| Dan Nagle 2005-09-22, 7:57 am |
| Hello,
If you want to know all about the Ariane V failure,
check over in comp.lang.ada, where, IIRC, the FAQ
has a complete description of the event. IAC,
the regulars know where to direct your attention.
Michel OLAGNON wrote:
>
>
> robin wrote:
>
>
>
> It was not what I call a programming error. The acceleration value
> that did not fit into the 16-bit integer was physically impossible
> with Ariane IV, so during code specification, when that overflow
> possibility was considered (and it was indeed, it is documented),
> it was decided that no exception handling was to be provided since
> a sensor malfunction should have been detected by other tests and
> else no reasonable action could be thought of to deal with a
> physically impossible value.
>
> When people tell me that it was a programming/specification
> error, I ask them: "If you had been in the project software
> specification panel, what course of action would you have suggested
> to handle the exception 'acceleration value does not fit
> into the 16-bit integer range' when you know that the sensor
> works correctly and that the physical upper bound must fit ?"
>
--
Cheers!
Dan Nagle
Purple Sage Computing Solutions, Inc.
|