Year 2038 problem

The Year 2038 problem (Y2038) relates to representing time in many digital systems as the number of seconds passed since 00:00:00 UTC on 1 January 1970 and storing it as a signed 32-bit binary integer. Such implementations cannot encode times after 03:14:07 UTC on 19 January 2038. Just like the Y2K problem, the Year 2038 problem is caused by insufficient capacity of the chosen storage unit.


The latest time that can be represented in Unix's signed 32-bit integer time format is 03:14:07 on Tuesday, 19 January 2038 (231-1 = 2,147,483,647 seconds after 1 January 1970).[1] Times beyond that cause signed integer overflow, which is an example of C's undefined behavior.

The C programming language allows for aggressive compiler optimization: a program can operate differently or even have a different control flow than the source code, as long as it exhibits the same user-visible side-effects, if undefined behavior never happens during program execution. Undefined behavior is the name of a list of conditions that the program must not meet. This effectively means that the compiler can assume that undefined behavior never happens, enabling automatic premature optimization and micro-optimization arising from skipping safety checks against a list of common conditions, even when they're checked against in the source code. Therefore, if any of those conditions is met, the new program can exhibit unexpected output and control flow, including crash and loss of data.

The issue is not limited to retrieving the current time: any computation that results in a non-representable time causes undefined behavior, for example summing the current time and a sufficient amount of seconds, which caused problems as early as in 2006, as explained below. Programs that work with future dates will begin to run into problems sooner; for example, a program that works with dates 20 years in the future should have been fixed no later than 19 January 2018.

On most architectures, the overflow is expected to wrap around the maximum: the result will be stored internally as a negative number and interpreted as having occurred at 20:45:52 on Friday, 13 December 1901 rather than 19 January 2038. This is because most architectures implement signed arithmetic as modulo arithmetic, where integer overflow makes the counter run out of usable digit bits, and flip the sign bit instead. This reports a maximally negative number, and continues to count up, towards zero, and then up through the positive integers again.

Undefined behavior is generally prevented with program design choices (appropriate datatype choice) and control flow (error condition checking, etc.). However, in this case, the programmer is forced to use time_t with 32-bit size due to a platform requirement, and has no means to safeguard the code. The only way to fix the problem is for the operating system to provide a different interface that the program can use.

Early problems

In May 2006, reports surfaced of an early manifestation of the Y2038 problem in the AOLserver software. The software was designed with a kludge to handle a database request that should "never" time out. Rather than specifically handling this special case, the initial design simply specified an arbitrary time-out date in the future. The default configuration for the server specified that the request should time out after one billion seconds. One billion seconds (approximately 32 years) after 01:27:28 UTC on 13 May 2006 is beyond the 2038 cutoff date. Thus, after this time, the time-out calculation overflowed and returned a date that was actually in the past, causing the software to crash. When the problem was discovered, AOLServer operators had to edit the configuration file and set the time-out to a lower value.[2][3]

Players of games or apps which are programmed to impose waiting periods[4] are running into this problem when they attempt to work around the waiting period on devices which harbor the coding, by manually setting their devices to a date past 19 January 2038, but are unable to do so, since a 32-bit Unix time format is being used.

Vulnerable systems

Embedded systems that use dates for either computation or diagnostic logging are most likely to be affected by the 2038 problem.[5]

Many transportation systems from flight to automobiles use embedded systems extensively. In automotive systems, this may include anti-lock braking system (ABS), electronic stability control (ESC/ESP), traction control (TCS) and automatic four-wheel drive; aircraft may use inertial guidance systems and GPS receivers.[note 1] However, this does not imply that all these systems will suffer from the Y2038 problem, since many such systems do not require access to dates. For those that do, those systems which only track the difference between times/dates and not absolute times/dates will, by the nature of the calculation, not experience a major problem. This is the case for automotive diagnostics based on legislative standards such as CARB (California Air Resources Board).[6]

Another major use of embedded systems is in communications devices, including cell phones and Internet appliances (routers, wireless access points, etc.) which rely on storing an accurate time and date and are increasingly based on UNIX-like operating systems. For example, the Y2038 problem makes some devices running 32-bit Android crash and not restart when the time is changed to that date.[7]

Despite the modern 18–24 month generational update in computer systems technology, embedded systems are designed to last the lifetime of the machine in which they are a component. It is conceivable that some of these systems may still be in use in 2038. It may be impractical or, in some cases, impossible to upgrade the software running these systems, ultimately requiring replacement if 32-bit time_t limitations are to be corrected.

MySQL database's built-in functions like UNIX_TIMESTAMP() will return 0 after 03:14:07 UTC on 19 January 2038.[8]

Early Mac OS X versions[9] are susceptible to the Year 2038 problem.

Data structures with time problems

Many data structures in use today have 32-bit time representations embedded into their structure. A full list of these data structures is virtually impossible to derive but there are well-known data structures that have the Unix time problem:

  • file systems (many file systems use only 32 bits to represent times in inodes)
  • binary file formats (that use 32-bit time fields)
  • databases (that have 32-bit time fields)
  • database query languages, like SQL that have UNIX_TIMESTAMP() like commands

Examples of systems using data structures that may contain 32-bit time representations include:

  • embedded factory, refinery control and monitoring subsystems
  • assorted medical devices
  • assorted military devices

Any system making use of data structures containing 32-bit time representations will present risk. The degree of risk is dependent on the mode of failure.

Network Time Protocol timestamps

The Network Time Protocol (NTP) has a related overflow issue, which manifests itself in 2036, rather than 2038. The 64-bit timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional second, giving NTP a time scale that rolls over every 232 seconds (136 years) and a theoretical resolution of 2−32 seconds (233 picoseconds). NTP uses an epoch of 1 January 1900. The first rollover occurs in 2036, prior to the UNIX year 2038 problem.

Implementations should disambiguate NTP time using a knowledge of the approximate time from other sources. Since NTP only works with the differences between timestamps and never their absolute values, the wraparound is invisible in the calculations as long as the timestamps are within 68 years of each other. However, after a wraparound the clients can still face two problems:

  1. They receive the date 1900-01-01 00:00:00UTC, not 2036-02-07 06:28:15 (plus or minus some leap seconds) as the new time.
  2. When a client tries to adopt this time and store it in UNIX time format, as many embedded systems do, it will fail because UNIX time starts at 13 December 1901 (signed 32 bit integer) or 1 January 1970 (unsigned 32 bit integer).

This means that for NTP the rollover will be invisible for most running systems, since they will have the correct time to within a very small tolerance. However, systems that are starting up need to know the date within no more than 68 years. Given the large allowed error, it is not expected that this is too onerous a requirement. One suggested method is to set the clock to no earlier than the system build date or the release date of the current version of the NTP software. Many systems use a battery-powered hardware clock to avoid this problem.

Even so, future versions of NTP may extend the time representation to 128 bits: 64 bits for the second and 64 bits for the fractional-second. The current NTP4 format has support for Era Number and Era Offset, that when used properly should aid fixing date rollover issues. According to Mills, "The 64 bit value for the fraction is enough to resolve the amount of time it takes a photon to pass an electron at the speed of light. The 64 bit second value is enough to provide unambiguous time representation until the universe goes dim."[10][note 2]

Possible solutions

There is no universal solution for the Year 2038 problem. Any change to the definition of the time_t data type would result in code compatibility problems in any application in which date and time representations are dependent on the nature of the signed 32-bit time_t integer. For example, changing time_t to an unsigned 32-bit integer, which would extend the range to 2106 (specifically, in 06:28:15 UTC on Sunday, 7 February 2106), would adversely affect programs that store, retrieve, or manipulate dates prior to 1970, as such dates are represented by negative numbers. Increasing the size of the time_t type to 64-bit in an existing system would cause incompatible changes to the layout of structures and the binary interface of functions.

There is also no universal solution for the issue with DVB and ATSC real-time transmitted dates due to issues with legacy receivers. The issue has yet to be acknowledged or resolved by either organization. The only workaround would be to discontinue all time-related metadata services such as programming guides and automatic date synchronization after the affected dates. One possible option would be to create new table types for the affected part of the specifications and use ISO 8601 date strings rather than fixed integers—as are used in ISO 9660 and ISO 13346 filesystems.

Most operating systems designed to run on 64-bit hardware already use signed 64-bit time_t integers. Using a signed 64-bit value introduces a new wraparound date that is over twenty times greater than the estimated age of the universe: approximately 292 billion years from now, at 15:30:08 UTC on Sunday, 4 December 292,277,026,596. The ability to make computations on dates is limited by the fact that tm_year uses a signed 32 bit integer value starting at 1900 for the year. This limits the year to a maximum of 2,147,485,547 (2,147,483,647 + 1900).[11]

FreeBSD uses 64-bit time_t for all 32-bit and 64-bit architectures except 32-bit i386, which uses unsigned 32-bit time_t instead.[12]

Starting with NetBSD version 6.0 (released in October 2012), the NetBSD operating system uses a 64-bit time_t for both 32-bit and 64-bit architectures. Applications that were compiled for an older NetBSD release with 32-bit time_t are supported via a binary compatibility layer, but such older applications will still suffer from the Year 2038 problem.[13]

OpenBSD since version 5.5, released in May 2014, also uses a 64-bit time_t for both 32-bit and 64-bit architectures. In contrast to NetBSD, there is no binary compatibility layer. Therefore, applications expecting a 32-bit time_t and applications using anything different from time_t to store time values may break.[14]

Linux uses a 64-bit time_t for 64-bit architectures only; the pure 32-bit ABI is not changed due to backward compatibility.[15] There is ongoing work, mostly for embedded Linux systems, to support 64-bit time_t on 32-bit architectures, too.[16][17]

The x32 ABI for Linux (which defines an environment for programs with 32-bit addresses but running the processor in 64-bit mode) uses a 64-bit time_t. Since it was a new environment, there was no need for special compatibility precautions.[15]

Network File System version 4 has defined its time fields as struct nfstime4 {int64_t seconds; uint32_t nseconds;} since December 2000.[18] Values greater than zero for the seconds field denote dates after the 0-hour, January 1, 1970. Values less than zero for the seconds field denote dates before the 0-hour, January 1, 1970. In both cases, the nseconds (nanoseconds) field is to be added to the seconds field for the final time representation.

Alternative proposals have been made (some of which are in use), such as storing either milliseconds or microseconds since an epoch (typically either 1 January 1970 or 1 January 2000) in a signed 64-bit integer, providing a minimum range of 300,000 years at microsecond resolution.[19][20] Other proposals for new time representations provide different precisions, ranges, and sizes (almost always wider than 32 bits), as well as solving other related problems, such as the handling of leap seconds. In particular, TAI64[21] is an implementation of the Temps Atomique International standard, the current international real-time standard for defining a second and frame of reference.

See also


  1. GPS suffers its own time counter overflow problem known as GPS Week Number Rollover.
  2. 2−64 seconds is about 54 zeptoseconds or 54×10−21 s (light would travel 16.26 picometres, or approximately 0.31 × Bohr radius), and 264 seconds is about 585 billion years.


  1. Diomidis Spinellis (2006). Code quality: the open source perspective. Effective software development series in Safari Books Online (illustrated ed.). Adobe Press. p. 49. ISBN 978-0-321-16607-4.
  2. "The Future Lies Ahead". 28 June 2006. Retrieved 19 November 2006.
  3. Weird "memory leak" problem in AOLserver 3.4.2/3.x 12 May 2006
  4. Fahey, Mike (21 January 2013). "Infinite Lives in Candy Crush Saga Isn't Cheating, It's Time Travel". Kotaku.
  5. "Is the Year 2038 problem the new Y2K bug?". The Guardian. 17 December 2014. Retrieved 11 October 2018.
  6. "ARB Test Methods / Procedures". California Air Resources Board.
  7. "ZTE Blade running Android 2.2 has 2038 problems". Retrieved 20 November 2018.
  8. "MySQL Bugs: #12654: 64-bit unix timestamp is not supported in MySQL functions".
  9. "unix - Is any version of OS X/macOS vulnerable to the Year 2038 problem?". Ask Different. Retrieved 12 October 2019.
  10. University of Delaware Digital Systems Seminar presentation by David Mills, 26 April 2006
  11. Felts, Bob (17 April 2010). "The End of Time". Retrieved 19 March 2012.
  13. "Announcing NetBSD 6.0". 17 October 2012. Retrieved 18 January 2016.
  14. "OpenBSD 5.5 released (May 1, 2014)". 1 May 2014. Retrieved 18 January 2016.
  15. Jonathan Corbet (14 August 2013). "Pondering 2038". Archived from the original on 4 March 2016. Retrieved 9 March 2016.
  16. Arnd Bergmann (25 March 2015). "The end of time (32bit edition)" (PDF). Archived from the original (PDF) on 22 September 2015. Retrieved 9 March 2016.
  17. Jonathan Corbet (5 May 2015). "System call conversion for year 2038". Archived from the original on 11 October 2015. Retrieved 9 March 2016.
  18. Haynes, Thomas; Noveck, David, eds. (March 2015). "Structured Data Types". Network File System (NFS) Version 4 Protocol. sec. 2.2. doi:10.17487/RFC7530. RFC 7530.
  19. "Unununium Time". Archived from the original on 8 April 2006. Retrieved 19 November 2006.
  20. Sun Microsystems. "Java API documentation for System.currentTimeMillis()". Retrieved 29 September 2017.
  21. "TAI64".

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.