back to article If your apps or gadgets break down on Sunday, this may be why: Gpsd bug to roll back clocks to 2002

Come Sunday, October 24, 2021, those using applications that rely on gpsd for handling time data may find that they're living 1,024 weeks – 19.6 years – in the past. A bug in gpsd that rolls clocks back to March, 2002, is set to strike this coming weekend. The programming blunder was identified on July 24, 2021, and the …

  1. MiguelC Silver badge
    Pint

    Thank you to the guy in Nebraska, then!

    1. dlc.usa

      76 Upvotes

      Made me think of 76 trombones in Iowa (River City to be precise)--more coffee, stat! Anyway, applause, whistles, cheers, and marching bands for Mr. Miller!

  2. aregross

    Well...

    He's not really "random" then, is he!

    1. Captain Scarlet
      Linux

      Re: Well...

      Then again normies think coders are very random people

      1. Snake Silver badge
        Alert

        Re: Well...

        Companies consider you disposable, therefore, "random"

    2. Paul Crawford Silver badge

      Re: Well...

      You didn't know he roils a dice to decide on breakfast?

  3. Terry 6 Silver badge

    Wow

    Just...... wow!

  4. Anonymous Coward
    Anonymous Coward

    It's funny because it's true!

  5. Trollslayer
    Trollface

    XKCD strikes again!

    Psychic or precognitive?

    1. John Robson Silver badge

      Re: XKCD strikes again!

      Trivially predictive?

    2. picturethis
      Happy

      Re: XKCD strikes again!

      Actually, XKCD authors are history students from the future and they brought History of the Milkyway Galaxy Expanded Volumes I, II and III with them. To them, it's just history.... :)

      1. Anonymous Coward
        Angel

        Re: XKCD strikes again!

        Could they be the publishers of the Hitchhikers Guide to the Galaxy.

    3. Cybersaber

      Re: XKCD strikes again!

      Neither. The comic was written in reference to other projects at the time which are/were in the same boat as gpsd - widely used, and supported by a single maintainer. I love RM's work, but he's not prescient, just observant.

    4. bombastic bob Silver badge
      Devil

      Re: XKCD strikes again!

      real world emulated by Jenga

  6. The Man Who Fell To Earth Silver badge
    FAIL

    SHOCKED! JUST SHOCKED!

    That there are mission critical military systems built on software systems the military contractors don't understand.

    1. Anonymous Coward
      Anonymous Coward

      Re: SHOCKED! JUST SHOCKED!

      Why would you be shocked? I'm amazed ANYONE manages to make sense of a military design through the forest of paperwork between you and a vision of how it all works...

      1. Mike Lewis

        Re: SHOCKED! JUST SHOCKED!

        That's one reason why certain companies keep getting government contracts even though their previous projects failed. They know how to wade through the paperwork. Programming? Not so much.

  7. Brewster's Angle Grinder Silver badge

    Here's what happens next...

    Multiple companies get caught out, ringing up hundreds of millions or billions of losses (or, god forbid, human lives - it's in tanks and rockets, FFS, as well as trucks). The more litigious sue Miller. A defence fund is set up, but Miller doesn't have the time to focus on the code while coping with the case, and doesn't want the future grief so (entirely understandably) quits.

    For a while, nobody wants to hold the hot potato.

    Eventually, one or more big companies (*cough* Google *cough*) put their hands in their pockets to pay for development without so much as a thank you to Miller. Code development resumes. While the legal cases rumble away for decades, the stress exasperating any age-related heath conditions.

    The moral? Stick to sudoku.

    1. whitepines
      Trollface

      Re: Here's what happens next...

      You forgot the part where Google stops accepting outside contributions to the source, and makes it a byzantine service that only runs on specific hardware using obscure Google-specific network packages. All the while adding privacy-invading antifeatures to the official builds that force you to try to recompile it yourself, but while you're busy fighting the Google build system they're busy making those antifeatures part of the NTP standard.

      In parallel, Google starts flogging Time-As-A-Service, only to abandon it several years later.

      Cynical? Moi?

      1. Dave559

        Re: Here's what happens next...

        I fear you are just too much on the money with that Google prediction, but all of these "Nebraska Problems" (waves at OpenSSL) underpin so much of modern computer systems and the internet.

        Open source and volunteer effort is a great development model that has pulled us all up by our bootstraps to where we are today, but when (effectively) the whole world is now entirely relying on these libraries to be robust and bug-free (well, as bug-free as possible), is it really not time to effectively mandate something like a 0.1% tax/tithe on software/hardware busineses to give solid permanent financial backing to these essential systems that they all rely on and to ensure some paid development and testing/QA help so that these are not all entirely dependent on volunteer labour?

        (I picked 0.1% of out thin air: maybe it wouldn't be enough, maybe it would be way, way, more than enough, based on the size of some of the huge companies who would be liable to pay it, but in the overall scheme of things, it's surely a small enough percentage that no company that would be liable to pay it could really argue that it was particularly burdensome? It is after all through mutual co-operation that most of humanity's great developments have been made…)

  8. Potemkine! Silver badge

    21 years late

    The Y2K bug is 21 years late, and moreover it morphed to Y2K02. Who can you trust?

    1. Spanners
      Boffin

      Re: 21 years late

      Or just over 26 years to early for anyone who assumed that the year nunber would never exceed 2^11.

      They fixed the Unix millenium bug with the problem of 32 bits overflowing on 19 January 2038 @ 03:14:07 I think?

      1. bombastic bob Silver badge
        Meh

        Re: 21 years late

        as far as I know it only affects 32-bit systems that still have time_t defined as a 32-bit integer. There are certain backwards compatibility issues in 32-btt Linux, though, and there are time functions (as I recall) that support a 64-bit time_t on 32-bit. But legacy applications could still fall on their faces if they rely on time_t not rolling over.

        FreeBSD's headers defines time_t as 64bit when the pointer size is 64bit. I do not have a convenient 32-bit linux handy but in a 64-bit version it is also a 64-bit value for time_t. As far as I recall 32-bit Linux is also a 32-bit value for time_t.

        still embedded may need 32-bit in 2038 so probably best to change it to ALWAYS 64-bit at some point.

  9. Cybersaber

    This is why programming with time is like wrestling with demons...

    ...but some angel has to do it, or the message never gets through.

    1. Paul Crawford Silver badge

      Re: This is why programming with time is like wrestling with demons...

      Of course gpsd is a daemon!

  10. DS999 Silver badge

    Next rollover is in 2038?

    That's convenient, that way it'll coincide with the time_t overflow of all 32 bit Unix systems that will still be embedded in various corners of the world's infrastructure no one will realize until it is too late.

  11. Richard 12 Silver badge

    Thank you Miller, Lord of Time

    I tip my hat to you.

    1. bombastic bob Silver badge
      Coat

      Re: Thank you Miller, Lord of Time

      he's a Time Lord? Where's his TARDIS ?

  12. Gene Cash Silver badge

    Remember Arthur David Olson?

    No? Well, he's the guy that maintained the UNIX timezone database.

    All by himself.

    Then one day he announced he was retiring, and people realized he was doing this huge important task all by himself, and finally got him some help.

    But most GNSS manufacturers just ignore gpsd. Even when we find bugs in their stuff.

    I'd bet that would change if there was a periodic name-'em-and-shame-'em errata list published.

    1. Will Godfrey Silver badge
      Unhappy

      Re: Remember Arthur David Olson?

      No he'd just get sued.

  13. maddoghall

    Even worse in closed source....

    Many of the comments here are spot on, but let me throw in a few more:

    o It is estimated that .6% of the "PC" base still runs Windows XP, and it is estimated that in one country 60% of their desktop computers runs XP.

    o a friend of mine that works for one of those agencies we dare not talk about confirmed that many of the systems we do not want to think about are still running XP.

    I mention this not to pick on Microsoft...but if this issue was found to be in XP, how the heck do you fix it?

    o What if your closed-source software was written by DEC/SGI/Sun?

    Years ago I was involved with a large project to rewrite all the code running on some ancient IBM mainframes at a little facility called the Houston Space Center, in charge of the Shuttle flights. The reason this project was important was that not only had the programmers that wrote the code retired, many of them were dying.

    It is relatively easy to bring people back from retirement.

    Slide rules typically did not need bug fixes.

    This issue is not limited to the FOSS community by a long shot, and actually is easier to correct in FOSS than in closed systems.

    1. Clausewitz 4.0
      Devil

      Re: Even worse in closed source....

      If you could possibly imagine the number of ATMs running with windows XP and openSUSE, you would be amazed.

      1. Cliffwilliams44 Silver badge

        Re: Even worse in closed source....

        in 2010, I walked up to an ATM only to watch it rebooting into the Windows 95 start screen!

        1. W.S.Gosset Silver badge

          Re: Even worse in closed source....

          2 weeks ago I walked past as my newsagent was starting up their smick-looking advertising screen.

          The BIOS declared itself copyrighted 1997.

    2. Anonymous Coward
      Anonymous Coward

      Re: Even worse in closed source....

      Is it safe to assume the issue was NOT related to lack of support for the hardware and operating system? IBM mainframes pretty much continue to run (successfully) applications written 50 years ago.

      The issue is nobody teaches COBOL anymore, and there are 'better' languages and 'cheaper' hardware... so it comes down to a financial rather than a technical issue.

      Yeah?

  14. Anonymous Coward
    Anonymous Coward

    Can someone please clarify what the article doesn't?

    Can someone please clarify what the article doesn't... is this a rollover only bug or a permanent one?

    By which I mean: if a clock using this code is affected, can you simply reset / force a re-read of the GPS time signal and all will be well again; or will all reads fail continually?

    1. Robert Carnegie Silver badge

      Re: Can someone please clarify what the article doesn't?

      I infer that "turning it off and on again" is not a fix.

      Apparently it's slightly like defining a count of weeks since week zero as a 9 bits number instead of 10 bits, so week 512 is read as week 0, week 513 is read as week 1, and so on. It was meant to run up to week 1023, and it will.

      The software needs to be updated from time to time anyway, to redefine which week numbers relate to a recent past "week 0" - let's say W > 500 relates to the actual last week 0, and 0 <= W <= 500 is counting from the NEXT week 0.

      Anything that I've just said may be wrong.

  15. Knoydart
    Headmaster

    GNSS is not just GPS

    Just to note that GPS is one "brand' of GNSS, other constellations do exist for your PNT requirements

    1. -tim

      Re: GNSS is not just GPS

      Navstar is the US DOD's brand of GPS.

  16. martinusher Silver badge

    My Windows gets the time wrong all the time....

    ..but the system still works.

    The system is running Windows 10 and a number of Tuesdays ago it stopped automatically updating the time on startup. Now every time you boot it you've got to manually tell NTP to sync the clock. It hasn't caused the system to stop although in this day and age with everything certified against everything else it might, I just haven't found anything yet. (Its obviously a sequencing bug, their NTP is running and timing out before the network is ready to respond)(their fault -- wired network and anyway Linux works just fine, always has worked and probably always will work.)

    The point is, this bug is inconvenient, its been patched but if it causes a problem its going to be really obvious and will spur someone to upgrade or fix it. Nothing to get worked up about......

    1. Richard 12 Silver badge
      Boffin

      It'll be worse than you think

      This issue only affects installations that have their own, private GPS receiver wot they bought special to do the time thing.

      And it affects the whole installation, because it's in the way the GPS receiver is being read.

      It follows that you'd only spend that money if accurate time is quite important for what you're doing!

    2. Paul Crawford Silver badge

      Re: My Windows gets the time wrong all the time....

      Time on a desktop is usually immaterial, except for stupid emails appearing in the past/future because of when your email client though you sent it.

      Time for many other systems is critical, if you have to keep backup software in sync, check for main-in-the-middle attempts based on suspicious network delays, have mobile masts syncing transmissions so they don't interfere with each other too much, align some bit of hardware with something "out there", etc, etc, etc.

      1. Cliffwilliams44 Silver badge

        Re: My Windows gets the time wrong all the time....

        In a stand alone system yes, it is immaterial. In a Windows Active Directory domain it is certainly not!

        If your workstations time is off by more than a few minutes Kerberos will fail and not let you log into the Domain.

        1. This post has been deleted by its author

    3. JDC

      Re: My Windows gets the time wrong all the time....

      Digital signatures, at least here in Spain, usually include a timestamp (generated using a GPS based time). This timestamp could be used in court to demonstrate that you signed X before time Y, which clearly opens up all sorts of legal problems if the timestamp is not correct.

  17. FrankAlphaXII
    Meh

    Something's gotta give

    We really need to start treating critical software infrastructure like we do for things like transportation and fuel, food supply chains, medical supply chains, etc.

    As an emergency preparedness and response professional with an IT background, it is woefully inadequate and quite potentially a major hazard that libraries and small infrastructure projects like this hinge on a developer or developers who are volunteering their time and effort with no continuity planning, funding, time or means to respond to a bug or vulnerability because nobody wants to do it. Not everyone has a Google, IBM-hat, HPE/HPI, or Microsoft in their corner giving them time to do this utterly thankless, time consuming, but absolutely critical work to make sure that things will work further up the stack.

    It's not flashy, on a resume most employers will give it a glance and even if they know what it is this person does and just how important it is, it rates a little above "that's nice" unless they're "concerned it may impact your productivity". It's a damned shame and I wonder how much chaos, insanity and murder is going to have to occur to get people and business to actually give a shit.

    1. Terry 6 Silver badge

      Re: Something's gotta give

      We really need to start treating critical software infrastructure like we do for things like transportation and fuel, food supply chains, medical supply chains, etc.

      You're obviously not from around these parts, stranger.

    2. Cliffwilliams44 Silver badge

      Re: Something's gotta give

      "We really need to start treating critical software infrastructure like we do for things like transportation and fuel, food supply chains, medical supply chains, etc."

      I don't know what it's like in Europe but here in the US, especially in the older parts of the country (Northeast) the "so called" critical infrastructure has been neglected for decades if not for over a century!

      Very little money and effort is put into maintaining and modernizing water and sewer systems because for they most part they "just work"! When they fail they fail massively! Like Flint Michigan polluting the drinking water with massive amounts of lead from lead pipes. Like NYC having massive sewer failures when the remnants of a hurricane passed over the city costing millions of dollars and many lives.

      (Buy as we saw, no one takes responsibility, they can just blame Climate Change!)

  18. JBowler

    Ha, I win, my Stratum 0 NTP server is running on a Raspberry Pi with gpsd 3.17

    I just checked. Sad, but true. Completely up-to-date RPi.

    1. Anonymous Coward
      Anonymous Coward

      Re: Ha, I win, my Stratum 0 NTP server is running on a Raspberry Pi with gpsd 3.17

      Except you're wrong, your NTP server is Stratum 1. The GNSS networks themselves are the Stratum 0. :)

  19. Conundrum1885

    Doomsday

    First it was Y2K, then 24/10/2021.

    Is it just me or is there a non-zero chance "Fail Deadly" systems could on this day wrongly conclude something terrible has happened?

    Either way I may well dig out the Geiger counter(s) and tinned food just in case bad things happen.

    Protip: quite a lot of tinned food notably kidney beans is NOT SAFE to eat cold even when in date, never do this.

    Also useful: somewhere on dead tree edition I have the "idiots guide to metallurgy, crop rotation, and other such useful skills".

    1. ThatOne Silver badge

      Re: Doomsday

      > tinned food notably kidney beans is NOT SAFE to eat cold even when in date

      Why? (Genuine question)

      1. Conundrum1885

        Re: Doomsday

        https://www.vegancoach.com/eating-uncooked-kidney-beans.htm

        basically they contain a toxin that is destroyed by cooking.

        1. Anonymous Coward
          Anonymous Coward

          Re: Doomsday

          I thought that canned kidney beans had been cooked (and the toxin destroyed) as part of the canning process. This is also based on experience, as I have eaten canned kidney beans which were just re-heated, whereas dried beans must be cooked for >1hr to be edible. I couldn't get the link above to work, but was it referring to dried or canned beans?

        2. ThatOne Silver badge

          Re: Doomsday

          > basically they contain a toxin that is destroyed by cooking.

          Thanks, but like the AC above, I'm pretty sure canned beans are already cooked (At least those I usually use are). The initial post seemed to make a difference between eating them cold, as opposed to reheated.

        3. Robert Carnegie Silver badge

          Re: Doomsday

          Asda tinned red kidney beans, online, says "Check product is piping hot before serving." But they basically always say that. NHS says on the following link that tinned beans are already safely cooked. It says if not, DO NOT SLOW COOK.

          https://www.nhs.uk/live-well/eat-well/beans-and-pulses-nutrition/

          1. ThatOne Silver badge
            Thumb Up

            Re: Doomsday

            Thanks. So, tinned kidney beans are harmless, just as I thought, and one should never slow-cook dried red kidney beans. (Not that I ever would, but it's good to know.)

            1. Robert Carnegie Silver badge

              Re: Doomsday

              I mean, it puzzles me somewhat that the NHS, the hospitals and doctors, are speaking authoritatively about vegetables in cans that could be but apparently aren't poisonous.

  20. Not previously required

    Sending help to Nebraskans

    There are a few thousand of these projects - not too many for a public database. How about one of the big FOSS groups maintaining a list of critical projects, their maintainers etc. OASIS / EFF / FSF etc or even a new group (El Reg ...). Then it would be possible to organise financial support or extra humans to help on a more rational basis. Such database would have to avoid pointing rogue states or other actors wishing to cause chaos at a list of humans to delete.

  21. Snapper
    Mushroom

    >cough<

    So there is a rocket somewhere that's going to say either 'Whoooooooosh' or 'No, I'm not going!'

    1. Donchik
      Mushroom

      Dark Star V2.1?

      Bomb#20: In the beginning, there was darkness. And the darkness was without form, and void.

      Boiler: What the hell is he talking about?

      Bomb#20: And in addition to the darkness there was also me. And I moved upon the face of the darkness. And I saw that I was alone. Let there be light.

  22. W.S.Gosset Silver badge

    esr

    Didn't Eric write gpsd originally?

    Don't imagine he'll be happy someone broke it. He's delightfully anal about edge cases. ISTR him mentioning gps had an unusual number of subtle curly ones.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like