Year 2038 problem
The Year 2038 problem is an issue for computing and data storage situations in which time values are stored or calculated as a signed 32-bit integer, and this number is interpreted as the number of seconds since 00:00:00 UTC on 1 January 1970 ("the epoch"). Such implementations cannot encode times after 03:14:07 UTC on 19 January 2038, a problem similar to but not entirely analogous to the "Y2K problem" (also known as the "Millennium Bug"), in which 2-digit values representing the number of years since 1900 could not encode the year 2000 or later. Most 32-bit Unix-like systems store and manipulate time in this "Unix time" format, so the year 2038 problem is sometimes referred to as the "Unix Millennium Bug" by association.
The latest time that can be represented in Unix's signed 32-bit integer time format is 03:14:07 UTC on Tuesday, 19 January 2038 (2,147,483,647 seconds after 1 January 1970). Times beyond that will "wrap around" and be stored internally as a negative number, which these systems will interpret as having occurred on 13 December 1901 rather than 19 January 2038. This is caused by integer overflow. The counter "runs out" of usable bits, "increments" the sign bit instead, and reports a maximally negative number (continuing to count up, toward zero). Resulting erroneous calculations on such systems are likely to cause problems for users and other relying parties.
Programs that work with future dates will begin to run into problems sooner; for example a program that works with dates 20 years in the future will have to be fixed no later than 2018.
|This section possibly contains previously unpublished synthesis of published material that conveys ideas not attributable to the original sources. (May 2015)|
In May 2006, reports surfaced of an early manifestation of the Y2038 problem in the AOLserver software. The software was designed with a kludge to handle a database request that should "never" time out. Rather than specifically handling this special case, the initial design simply specified an arbitrary time-out date in the future. The default configuration for the server specified that the request should time out after one billion seconds. One billion seconds (approximately thirty-two years) after 9:27.28 pm on 12 May 2006 is beyond the 2038 cutoff date. Thus, after this time, the time-out calculation overflowed and returned a date that was actually in the past, causing the software to crash. When the problem was discovered, AOL server managers had to edit the configuration file and set the time-out to a lower value.
Players of games or apps which are programmed to impose waiting periods are running into this problem when they attempt to work around the waiting period on devices which harbor the coding, by manually setting their devices (such as the Nexus 7) to a date past 19 January 2038.
Embedded systems that use dates for either computation or diagnostic logging are most likely to be affected by the 2038 bug.
Many transportation systems from flight to automobiles use embedded systems extensively. In automotive systems, this may include anti-lock braking system (ABS), electronic stability control (ESC/ESP), traction control (TCS) and automatic four-wheel drive; aircraft may use inertial guidance systems and GPS receivers. However this does not imply that all these systems will suffer from the bug. Many such systems will not require access to dates. For those that do, those systems which only track the difference between times/dates and not absolute times/dates will, by the nature of the calculation, not experience a problem. This is the case for automotive diagnostics based on legislative standards such as CARB.
Another major use of embedded systems is in communications devices, including cell phones and Internet appliances (routers, wireless access points, etc.) which rely on storing an accurate time and date and are increasingly based on UNIX-like operating systems. For example, the bug makes some Android devices crash and not restart when the time is changed to that date.
Despite the modern 18–24-month generational update in computer systems technology, embedded systems are designed to last the lifetime of the machine in which they are a component. It is conceivable that some of these systems may still be in use in 2038. It may be impractical or, in some cases, impossible to upgrade the software running these systems, ultimately requiring replacement if 32-bit time_t limitations are to be corrected.
The use of 32-bit time_t has also been encoded into some file formats, which means it can live on well beyond the life of the machines on which such file formats were originally supported.
Data structures with time problems
Many data structures in use today have 32-bit time representations embedded into their structure. A full list of these data structures is virtually impossible to derive but there are well-known data structures that have the Unix time problem:
- file systems (many filesystems use only 32 bits to represent times in inodes)
- binary file formats (that use 32-bit time fields)
- databases (that have 32-bit time fields)
- database query languages, like SQL that have UNIX_TIMESTAMP() like commands
- COBOL systems of 1970s - 1990s vintage that have not been replaced by 2038-compliant systems
- embedded factory, refinery control and monitoring subsystems
- assorted medical devices
- assorted military devices
Each one of these places where data structures using 32-bit time are in place has its own risks related to failure of the product to perform as designed.
The Network Time Protocol has a related overflow issue, which manifests itself in 2036, rather than 2038. The 64-bit timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional second, giving NTP a time scale that rolls over every 232 seconds (136 years) and a theoretical resolution of 2−32 seconds (233 picoseconds). NTP uses an epoch of 1 January 1900. The first rollover occurs in 2036, prior to the UNIX year 2038 problem.
Implementations should disambiguate NTP time using a knowledge of the approximate time from other sources. Since NTP only works with the differences between timestamps and never their absolute values, the wraparound is invisible as long as the timestamps are within 68 years of each other.
This means that for NTP the rollover will be invisible for most running systems, since they will have the correct time to within a very small tolerance. However, systems that are starting up need to know the date within no more than 68 years. Given the large allowed error, it is not expected that this is too onerous a requirement. One suggested method is to set the clock to no earlier than the system build date or the release date of the current version of the NTP software. Many systems use a battery powered hardware clock to avoid this problem.
Even so, future versions of NTP may extend the time representation to 128 bits: 64 bits for the second and 64 bits for the fractional-second. The current NTP4 format has support for Era Number and Era Offset, that when used properly should aid fixing date rollover issues. According to Mills, "The 64 bit value for the fraction is enough to resolve the amount of time it takes a photon to pass an electron at the speed of light. The 64 bit second value is enough to provide unambiguous time representation until the universe goes dim."[note 1]
There is no universal solution for the Year 2038. Any change to the definition of the time_t data type would result in code compatibility problems in any application in which date and time representations are dependent on the nature of the signed 32-bit time_t integer. For example, changing time_t to an unsigned 32-bit integer, which would extend the range to the year 2106, would adversely affect programs that store, retrieve, or manipulate dates prior to 1970, as such dates are represented by negative numbers. Increasing the size of the time_t type to 64-bit in an existing system would cause incompatible changes to the layout of structures and the binary interface of functions.
There is also no universal solution for the issue with DVB and ATSC real time transmitted dates due to issues with legacy receivers. Also the issue has yet to be acknowledged or resolved by either organization. The only work around would be to discontinue all time related metadata services such as programming guides and automatic date synchronization after the affected dates. One possible option would be to create new table types for the affected part of the specifications and use ISO 8601 date strings rather than fixed integers as is used in ISO 9660 and ISO 13346 filesystems.
Most operating systems designed to run on 64-bit hardware already use signed 64-bit time_t integers. Using a signed 64-bit value introduces a new wraparound date that is over twenty times greater than the estimated age of the universe: approximately 292 billion years from now, at 15:30:08 on Sunday, 4 December 292,277,026,596. The ability to make computations on dates is limited by the fact that
tm_year uses a signed 32 bit int value starting at 1900 for the year. This limits the year to a maximum of 2,147,485,547 (2,147,483,647 + 1900).
Starting with NetBSD version 6.0 (released in October 2012), the NetBSD operating system uses a 64-bit time_t for both 32-bit and 64-bit architectures. Applications that were compiled for an older NetBSD release with 32-bit time_t are supported via a binary compatibility layer, but such older applications will still suffer from the Year 2038 problem.
OpenBSD since version 5.5, released in May 2014, also uses a 64-bit time_t for both 32-bit and 64-bit architectures. In contrast to NetBSD, there is no binary compatibility layer. Therefore, applications expecting a 32-bit time_t and applications using anything different from time_t to store time values may break.
The x32 ABI for Linux (which defines an environment for programs with 32-bit addresses but running the processor in 64-bit mode) also uses a 64-bit time_t. Since it was a new environment, there was no need for special compatibility precautions.
Alternative proposals have been made (some of which are in use), such as storing either milliseconds or microseconds since an epoch (typically either 1 January 1970 or 1 January 2000) in a signed 64-bit integer, providing a minimum range of 300,000 years. Other proposals for new time representations provide different precisions, ranges, and sizes (almost always wider than 32 bits), as well as solving other related problems, such as the handling of leap seconds. In particular, TAI64 is an implementation of the Temps Atomique International standard, the current international real-time standard for defining a second and frame of reference.
- "The Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004 Edition (definition of epoch)". IEEE and The Open Group. The Open Group. 2004. Retrieved 7 March 2008.
- Diomidis Spinellis (2006). Code quality: the open source perspective. Effective software development serie in Safari Books Online (illustrated ed.). Adobe Press. p. 49. ISBN 0-321-16607-8.
- "The Future Lies Ahead". 28 June 2006. Retrieved 19 November 2006.
- Weird "memory leak" problem in AOLserver 3.4.2/3.x 12 May 2006
- "It isn't cheating it's time travel".
- "25 Years From Today A Time For Bugs".
Update: I have confirmed Mikko's Android report on a Google Nexus 7 tablet running Android 4.1 Jelly Bean — Even though years beyond 2038 are listed in the Set Date and Time function of the Settings app, try to set it to a date past 1/19/2038 and it refuses.
- CARB - Vehicles and Engines (Mobile Source) Test Procedures
- Issue 16899 - android - Year 2038 problem
- Trends in embedded software design
- "aj_blk: Year 2038 Bug". Ajoeblk.blogspot.in. Retrieved 2013-03-12.
- University of Delaware Digital Systems Seminar presentation by David Mills, 2006-04-26
- "The End of Time". 17 April 2010. Retrieved 19 March 2012.
- "Pondering 2038". 14 August 2013. Retrieved 2 May 2014.
- "Unununium Time". Archived from the original on 4 August 2006. Retrieved 19 November 2006.
- Sun Microsystems. "Java API documentation: System.currentTimeMillis". Retrieved 7 May 2007.
- Entry in How Stuff Works
- The Project 2038 Frequently Asked Questions
- Critical dates 2038
- A 2038-safe replacement for time.h on 32 bit systems
- The number glitch that can lead to catastrophe
- Clewett, James. "2,147,483,647 – The End of Time [Unix]". Numberphile. Brady Haran.