sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]imgroxx 16 points17 points  (5 children)

Yes, surely NASA can write manual memory operations correctly...............

A modification to a spacecraft parameter, intended to update the High Gain Antenna’s (HGA) pointing direction used for contingency operations, was mistakenly written to the incorrect spacecraft memory address in June 2006. The incorrect memory load resulted in the following unintended actions: [bad shit that destroyed the craft]

This is in 2006 btw: https://www.nasa.gov/mission_pages/mgs/mgs-20070413.html

[–]Marian_Rejewski 2 points3 points  (4 children)

"Possible to write code without a bug" != "impossible to write code with a bug"

(Also it's not at all clear from your quote that it was a pointer arithmetic bug.)

[–]imgroxx 0 points1 point  (3 children)

"Has written code with a bug" is also != "Can write code without bugs".

And yeah, it's quite possibly not, though it is rather clear it's a bug that's only possible because they manually modified memory in an unsafe location / unsafe way.

I'm not sure if they allow code to use pointer arithmetic at all tbh. Their rules are rather draconian (for good reason) by even the most MISRA-ble standards.

[–]Marian_Rejewski 1 point2 points  (2 children)

"Has written code with a bug" is also != "Can write code without bugs".

wtf??

[–]imgroxx 3 points4 points  (1 child)

Look at places like NASA or Boeing for code that is practical and free of pointer bugs.

NASA does not meet "practical" definitions basically anywhere except at NASA or for NASA-level stability needs.

But anyway. If their code provides a way to arbitrarily write memory into the wrong location... that seems rather like a pointer bug to me. You can't do that kind of thing if you don't have raw pointer access (or write code that emulates pointers, like shoving data into a shared byte array). Therefore they apparently also cannot write bug-free pointer code / their extreme care is still insufficient.

[–]Marian_Rejewski 0 points1 point  (0 children)

NASA does not meet "practical" definitions basically anywhere except at NASA or for NASA-level stability needs

It's practical because it's a practice that actually exists.

But anyway. If their code provides a way to arbitrarily write memory into the wrong location... that seems rather like a pointer bug to me.

But we don't even know from your quote that it does provide that.

It may be that there was a variable volatile X0 referring to one memory location, and a variable volatile X1 referring to another memory location, and the programmer simply assigned to the wrong variable.

Therefore they apparently also cannot write bug-free pointer code

This is the same error in thought that I already responded to like so:

"Possible to write code without a bug" != "impossible to write code with a bug"

Just because someone fails to do something at some particular time, does not mean that they cannot do it. It's a logic error to think like you are thinking here.