Year 2038 problem
The year 2038 problem may cause some computer software to fail at some point near the year 2038. The problem affects all software and systems that both store system time as a signed 32-bit integer, and interpret this number as the number of seconds since 00:00:00 UTC on Thursday, 1 January 1970. The furthest time that can be represented this way is 03:14:07 UTC on Tuesday, 19 January 2038. Times beyond this moment will "wrap around" and be stored internally as a negative number, which these systems will interpret as a date in December 13, 1901 rather than January 19, 2038. This is caused by integer overflow. The counter "runs out" of usable digits, "increments" the sign bit instead, and reports a maximally negative number (continuing to count up, toward zero). This is likely to cause problems for users of these systems due to erroneous calculations.
Further, while most programs will only be affected in or very close to 2038, programs that work with future dates will begin to run into problems much sooner. For example, a program that works with dates 24 years in the future will have to be fixed no later than 2014.
In May 2006, reports surfaced of an early manifestation of the Y2038 problem in the AOLserver software. The software was designed with a kludge to handle a database request that should "never" time out. Rather than specifically handling this special case, the initial design simply specified an arbitrary time-out date in the future.
The default configuration for the server specified that the request should time out after one billion seconds. One billion seconds (approximately thirty-two years) after 9:27.28 pm on 12 May 2006 is beyond the 2038 cutoff date. Thus, after this time, the time-out calculation overflowed and returned a date that was actually in the past, causing the software to crash. When the problem was discovered, AOL server managers had to edit the configuration file and set the time-out to a lower value.
Embedded systems that use dates for either computation or diagnostic logging are most likely to be affected by the 2038 bug.
Many transportation systems from flight to automobiles use embedded systems extensively. In automotive systems, this may include anti-lock braking system (ABS), electronic stability control (ESC/ESP), traction control (TCS) and automatic four-wheel drive; aircraft may use inertial guidance systems and GPS receivers. However this does not imply that all these systems will suffer from the bug. Many such systems will not require access to dates. For those that do, those systems which only track the difference between times/dates and not absolute times/dates will, by the nature of the calculation, not experience a problem. This is the case for automotive diagnostics based on legislative standards such as CARB.
Another major use of embedded systems is in communications devices, including cell phones and Internet appliances (routers, wireless access points, etc.) which rely on storing an accurate time and date and are increasingly based on UNIX-like operating systems. For example, the bug makes some Android devices crash and not restart when the time is changed to that date.
Despite the modern 18–24-month generational update in computer systems technology, embedded systems are designed to last the lifetime of the machine in which they are a component. It is conceivable that some of these systems may still be in use in 2038. It may be impractical or, in some cases, impossible to upgrade the software running these systems, ultimately requiring replacement if 32-bit time_t limitations are to be corrected.
The use of 32-bit time_t has also been encoded into some file formats, which means it can live on well beyond the life of the machines on which such file formats were originally supported.
Data structures with time problems
Many data structures in use today have 32-bit time representations embedded into their structure. A full list of these data structures is virtually impossible to derive but there are well-known data structures that have the Unix time problem:
- file systems (many filesystems use only 32 bits to represent times in inode)
- binary file formats (that use 32-bit time fields)
- databases (that have 32-bit time fields)
- database query languages, like SQL that have UNIX_TIMESTAMP() like commands
- COBOL systems of 1970s - 1990s vintage that have not been replaced by 2038-compliant systems
- embedded factory, refinery control and monitoring subsystems
- assorted medical devices
- assorted military devices
Each one of these places where data structures using 32-bit time are in place has its own risks related to failure of the product to perform as designed.
Real-time data structures with the 2038 problem:
- The Digital Video Broadcast system has a similar issue on April 22, 2038, when the 16 bits used to transmit Modified Julian Days used for electronic guide scheduling will restart from zero.
- The rival ATSC system will not have this issue until 2048 due to its use of unsigned 32-bit GPS seconds that begin from January 6, 1980.
The Network Time Protocol has a related overflow issue, which manifests itself in 2036, rather than 2038. The 64-bit timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional second, giving NTP a time scale that rolls over every 232 seconds (136 years) and a theoretical resolution of 2−32 seconds (233 picoseconds). NTP uses an epoch of January 1, 1900. The first rollover occurs in 2036, prior to the UNIX year 2038 problem.
Implementations should disambiguate NTP time using a knowledge of the approximate time from other sources. Since NTP only works with the differences between timestamps and never their absolute values, the wraparound is invisible as long as the timestamps are within 68 years of each other.
This means that for NTP the rollover will be invisible for most running systems, since they will have the correct time to within a very small tolerance. However, systems that are starting up need to know the date within no more than 68 years. Given the large allowed error, it is not expected that this is too onerous a requirement. One suggested method is to set the clock to no earlier than the system build date. Many systems use a battery powered hardware clock to avoid this problem.
Even so, future versions of NTP may extend the time representation to 128 bits: 64 bits for the second and 64 bits for the fractional-second. The current NTP4 format has support for Era Number and Era Offset, that when used properly should aid fixing date rollover issues. According to Mills, "The 64 bit value for the fraction is enough to resolve the amount of time it takes a photon to pass an electron at the speed of light. The 64 bit second value is enough to provide unambiguous time representation until the universe goes dim."[note 1]
There is no universal solution for the Year 2038 problem. Any change to the definition of the time_t data type would result in code compatibility problems in any application in which date and time representations are dependent on the nature of the signed 32-bit time_t integer. For example, changing time_t to an unsigned 32-bit integer, which would extend the range to the year 2106, would adversely affect programs that store, retrieve, or manipulate dates prior to 1970, as such dates are represented by negative numbers. Increasing the size of the time_t type to 64-bit in an existing system would cause incompatible changes to the layout of structures and the binary interface of functions.
There is also no universal solution for the issue with DVB and ATSC real time transmitted dates due issues with legacy receivers. Also the issue has yet to be acknowledged or resolved by either organization. The only work around would be to discontinue all time related metadata services such as programming guides and automatic date synchronization after the affected dates. One possible option would be to create new table types for the affected part of the specifications and use ISO 8601 date strings rather than fixed integers as is used in ISO 9660 and ISO 13346 filesystems.
Most operating systems designed to run on 64-bit hardware already use signed 64-bit time_t integers. Using a signed 64-bit value introduces a new wraparound date that is over twenty times greater than the estimated age of the universe: approximately 292 billion years from now, at 15:30:08 on Sunday, 4 December 292,277,026,596. The ability to make computations on dates is limited by the fact that
tm_year uses a signed 32 bit int value starting at 1900 for the year. This limits the year to a maximum of 2,147,485,547 (2,147,483,647 + 1900). While this solves the problem for executing programs, it does not solve the problem of storing date values within binary data files, many of which employ rigid storage formats. It also doesn't solve the problem for 32-bit programs running under compatibility layers and may not solve the problem for programs that incorrectly store time values in variables of types other than time_t.
Starting with NetBSD version 6.0 (released in October 2012), the NetBSD operating system uses a 64-bit time_t for both 32-bit and 64-bit architectures. Applications that were compiled for an older NetBSD release with 32-bit time_t are supported via a binary compatibility layer, but such older applications will still suffer from the Year 2038 problem.
OpenBSD in version 5.5, to be released in May 2014, will also use a 64-bit time_t for both 32-bit and 64-bit architectures. In contrast to NetBSD, there will be no binary compatibility layer. Therefore, applications expecting a 32-bit time_t will, and applications using anything different from time_t to store time values, may break.
The x32 ABI for Linux which defines an environment for programs with 32-bit addresses but running the processor in 64-bit mode also uses a 64-bit time_t. Since it was a new environment, there was no need for special compatibility precautions.
Alternative proposals have been made (some of which are in use), such as storing either milliseconds or microseconds since an epoch (typically either 1 January 1970 or 1 January 2000) in a signed 64-bit integer, providing a minimum range of 300,000 years. Other proposals for new time representations provide different precisions, ranges, and sizes (almost always wider than 32 bits), as well as solving other related problems, such as the handling of leap seconds. In particular, TAI64 is an implementation of the Temps Atomique International standard, the current international real-time standard for defining a second and frame of reference.
- "The Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004 Edition (definition of epoch)". IEEE and The Open Group. The Open Group. 2004. Retrieved 7 March 2008.
- Diomidis Spinellis (2006). Code quality: the open source perspective.. Effective software development serie in Safari Books Online (illustrated ed.). Adobe Press. p. 49. ISBN 0-321-16607-8.
- "The Future Lies Ahead". 28 June 2006. Retrieved 19 November 2006.
- Weird "memory leak" problem in AOLserver 3.4.2/3.x 12 May 2006
- CARB - Vehicles and Engines (Mobile Source) Test Procedures
- Issue 16899 - android - Year 2038 problem
- Trends in embedded software design
- "aj_blk: Year 2038 Bug". Ajoeblk.blogspot.in. Retrieved 2013-03-12.
- University of Delaware Digital Systems Seminar presentation by David Mills, 2006-04-26
- "The End of Time". 17 April 2010. Retrieved 19 March 2012.
- "Unununium Time". Archived from the original on 4 August 2006. Retrieved 19 November 2006.
- Sun Microsystems. "Java API documentation: System.currentTimeMillis". Retrieved 7 May 2007.
- Entry in How Stuff Works
- The Project 2038 Frequently Asked Questions
- Critical dates 2038
- A 2038-safe replacement for time.h on 32 bit systems
- Clewett, James. "2,147,483,647 – The End of Time [Unix]". Numberphile. Brady Haran.