How to avoid losing 370 million US-Dollars when writing code.
The tragedy of Ariana the 5th.
Did you ever hear the tragedy of Ariana the 5th?
I thought not.
It is not a story the EU would tell you.
It is a programmer legend.
On the 4th of June in 1996 a single software bug caused the Ariana 5 rocket to explode 37 seconds after launch. With it, it took 4 cluster-satellites, causing a massive loss of 370 Million US-Dollar. That’s 10 Million US-Dollars for each second in the air.
But how did this terrible event came to be?
The Ariana 5 exploded due to a simple stack-overflow mistake, that happened in the variable responsible for the acceleration checks. This variable was a (signed) 16-bit integer, meaning it could go as high as a total value of 32768 or as low as -32767.
When the variable tries to go above its maximum value something truly magical happens, something that every programmer can tell you about, because they have all made it within the first semester of their studies. Instead of stopping or breaking, the value turns from 32768 to -32767.
Because 32768 + 1 = -32767, obviously duh.
This didn’t cause the rocket to transform into a fireball that rivaled the size of a family house right away however, but rather messed with everything else in the program.
Causing one small mistake to turn into a hundred little mistakes and so on.
What happened after the overflow was that the program believed that it was off course. Due to speed, height and duration of the flight all being relevant in determining a rockets position after start. The rocket, in fact, now believed it was rather heavily of course, causing it to do a 90% turn to try and get back on course. Similar to every car driver on a highway in front of me when they realizes that they were daydreaming and their exit is just a few meters ahead of them self.
But what could have caused such an obvious error to go hidden for so long?
Well, writing an essay in 7th grade by coping (Ctrl C) and pasting (Ctrl V) is a very bad idea. It turns out the same applies to the code for a rocket…… Who would have thought?
The programmer side has used old parts of the Ariana 4 for their newest model, and decided that it worked well enough with the old version to still be use able for the new one.
But when you have a faster, better and generally more advanced rocket, using the old calculations might be a bad idea.
The funniest thing about this whole tragedy is that the module that failed wasn’t even needed. And was just used to have the new program be more like the old one.
TLDR; test your code, don’t lose 370 Million US-Dollars 37 seconds after starting your program.
With best regards,
Robots Can’t Read
This was a great read! Thanks Alexander