Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!usenet.ukfsn.org!not-for-mail
From: Martin Gregorie <martin@address-in-sig.invalid>
Newsgroups: comp.lang.java.programmer,comp.lang.c
Subject: Re: Arithmetic overflow checking
Date: Tue, 12 Jul 2011 21:08:43 +0000 (UTC)
Organization: UK Free Software Network
Lines: 35
Message-ID: <ivid4r$34o$1@localhost.localdomain>
References: <wZCdnWNqDO0pe4jTnZ2dnUVZ_v2dnZ2d@earthlink.com> <9LWdnZH2hdfmyYvTnZ2dnUVZ_vidnZ2d@posted.palinacquisition> <pPqdnbD2qr5G7ovTnZ2dnUVZ_qednZ2d@earthlink.com> <3797038f-22d1-40b2-8c12-60db5a0976b8@t5g2000yqj.googlegroups.com> <4e1bf1bc$0$15671$4fafbaef@reader2.news.tin.it> <e7b7711c-93d5-477e-a470-21386854ff6f@j15g2000yqf.googlegroups.com> <s15p17t8vlv6sd9jknplh1eknmq7jnsgts@4ax.com> <jOSdnUKE6ZMiP4HTnZ2dnUVZ_sCdnZ2d@earthlink.com> <iviaa2$52u$1@dont-email.me> <36bp17tf79bhbd6hovf9srhmcs1jh1c040@4ax.com>
NNTP-Posting-Host: 84.45.235.129
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: localhost.localdomain 1310504923 3224 84.45.235.129 (12 Jul 2011 21:08:43 GMT)
X-Complaints-To: usenet@localhost.localdomain
NNTP-Posting-Date: Tue, 12 Jul 2011 21:08:43 +0000 (UTC)
User-Agent: Pan/0.133 (House of Butterflies)
Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:6133 comp.lang.c:8193

On Tue, 12 Jul 2011 13:23:40 -0700, Gene Wirchenko wrote:

> 
>      I also suggest that they build a time machine and go for a ride
> on a certain Ariane 5 launch.
>
An out-of-range signal might have been the initial clause[1] but the real 
problem was that this exception caused an diagnostic bit pattern to be 
written to the SRI's (Inertial Reference System's) normal output channel, 
where the OBC (On Board Computer) interpreted it as flight data by 
failing to recognise it as an exception message. Unfortunately, by 
treating it as flight data, the OBC interpreted it as requiring full 
engine deflection, causing the Ariane 5 to yaw violently. Unsurprisingly, 
being side-on at high airspeed caused it to break up. 

There real cause of the crash was using a poorly documented A4 SRI 
without fully understanding its designed-in operating parameters or 
ensuring that they were reset to interpret standard A5 operating 
conditions as normal and within limits and then compounding the problem 
by not designing the OBC to recognise SRI exception messages. 

IOW, this crash was more a case of poor documentation and design rather 
than arithmetic overflow.

The full report is here: http://www.di.unito.it/~damiani/ariane5rep.html

[1] The instrument causing the problem was an unmodified Ariane 4 SRI 
which raised an out-of-limits exception when the normal Ariane 5 
trajectory exceeded a permitted Ariane 4 horizontal velocity limit.  


-- 
martin@   | Martin Gregorie
gregorie. | Essex, UK
org       |