OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] The Airplane Example (was Re: [xml-dev] StreamingXML)

[ Lists Home | Date Index | Thread Index ]

Actually, according to the full report:

http://sunnyday.mit.edu/accidents/Ariane5accidentreport.html

1) the code was written in Ada
2) the data wasn't type-cast, but converted
3) the value of the float was out of range for the sixteen-bit integer
target
4) the software (ada, remember?) attempted to throw an exception, and
couldn't
5) faced with this exceptional condition, the software tried to shut
down
6) the redundant unit couldn't do so, because:

Although the source of the Operand Error has been identified, this in
itself did not cause the mission to fail. The specification of the
exception-handling mechanism also contributed to the failure. In the
event of any kind of exception, the system specification stated that:
the failure should be indicated on the databus, the failure context
should be stored in an EEPROM memory (which was recovered and read out
for Ariane 501), and finally, the SRI processor should be shut down.

In other words, because of strong typing and exception handling in Ada,
Ariane 5 crashed.  Which is perhaps not the argument that you wished to
support by introducing this example?

Especially as the code in question *had no function during flight for
Ariane 5*.

Amy!
On Tue, 04 Jan 2005 16:27:38 -0800
Daniela Florescu <dflorescu@mac.com> wrote:

>   I don't
> >think I can recall having *ever* had a program fail because someone
> >passed a float to a routine that expected an int.  
> 
> Really !?
> 
> For an impressive example, just take a look at this:
> 
> http://www.ima.umn.edu/~arnold/disasters/ariane.html
> 
> $7 billion dollars lost in an explosion after only a couple of seconds
> 
> in flight. More then 10 years of work for tens of thousands of people.
> Fortunately no human loses.
> 
> My lab at that time (INRIA) was tasked to read the millions of lines
> of code. There were many problems found, but the cause of the
> explosion was an unfortunate type conversion implicit in a function
> call if I recall correctly.
> 
> That was enough to deviate the rocket.
> 
> Best regards,
> Dana
> 
> 
> -----------------------------------------------------------------
> The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
> initiative of OASIS <http://www.oasis-open.org>
> 
> The list archives are at http://lists.xml.org/archives/xml-dev/
> 
> To subscribe or unsubscribe from this list use the subscription
> manager: <http://www.oasis-open.org/mlmanage/index.php>
> 


-- 
Amelia A. Lewis                    amyzing {at} talsever.com
I stopped by the bar at 3 a.m. to seek solace in a bottle, or possibly
a friend.  I woke up with a headache like my head against a board, twice
as cloudy as I'd been the night before.  I went in seeking clarity.
                -- Indigo Girls




 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS