...one of the most highly
regarded and expertly designed C++ library projects in the
world.

— Herb Sutter and Andrei
Alexandrescu, C++
Coding Standards

Overall Index -- Gregorian Index -- Posix Time Index

The library does its best to provide everything a user could want, but there are certain inherent constraints that limit what *any* temporal library can do. Specifically, a user must choose which two of the following three capabilities are desired in any particular application:

- exact agreement with wall-clock time
- accurate math, e.g. duration calculations
- ability to handle timepoints in the future

If you want exact agreement with wall-clock time, you must use either UTC or local time. If you compute a duration by subtracting one UTC time from another and you want an answer accurate to the second, the two times must not be too far in the future because leap seconds affect the count but are only determined about 6 months in advance. With local times a future duration calculation could be off by an entire hour, since legislatures can and do change DST rules at will.

If you want to handle wall-clock times in the future, you won't be able (in the general case) to calculate exact durations, for the same reasons described above.

If you want accurate calculations with future times, you will have to use TAI or an equivalent, but the mapping from TAI to UTC or local time depends on leap seconds, so you will not have exact agreement with wall-clock time.

Here is some underlying theory that helps to explain what's going on. Remember that a temporal type, like any abstract data type (ADT), is a set of values together with operations on those values.

The representation of a type is *stable* if the bit pattern associated with a given value does not change over time.
A type with an unstable representation is unlikely to be of much
use to anyone, so we will insist that any temporal library use
only stable representations.

An operation on a type is stable if the result of applying the operation to a particular operand(s) does not change over time.

Sets are most often classified into two categories: well-defined
and ill-defined. Since a type is a set, we can extend these definitions
to cover types. For any type T, there must be a predicate
*is_member( x )*
which determines whether a value x is a member of type T.
This predicate must return *true*, *false*, or *dont_know*.

If for all x, is_member( x ) returns either true or false, we
say the set T is *well-defined*.

If for any x, is_member( x ) returns dont_know, we say the
set T is *ill-defined*.

Those are the rules normally used in math. However, because of the special characteristics of temporal types, it is useful to refine this view and create a third category as follows:

For any temporal type T, there must be a predicate *is_member( x, t )*
which determines whether a value x is a member of T.
The parameter t represents the time when the predicate is evaluated.
For each x_{i}, there must be a time t_{i} and a value v
such that:

- v = true or v = false, and
- for all t < t
_{i}, is_member( x_{i}, t ) returns dont_know, and - for all t >= t
_{i}, is_member( x_{i}, t ) returns v.

If for all x_{i}, t_{i} = negative infinity,
we say the type T is *predictable*.

If for some x_{i}, t_{i} = positive infinity,
we say the type T is *ill-formed*.

Otherwise we say the type T is *unpredictable* (this
implies that for some x_{i}, t_{i} is finite).

Ill-formed sets are not of much practical use, so we will not discuss them further. In plain english the above simply says that all the values of a predictable type are known ahead of time, but some values of an unpredictable type are not known until some particular time.

Predictable types have a couple of important properties:

- there is an order-preserving mapping from their elements onto a set of consecutive integers, and
- duration operations on their values are stable

Unpredictable types have exactly the opposite properties:

- there is no order-preserving mapping from their elements onto a set of consecutive integers, and
- duration operations on their values are not stable.

We can refine this a little by saying that a range within an unpredicatable type can be predictable, and operations performed entirely on values within that range will be stable. For example, the range of UTC timepoints from 1970-01-01 through the present is predictable, so calculations of durations within that range will be stable.

These limitations are problematical, because important temporal types like UTC and Local Time are in fact unpredictable, and therefore operations on them are sometimes unstable. Yet as a practical matter we often want to perform this kind of operation, such as computing the duration between two timepoints in the future that are specified in Local Time.

The best the library can do is to provide an approximation, which is generally possible and for most purposes will be good enough. Of course the documentation must specify when an answer will be approximate (and thus unstable) and how big the error may be. In many respects calculating with unpredictable sets is analogous to the use of floating point numbers, for which results are expected to only be approximately correct. Calculating with predictable sets would then be analogous to the user of integers, where results are expected to be exact.

For situations where exact answers are required or instability cannot be tolerated, the user must be able to specify this, and then the library should throw an exception if the user requests a computation for which an exact, stable answer is not possible.

Last modified: Wed Aug 21 14:46:55 MST 2002 by Jeff Garland © 2000-2002