Slashdot Mirror
Billennium's Over - Anything Break?
An Anonymous Coward writes: "The billennium party at OpenProjects.Net rocked! Check out the log for the whole event over here. Please don't forget to use one of the mirrors. Thanks :-)" Well, anyone have anything break due to the rollover?
I use a thingy that portions my web logfiles into daily files, each prepended with the current unix timestamp. I found that scripts I run to do stuff with the most recent day's logfile broke because 1000000000access_log.gz comes before 999999999access_log.gz.
The simple solution is to move the old 999 files to another directory. This problem wouldn't have cropped up since 1973 when it passed eight 9s, and won't happen again for another 300 years when it passes ten 9s.
Still, a bug's a bug, and that's one more than I had in the new millenium.
Kevin Fox
I stored the date as a 9 character string in the MySQL table. Oops.
I increased it to 10 chars but now it doesn't sort it correctly. Ooops.
I had the expire date on the cookies set to "999999999". Ooops.
I'm sure loads more will pop up.
The Y2k+1 "bug" really got me.
Apparently there is a bug in older version of KMail from KDE 1.x that prevents KMail from correctly displaying the current date since billenium. More information about KMail billenium bug is on www.kde.org.
This was sent out to the freebsd mailing lists by John Polstra:
This morning a bug was discovered in most versions of CVSup up to and including SNAP_16_1c. The bug causes all newly-updated files to receive incorrect timestamps. Usually the files receive timestamps from early in 1970. This bug has been present for a very long time,
but it only began to have an effect when the Unix representation of the date and time passed 1,000,000,000. That occurred on 9 September
2001 at 01:46:40 UTC. Yes, other people had Y2K bugs, but I managed to produce an S1G bug.
There was more, but that was the jist.
From my understanding the major problem doesn't occur till 2038 when 32-bit time reaches 2,147,483,647 seconds. 2,147,483,647 is the biggest number a 32-bit system can register.
Hmmm... the Melbourne General Post Office was gutted by fire at around the same time as the Billennium. Do you suppose...?
Now that you mention it one of my hard drives completely stopped working. At first I thought it was because i had it sitting on my floor and I stepped on it. I didn't even realize that it was probably from the whole 1 billion thing. Man, what was I thinking?
knode (0.4)
The kde news reader now orders incoming messages false. All new messages after the billenium are ordered older than the ones from before.
--
Karma 50, and all I got was this lousy T-Shirt.
Updates to Fix the CVSup 1000000000 Second Bug
http://people.freebsd.org/~jdp/s1g/
Just about every item in the MySQL RDBMS I inherited uses varchar(100). I toyed with converting them, but too much of the code written around it assumes that its getting text.
The best solution is to make sure anyone who creates a database has to administer it.
Xix.
(off to check some circa 1983 database technology to see if it's croaked in the interval)
"Everything is adjustable, provided you have the right tools"
Thanks for the Log. The commentary was brilliant.
It uses strings of unix time to sort the messages in the message list by date. So after the billenium all new messages where going to the bottom..
Anyway, i've made a small fix, incase anyone wants it..
Put it in MessageList.pm line 530.
# fix for billenium, we want to be able to make sure all string that get sorted are the same length so no boo boo's happen
if (length($row[5]) == 9)
{
my $tmp = $row[5];
$row[5] = "0$tmp";
}
stuff
I haven't had time to fully investigate the cause but the software that came with my Canon S10 digital camera now claims that I took all my pictures on August the 26th (at different times though that day).
The software (is supposed) to read the time from a field in the images
The cause could be 1) The software in the camera that stores the dates in the images or 2) the photo viewing software itself. or 3) Something totally different. (Windows ?)
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
OpenLDAP has massive breakage both in the 1.2 and 2.x series with the S2G Unix time rollover.
The slurpd server completely fails to push updates from the master server to the slaves, due to string compares of timestamps in 1.2 and a related problem in 2.x. There are patches for both in OpenLDAP CVS.
The problem is detailed in the openldap-bugs mailing list -- it was extremely scary to come to work this morning and find out that all the LDAP servers had stopped pushing updates, causing account creations to fail and mail to bounce!
...yes, I was monitoring my servers at work from my home Linux box, after verifying that everything was fine I turned around ... and my Windows box had crashed, it was the damndest thing < grin > .
I'm the big fish in the big pond bitch.
Had a party to celebrate, got drunk and very nearly broke my skull open on the floor as I fell.
Does that count? *grin*
It's the GOD DAMN APOCOLYPSE Outside! Dont any of you guys ever even open a Window!? sheesh... after all those rants about how the military should switch to linux, the world ended yesterday.
Well anyway, I declare myself God until further notice.
-- 'The' Lord and Master Bitman On High, Master Of All
This morning a bug was discovered in most versions of CVSup up to
and including SNAP_16_1c. The bug causes all newly-updated files to
receive incorrect timestamps. Usually the files receive timestamps
from early in 1970. This bug has been present for a very long time,
but it only began to have an effect when the Unix representation of
the date and time passed 1,000,000,000. That occurred on 9 September
2001 at 01:46:40 UTC. Yes, other people had Y2K bugs, but I managed
to produce an S1G bug.
I have fixed the bug and have released a new snapshot of CVSup,
SNAP_16_1d. I have also created binary packages for FreeBSD-4.x which
can be installed using "pkg_add". For information about updating your
CVSup installation, look here:
http://people.freebsd.org/~jdp/s1g/
To fix the bug, both the client and the server need to be upgraded to
SNAP_16_1d. The FreeBSD mirror site maintainers have been working
feverishly to upgrade their installations. Many of them are already
upgraded, and the rest will be upgraded soon. Meanwhile, all CVSup
users should upgrade their CVSup installations.
I apologize for the inconvenience caused by this bug, and thank you
in advance for your patience.
John Polstra
-- unix is for people without a social life - Patrick van Eijk
My ISPs IMAP server broke. It used the maildir format and got *really* confused with file names like:
% ls -tr | tail
999878615.18243.pop.xxx.com:2,S*
999882709.76833.pop.xxx.com:2,RS*
999883989.13343.pop.xxx.com:2,S*
999900385.97510.pop.xxx.com:2,S*
999906796.21947.pop.xxx.com:2,S*
999914926.66179.pop.xxx.com:2,S*
999922220.49590.pop.xxx.com:2,S*
999975475.10798.pop.xxx.com:2,S*
1000040737.72591.pop.xxx.com:2,S*
1000062814.85554.pop.xxx.com:2,*
I think it was an old version of uw-imapd with maildir patches.
I wrote a short script to rename all files created before 1,000,000,000 with a leading zero. The resulting file names with "09*" fixed the problem!
-Dave
I would like to make your attention on bug which was introduced tonight and can affect some people who are using (var)char field to store timestamp data.
It is not worst security bug. It affects only people who already had bug in their code. Just now this bug become visible/exploitable.
This is not MySQL bug. This is how people use their database. Also similar situation can be found in other software. I would like to inform people in public list as maybe some people have to search similar problems.
The problem: Computers store time and date usually as integer value representing amount of seconds from 1 January 1970. Tonight it overrolled from 999999999 to 1000000000.
Possible bug and exploit relies on fact that some people have used character type of field to store this seconds information (we have already such case)
example:
mysql> create table session (expire varchar(100) not null);
Query OK, 0 rows affected (0.31 sec)
mysql> insert into session values (999999997), (999999998), (999999999),
(1000000000), (1000000001);
Query OK, 5 rows affected (0.00 sec)
Records: 5 Duplicates: 0 Warnings: 0
mysql>
mysql> select * from session;
+------------+
| expire |
+------------+
| 999999997 |
| 999999998 |
| 999999999 |
| 1000000000 |
| 1000000001 |
+------------+
5 rows in set (0.00 sec)
mysql>
Let's assume that this table contains values we use somewhere to authenticate users. After user logs in, we write down session expiry time and later we check it like this:
mysql> select count(*) from session where expire >= '1000032535';
+----------+
| count(*) |
+----------+
| 3 |
+----------+
1 row in set (0.00 sec)
mysql>
WOW, what happened? Shouldn't be 100003253 bigger than any value in table? It worked yesterday!
In MySQL we suggested people to use quotation marks around integer values. This can avoid many web-based attacks targeted to modify SQL commands (more information on http://www.mysql.com/doc/G/e/General_security.html ). This is the reason why people put quotation marks around integer expressions and this is correct. Also automatic type casting will fix the source problem is column data is integer or some time/date vale. But when both column is character type and expression, they get compared as strings. And as we know, strings get sorted in order:
1,11,2,22
but integers:
1.2.11.22
So, this is why 100003253
It is possible that some web applicatons have endless expiry times now and not only in MySQL contexts.
(Shamelesly ripped from ntk.net).
geeks just don't DO "regular parties!"
They do over here in Sweden!
Our staff dos are a legend, and other tech companis here do the same. I have been to a lot of great parties, free food + drink, DJs, live music. Some of us even talk to girls. It must be part of the Swedish culture that once in a while you turn off your PC, grab a cold one from the fridge, hang out with your buddies and chat about things other than your OS.
Offtopic, Inflammatory, Inappropriate, Illegal, or Offensive comments might be moderated up.
I was expecting to have everything reset back to 1970. I was looking forward to men again on the moon and the Boston Bruins having a championship-caliber team.
Then again, I could do without the Vietnam War Redux. Oh well.
Mod Karma -1: I sed bad wurds. If I cep my mouf shut, I wud be at riyses.
Using string comparisons for dates stored as seconds since the epoch is not a very good idea.
Use the Date format that your database has, as it should be able to do much better comparisons with dates in SQL, instead of seconds stored as text.
Did I miss anything?
Veritas issued an alert that the indexing on it's backup files was broken - don't remember what it said, but basically everything would show as Jan 1, 1970 00:00:00. The datestamps were right, but the conversion routine for displaying the dates was broken. A patch that fixed the display routine fixed things up.
This space for rent. Call 1-800-STEAK4U
We use an older version of UW IMAP ad UW Pine both patched to use Maildir support (because they are too short-sighted to integrate such support themselves).
After the roll-over both programs started mis-sorting newly arrived messages to the top of the folder, rather than the bottom (but newly arrived messages are still sorted below older, within each category of 'before' and 'after' the 1 billion second point). Also getting 'mailbox changed unexpectedly, reloading' messages constantly.
I thought that I could go to your user info page and leave you a message since you didn't have an email addy supplied... silly me.
I was going to ask you some more questions regarding OpenLDAP and how you're using it (I'm trying to do the same types of things you described) but alas and alack, I must ask through the general messageboard. :-(
For all you talker fans out there, Neil Robertson's NUTS code (or derivitives - MoeNUTS, AmNUTS, etc.) has a constant named "DNL" that keeps track of the length of the date in seconds. This is set to 11 and will need to be switched to 12, although my talker ran fine w/o changing it. I'm sure I would have seen something wrong down the road.
Blog,Twitter
Incase someone wants this in a bit plainer english, let me explain. (Thank you, Jesse Liberty)
:)
In C, C++, and probably most other programming languages (I'm not a guru on programming), an integer is either "signed" or "unsigned". They are also either "long" or "short". The reason for the distinctions is primarily memory-related, using a long int (4 bytes) is a waste of memory if you're just going to store say, a number up to 300 in it, in which case a short int would be more appropriate. And if you're only going to store a single byte (such as 1 or 0) there's usualy something like the int type "bool", a 1-byte long int, that allows a 1-byte value to be stored (technicaly this value could be 0 to 9, I'm not sure if negatives are allowed).
An unsigned integer is (rather obviously if you think about it) a positive-only number, you can't have a negative number in an unsigned int (well, you can try, but it'll just wrap around to its maximum value).
an unsigned long int can go from 0 to 4,294,967,295
Now, with time_t, the time is being stored in a signed long int. This can be any value from -2,147,438,648 to 2,147,483,647 (you've just split the area avalible for values between negative and positive) on a 32bit system. Unfortunitely, in 2038, that's no longer enough (DOH!) as the # of seconds from UNIX Epoch will pass the maximum (positive) value of a signed long int, and suddenly our system clocks (on POSIX-compliant, and even some/many non-compliant UNIXish systems) will wrap around to, well, the turn of the century. This is *precisely* what the fear was with Y2K, just further in the future. And this isn't theory based on a couple systems, this is a real fear, because POSIX compliant systems WILL do this. Fortunitely we have ~36 years to solve this problem.
The first solution, and probably the cleanest, is to go to 64bit systems, this transition is just beginning, but personaly I think it will be complete within 30 years... ancient business systems might still have something to worry about (as with Y2K) but I doubt it.
The other, not-as-clean-but-quick-and-simple, solution is to bump the variable holding the time to a signed long int. This could be done by a newbie with a C book, and will allow UNIX time to go to 4,294,967,295, sometime after 2100 (I think it was 2106?). This is a band-aid and doesn't really fix the end problem that what we need is an EFFICIENT dynamicaly allocated int type, but just moving to an unsigned long will buy us time if, for some reason, we haven't fixed these damn problems by 2038.
(I THINK Java has dynamic int variables, but i don't think they're efficient. I'd have to grab an extensive book on Java, and I don't have that kind of time or patience:).
And no, we can't just make infinite-sized variables in our current infrastructure, the first one that got initialized would use all the memory and lock the system
Have you ever programmed in C?
Leading zeros change things... 031 != 31
031 == 25....
The reason is that C interprets the leading 0 to be an indicator that the number is written in octal.
(Why do programmers always get Haloween and Christmas confused? Because Oct(31)==Dec(25))
Anyway, leading zeros are not always the answer...
LedgerSMB: Open source Accounting/ERP
4Gigaseconds is the larges for 32bit ints. However, I'll bet 50% of the programs out there use a signed data type.. :(
...I run Windows :)
My propane grill died about 1 minute shy of the Billennium causing me to pan fry burgers for our Epoch party...
This communication is secured using Rot-26 Encryption Algorithm, Unauthorized decryption will be subject to laughter.
dwon@zed:~$ echo -e '1000foo\n999bar' | sort
1000foo
999bar
dwon@zed:~$ echo -e '1000foo\n999bar' | sort -n
999bar
1000foo
one of my perl scripts that sorted some stuff via timestamp broke over the billenium because i was using "cmp" instead of "<=>". silly me.
Java already uses 64-bit longs to hold date values (max value 9223372036854775807), in fact for fun once I made the case in an app that we should allow five digits for the year field to avoid the coming Y10k problem...
Java does have dynamic int classes like BigInteger, but I think they would be too inefficient for something with such widespread use as dates.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Apparently, this version of the library could not perform the "epoch" for seconds beyond the billenium and would report a year 1000 years too early! Of course, this bug was fixed in 1.34 and in fact the current version of Date::Manip is 1.40. Unfortunately, this company doesn't update as often as it should since upgrades can break backward compatibility and need extensive testing. But there you have it, a top company got bitten!
I guess I'll have to start planning early for the next party in 2032.
Somewhere, something incredible is waiting to be known. -- Carl Sagan
You can also pass in an address for a location for time() to write the time to besides returning it as the function value. Perhaps the error results if you pass in an invalid address? Maybe?
And the brethren went away edified.
My stomach broke as a result of the 1-billion second turnover. Of course, I _did_ celebrate with lots (and lots) of Thai curry...
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban