcing a basically
untestable concept like leap seconds on the morons.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk_at_FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
Received on Mon Aug 01 2005 - 04:26:22 PDT