Integer overflow: Difference between revisions

 

Taking the arithmetic mean of two numbers by adding them and dividing by two, as done in many [[search algorithm]]s, causes error if the sum (although not the resulting mean) is too large to be represented and hence overflows.<ref>{{cite web |url=http://googleresearch.blogspot.co.uk/2006/06/extra-extra-read-all-about-it-nearly.html |title=Extra, Extra - Read All About It: Nearly All Binary Searches and Mergesorts are Broken |website=googleresearch.blogspot.co.uk}}</ref>

 

An unhandled arithmetic overflow in the engine steering software was the primary cause of the crash of the 1996 maiden flight of the [[Ariane 5 Flight 501|Ariane 5]] rocket.<ref>{{cite web |last=Gleick |first=James |author-link=James Gleick |date=1 December 1996 |title=A Bug and A Crash |url=https://www.nytimes.com/1996/12/01/magazine/little-bug-big-bang.html |work=The New York Times |access-date=17 January 2019}}</ref> The software had been considered bug-free since it had been used in many previous flights, but those used smaller rockets which generated lower acceleration than Ariane 5. Frustratingly, the part of the software in which the overflow error occurred was not even required to be running for the Ariane 5 at the time that it caused the rocket to fail: it was a launch-regime process for a smaller predecessor of the Ariane 5 that had remained in the software when it was adapted for the new rocket. Further, the true cause of the failure was a flaw in the engineering specification of how the software dealt with the overflow when it was detected: it did a diagnostic dump to its bus, which would have been connected to test equipment during software testing during development but was connected to the rocket steering motors during flight; the data dump drove the engine nozzle hard to one side which put the rocket out of aerodynamic control and precipitated its rapid breakup in the air.<ref>Official report of Ariane 5 launch failure incident.</ref>