On Friday, 25 November 2016 at 09:19:26 UTC, Alix Pexton wrote:
On 25/11/2016 07:14, Patrick Schluter wrote:
On Thursday, 24 November 2016 at 20:22:00 UTC, Timon Gehr
wrote:
On 24.11.2016 20:49, qznc wrote:
Although, the article [0] does not say that literally, it
sounds like an
integer overflow:
After trawling through mountains of data, the European
Space Agency
said Wednesday that while much of the mission went
according to plan,
a computer that measured the rotation of the lander hit a
maximum
reading, knocking other calculations off track.
That led the navigation system to think the lander was much
lower than
it was, causing its parachute and braking thrusters to be
deployed
prematurely.
"The erroneous information generated an estimated altitude
that was
negative—that is, below ground level," the ESA said in a
statement.
That is why we need CheckedInt, folks. Reminder End. ;)
[0]
http://phys.org/news/2016-11-glitch-blamed-european-mars-lander.html
I don't think overflow is what happened. Rather, the
statistical model
they used to filter the sensor data didn't match reality. It
put too
much trust into a malfunctioning sensor -- I assume the sensor
readings were extremely implausible.
Hey, sounds suspicously similar to Ariane 5 explosion. Does
ESA not
learn from its errors or am I only reading too much in it
(probably)?
I thought Ariane was caused by errorcodes from one module being
sent on the same bus as telemetry and interpreted as
instructions by another module?
A...
Nope it was an oveflowing down cast
https://around.com/ariane.html
The irony was that the specific module that had made the wrong
calculation was even formally proved to be correct.
This accident also gave Bertrand Meyer (Eiffel) a lot of wind for
his sails about design by contract
https://archive.eiffel.com/doc/manuals/technology/contract/ariane/
in that context it might be even interesting for the D language,
as it is one of the few languages that have (inbuilt) contracts.
