Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!eternal-september.org!feeder.eternal-september.org!.POSTED!not-for-mail
From: Gene Wirchenko <genew@ocis.net>
Newsgroups: comp.lang.java.programmer
Subject: Re: Arithmetic overflow checking
Date: Mon, 11 Jul 2011 08:04:06 -0700
Organization: A noiseless patient Spider
Lines: 51
Message-ID: <v34m17tduq0gfj7hvigfaok54lmguldbpf@4ax.com>
References: <015aeb15-57db-48ab-9cd4-77f8448b632f@w24g2000yqw.googlegroups.com> <2rydnez7l-H5BYnTnZ2dnUVZ_vGdnZ2d@earthlink.com> <CpmdnZ2c6KsSI4jTnZ2dnUVZ_jydnZ2d@posted.palinacquisition> <wZCdnWNqDO0pe4jTnZ2dnUVZ_v2dnZ2d@earthlink.com> <9LWdnZH2hdfmyYvTnZ2dnUVZ_vidnZ2d@posted.palinacquisition> <t0fe17do5p4qslksigd5fmgbsbg7l3hk9n@4ax.com> <nospam-F5163A.19300908072011@news.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Injection-Info: mx04.eternal-september.org; posting-host="7Qrvczazr82YckO5XW8Vtw"; logging-data="22774"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18cWDvAUb6TnU44NLGQQ8B5PV5VPy9BLxw="
X-Newsreader: Forte Agent 4.2/32.1118
Cancel-Lock: sha1:vblBRBZgW1l3sbbP0+CK/fHJEGo=
Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:6072

On Fri, 08 Jul 2011 19:30:09 -0400, "John B. Matthews"
<nospam@nospam.invalid> wrote:

>In article <t0fe17do5p4qslksigd5fmgbsbg7l3hk9n@4ax.com>,
> Gene Wirchenko <genew@ocis.net> wrote:
>
>> On Thu, 07 Jul 2011 17:51:06 -0700, Peter Duniho
>> <NpOeStPeAdM@NnOwSlPiAnMk.com> wrote:
>> 
>> [snip]
>> 
>> >I would not worry about the "simple" or "efficient" criteria.  IMHO, 
>> >if one is deciding to apply overflow checking to every computation, 
>> >one has already abandoned the hope of efficiency.
>> 
>> Not necessarily.  If a rocket ends up being destroyed as a result, 
>> having the computing go a bit slower to save having to build another 
>> rocket would have been more efficient.  Unfortunately, this is not a 
>> made-up example.  See:
>
>> <http://en.wikipedia.org/wiki/Ariane_5_Flight_501>
>
>> In the subsequent investigation, the cause of the problem was 
>> recreated.
>> 
>> Turn on those run-time checks unless speed *REALLY* is of paramount 
>> importance.  It usually is not.
>
>The software was designed for one system but used in another system 
>without adequate testing. In particular,
>
>s) It would have been technically feasible to include almost the entire 
>inertial reference system in the overall system simulations which were 
>performed. For a number of reasons it was decided to use the simulated 
>output of the inertial reference system, not the system itself or its 
>detailed simulation. Had the system been included, the failure could 
>have been detected.

     And the subsystem that the error was in was neded for the Ariane
4 but not for the Ariane 5.  Software reuse ended up biting hard.

>The full report may be seen here:
>
><http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report>

     I have read a lot about that incident, though not as much as
about the THERAC-25 fiasco.

Sincerely,

Gene Wirchenko