If anyone has trouble reading this, there's also plain text versions of individual slides:<p><a href="http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp00002.txt" rel="nofollow">http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp0000...</a><p><a href="http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp00003.txt" rel="nofollow">http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp0000...</a><p>etc.<p>Here's the whole thing in one page, minus images:<p><a href="https://gist.github.com/anonymous/6757266/raw/3469464cb802e7c9a6cbe7c2508b252f7ad8ebdd/Theo+de+Raadt%3A+Going+long+long+on+time_t+to+cope+with+2%2C147%2C483%2C647%2B1" rel="nofollow">https://gist.github.com/anonymous/6757266/raw/3469464cb802e7...</a>
Good read, even if you, like me, don't care too much about the low-level stuff..<p>A few takeaways:<p>- Embedded 32bit is everywhere. Sure they'll fix the obvious ones, but I'm sure some things will be forgotten about. This problem might not be taken seriously after the Y2K debacle.<p>- The OpenBSD guys & gals like to do implement new designs and ideas. Sometimes radical. (but I already knew that)<p>- A transitional solution can end up being <i>the</i> solution ans stick around forever :(<p>- Theorem "In operating systems, increased popularity leads to greater resistance to change". Probably true in most "products".
For format strings, why not do the inttypes.h thing, and define a macro for the format specifier of (time_t)?<p><pre><code> "%" PRI_TIME_T</code></pre>
So, this slide confused/troubled me: <a href="http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp00029.html" rel="nofollow">http://www.openbsd.org/papers/eurobsdcon_2013_time_t/mgp0002...</a><p>I don't see why it would be a good idea to convert "time_t" to "long long". Having an alias specifically for time_t is part of what makes this kind of work doable. I could see maybe introducing another alias like "time64_t" or something, but once you convert it to "long long" the type is no longer tagged in a way that makes it easy to find and more importantly suggests to the programmer they ought to NOT make assumptions about its size. Heck, in a perfect world I'd either introduce a new % symbol specifically for time_t width or have a macro that expands to represent its width (not to mention make it mandatory to use compiler warnings about string formats not matching argument widths).<p>I also found the comment about "would love better compiler tools -- none found so far". Certainly there are things like Sparse (<a href="https://sparse.wiki.kernel.org/index.php/Main_Page" rel="nofollow">https://sparse.wiki.kernel.org/index.php/Main_Page</a>) which correctness verification easier.
I notice the ideas that it is not the number of contributors that matter, but the number of sufficiently skilled ones, and the that popularity impedes change. I can't help draw a parallel with the advice that you should listen to your most valuable customers, and potential customers, and that the rest of your users will expect free stuff, and complain loudly when you pivot.
NetBSD did this a while ago, but was better about binary compatibility and things.<p><a href="http://www.netbsd.org/changes/changes-6.0.html#time_t" rel="nofollow">http://www.netbsd.org/changes/changes-6.0.html#time_t</a>
The C standard only states that time_t is an integer (or floating-point) type, and POSIX further states it represents seconds since the epoch, so a 64-bit time_t is a good solution.<p>In order to find and change occurrences of time_t in ports more easily, they could use the Coccinelle tool.[1] The following semantic patch would find and replace variable declarations of type time_t:<p><pre><code> @sys_types@
@@
#include <sys/types.h>
@time_t depends on sys_types@
identifier x;
@@
- time_t x
+ long long int x
;
</code></pre>
Replacing printf format specifiers is more difficult, so the following semantic patch will find printf statements which use time_t variables, which can then be edited manually:<p><pre><code> @sys_types@
@@
#include <sys/types.h>
@stdio@
@@
#include <stdio.h>
@printf depends on sys_types && stdio@
identifier x;
@@
time_t x;
...
* printf(..., x, ...);
</code></pre>
These can be used as follows:<p><pre><code> $ spatch --sp-file foo.cocci --dir /path/to/ports
</code></pre>
where `foo.cocci` is the name of one of the semantic patches above.<p>[1] <a href="http://coccinelle.lip6.fr/" rel="nofollow">http://coccinelle.lip6.fr/</a>