http://www.theregister.co.uk/2015/05/01/787_software_bug_can_shut_down_planes_generators/
The US Federal Aviation Administration (FAA) has issued a new airworthiness directive (PDF) for Boeing's 787 because a software bug shuts down the plane's electricity generators every 248 days.
“We have been advised by Boeing of an issue identified during laboratory testing,” the directive says. That issue sees “The software counter internal to the generator control units (GCUs) will overflow after 248 days of continuous power, causing that GCU to go into failsafe mode.”
When the GCU is in failsafe mode it isn't making any power. That'll be bad news if all four of the GCUs aboard a 787 were powered up at the same time, because all will then shut down, “resulting in a loss of all AC electrical power regardless of flight phase.”
And presumably also turning the 787 into a brick with no power for its fly-by-wire systems, lighting, climate control or in-flight movies. The fix outlined in the directive is pretty simple: make sure you turn the GCUs off before 248 days elapse. Boeing is working on a fix and the FAA says “Once this software is developed, approved, and available, we might consider additional rulemaking.”
For now, before you board a 787 it's probably worth asking the pilot if he can turn it off and turn it on again.
(Score: 5, Funny) by Snotnose on Sunday May 03 2015, @01:43AM
I want my family to turn the machines off, wait 30 seconds, turn them back on, and see if that solves the problem.
When the dust settled America realized it was saved by a porn star.
(Score: 2, Funny) by Anonymous Coward on Sunday May 03 2015, @03:04AM
You do know that doing that will likely result in a near-death erection, right?
(Score: 2) by davester666 on Sunday May 03 2015, @05:10AM
Time for one final ride before you are gone!
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @01:51AM
They must still be using windows 98.
(Score: -1, Troll) by Anonymous Coward on Sunday May 03 2015, @02:46AM
Windows 98 crashed after 49.7 days, so you see 248 days is much better. But let's face facts, nerd. You haven't used Windows since 98, have you, penguin fucker? Here's your chance to stop flying Boeing, you assmuncher.
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @03:22PM
Bwahahahaha. Yeah, I learned that a real OS exists, one that doesn't shit on you in the middle of work. Go ahead and keep paying for your infested pile of crap, it was made for idiots like you.
(Score: 2) by BK on Sunday May 03 2015, @03:57AM
Fucking windows 98! ... [youtube.com]
...but you HAVE heard of me.
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @01:52AM
I hear that Rust is the safest programming language ever made. Would it have avoided this bug?
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @04:12AM
no
(Score: 2) by LoRdTAW on Sunday May 03 2015, @05:36PM
No. Why? Has nothing to do with memory safety and is simply just a programming error. Some languages can handle the overflow more gracefully than c can. But there still has to be code that handles the error.
(Score: 2) by darkfeline on Monday May 04 2015, @08:24AM
Possibly, if Rust adds a requirement that programmers must handle overflow conditions. Note that Rust technically isn't stable yet, so there's a non-zero possibility of that happening, provided you aren't using a lossy datatype like floats (another prime source of programmer bugs).
Join the SDF Public Access UNIX System today!
(Score: -1, Offtopic) by Anonymous Coward on Sunday May 03 2015, @01:55AM
What the fuck does systemd have to do with any of this? The article doesn't mention systemd. It doesn't even mention Linux. Why the fuck would you even bring up systemd when it clearly wasn't involved at all?
(Score: 1) by anubi on Sunday May 03 2015, @02:23AM
Re-load corrected software and carry on.
Glad they found this bug in the lab instead of a post-mortem flight recorder analysis or close call in flight.
Sorry, no rant this time.
This sounds just like something I might accidentally do myself. This kind of stuff happens every time one tries to build something new.
My reply stated exactly what I would do about it.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @02:53AM
That's fine in a regular consumer product.
But safety critical code has a much higher standard to meet, just as safety-critical hardware does.
Kind of like Toyota's problems. [edn.com]
(Score: 4, Interesting) by anubi on Sunday May 03 2015, @04:13AM
All I can say is shit happens... no matter what. You can be as careful as you can be, and if you are too meticulous about it, even get fired for taking too long and being a perfectionist.
One of my bosses put it this way: "There comes a time in the life of every project when you have to shoot the engineer and begin production."
One of the hardest things I had to do as an aerospace engineer was to release my prototypes to management the instant I get them working, as they are chomping at the bit for immediate release so they can terminate engineering time on the time sheets. Cutting costs meant an executive bonus.
Interesting link. Just smacked of what one of my Chevron bosses ( yes, the ones who gave me the bad habit of trying to make it as good as I could while it was still in the lab ) used to drill into me...
I never felt I could share that kind of determination to make it good instead of just fast when working in the aerospace sector. I think the problem I was not working high enough up the management ladder where that kind of agenda could be enforced. I was more like a house painter that was just expected to putty and paint over problems. Gave me fits. Just like those rage-fits I throw out on these forums over mixing code and data ( embedding executable scripts into viewables ) .
I have burned more bridges pontificating over security and resilience issues. By golly, if I build it, I want it to work until you no longer want it. That is how I expect things to be built for me, and likewise, that is how I am damned determined to build for others. Nearly everything I have ever gotten that broke was somebody cut corners somewhere, saved a trivial amount of money to do so, and left me with a pile of junk. Usually discovered when I needed to use the thing. Bummer!
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @07:14AM
By golly, if I build it, I want it to work until you no longer want it. That is how I expect things to be built for me
You've never heard of 'Planned Obsolescence', have you? You should thank Edward Bernaise [wikipedia.org] for that.
(Score: 1, Interesting) by anubi on Sunday May 03 2015, @08:29AM
Yes, I have heard of planned obsolescence. Sounds just like suit-guy thinking.
Personally, I would like to take all that broken crap he fathered and ram it up his a**.
And that's putting it nicely.
I read that link you gave me and was convinced we would have all been better off if no-one would have paid any attention to him. Much less paid him. Suit-people actually paid him for spewing this kind of crap.
( Yes, I spew crap too, but no one pays me for it - what pisses me off is he spews destructive crap and people paid him for it. )
You really know how to push my buttons, don't you?
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by art guerrilla on Sunday May 03 2015, @01:49PM
bernays
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @03:33PM
All I can say is shit happens... no matter what. You can be as careful as you can be, and if you are too meticulous about it, even get fired for taking too long and being a perfectionist.
It has nothing to do with being a perfectionist. I submit that seeing it from that perspective is part of the problem.
The right perspective is good engineering. That's not an individual thing, it is a process thing. That process includes investigation of how the error made its way into the software in the first place and improving the engineering so that there will not be similar repeats. "Re-load and carry on" is the opposite of that.
(Score: 1) by anubi on Monday May 04 2015, @12:16AM
I did not say that.
I said:
Reloading the same buggy software did not fix anything.
It must be corrected.
Once its known how this happened, steps can be put in place to keep similar bugs from happening.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by captain normal on Sunday May 03 2015, @03:56AM
"This kind of stuff happens every time one tries to build something new."
Ahh...maybe an answer to what happened to Google Maps.
Everyone is entitled to his own opinion, but not to his own facts"- --Daniel Patrick Moynihan--
(Score: 1) by anubi on Sunday May 03 2015, @04:21AM
Amen to that!
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by nightsky30 on Sunday May 03 2015, @10:50PM
I hope the new code doesn't introduce a different bug. How many days will it take to find that one?
(Score: 3, Interesting) by MichaelDavidCrawford on Sunday May 03 2015, @02:48AM
- Jail, because I told a Grover Beach Police Department Officer that I was researching the effects of software faults on aviation safety. He charged me with the felony of making terrorist threats; I was never able to make the $50,000.00 bail.
I plea bargained to a lesser felony in hopes of paying $10.99 apiece to renew a couple domain names.
I'm not joking - this is The Gospel Truth.
Yes I Have No Bananas. [gofundme.com]
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @02:57AM
What the fuck?
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @03:23AM
Go home Michael, you're drunk.
(Score: 2) by MichaelDavidCrawford on Sunday May 03 2015, @03:31AM
Really I don't. All I've had today is coffee.
Yes I Have No Bananas. [gofundme.com]
(Score: 2, Funny) by Magic Oddball on Sunday May 03 2015, @08:47AM
But if you don't drink, how do you ingest the coffee? *ducks*
(Score: 3, Funny) by maxwell demon on Sunday May 03 2015, @10:39AM
How do you use ducks to ingest coffee?
The Tao of math: The numbers you can count are not the real numbers.
(Score: 3, Funny) by rts008 on Sunday May 03 2015, @04:06PM
Obviously, you are not aware of the new AutoDuck Coffe Swilling System®.
It consists of a specially crafted coffee mug with a helical tube that attatches to an IV catheter poked in you, then fill said mug with coffee, set your trained Coffee Duck in mug, and you're done!
As the Coffee Duck paddles around the mug trying to swim out, the current forces coffee through the tube straight to the IV.
They are fantastic, but trapping and training the required Coffee Ducks can be a problem if they are not native to your area. (only found around the Java region, and some import restrictions may apply in your location.)
Note: if you use two ducks, they can even Blend!
(Score: 2) by nightsky30 on Sunday May 03 2015, @11:00PM
I'm intrigued! How are these coffee ducks powered? What's the catch? There's no DRM preventing third party ducks is there?
(Score: 4, Funny) by rts008 on Monday May 04 2015, @05:21AM
Coffee Ducks are powered by by the desire to make pretty whirlpools in the mugs.
The catch is, well mainly, they're hard to find, much less catch; and they are really small (half the size of a marshmellow peep, but coffee ducks don't melt in hot coffee).
Yes there is very strong DRM(Duck Realistic Measure) applied to these coffee ducks. Physicisists have determined that in the average 6 ounce coffee mug, there is room for two. Use a bigger mug, then go crazy.
Third party ducks?
That's entirely up to you, but I highly disrecommend that route for two(among many) main reasons:
1) It's next to impossible to train other ducks to swimm in hot coffee, and the always try to fly off on vacation with their flock half the year.
2) Using a coffee mug big enough for a Mallard makes for a very unweildy travel mug that's rather costly to fill up, and refills will empty your wallet as quick as the hypothetical 'wife' I've heard of.
Also keep in mind a lot of governments frown on ducknapping migratory water fowl, but YMMV.
Coffee Ducks are not migratory due to the simple fact that they are incapable of flying with the 'coffee stirrer' shaped wings, so no worries!
They are not protected, or regulated, because they breed like guppies.
If you decide to go after your own, bone up on your snipe hunting techniques. Good Luck!
(Score: 2) by cafebabe on Wednesday May 06 2015, @02:57PM
I'm not aware of ducks in conjunction with coffee but I'm aware of civets in conjunction with coffee [wikipedia.org]. Unfortunately, I cannot recommend it due to animal cruelty.
1702845791×2
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @10:53PM
How many times do I have to repeat myself...Buzz Beer is not coffee!
(Score: 0) by Anonymous Coward on Monday May 04 2015, @03:33AM
Dude, shit like that makes you drink.
(Score: 1, Insightful) by Anonymous Coward on Sunday May 03 2015, @03:37AM
Link the arrest records.
Or do we need to look for them ourselves (we have your name and SSN)
(Score: 2) by MichaelDavidCrawford on Sunday May 03 2015, @04:17AM
-e.
Perhaps I could dig up a website with my guilty plea.
Really I have more productive work to do right now.
Yes I Have No Bananas. [gofundme.com]
(Score: 2) by MichaelDavidCrawford on Sunday May 03 2015, @05:14AM
I don't really know but speculate that the reason I have trouble finding work, is that a completely different Michael David Crawford did time in the Washington State Pen, then went on to perish in a shootout with the Tacoma Police.
Yes I Have No Bananas. [gofundme.com]
(Score: 0) by Anonymous Coward on Sunday May 03 2015, @08:07PM
Why don't you go kill him?
The only freedom you have is to kill your enemies.
(Score: 1) by rst on Sunday May 03 2015, @04:47AM
What are the chances the thing will run 248 days without a power cycle? How often do you have to change the oil? Not saying they shouldn't fix it, but does this bug matter in any practical sense? I would guess sense they found the bug in the lab, not at a crash site ...
(Score: 5, Informative) by gman003 on Sunday May 03 2015, @06:08AM
The chances are basically "by the time this bug triggers off, you'll probably have crashed already".
The plane is powered off during routine maintenance (supposed to be no more than 10 days between these IIRC). The generators are also connected to the engines, which also need to undergo maintenance requiring a shutdown at least once during those 248 days. And, of course, it's powered off if it would be sitting idle for any length of time, because otherwise it needs either a hookup to grid power, or constant refueling as the APU burns fuel.
Basically, it's the kind of bug you can only see in a sim because only in a sim will the plane still be able to fly in the condition it would have to be in for this bug to trigger.
(Score: 5, Informative) by maxwell demon on Sunday May 03 2015, @10:33AM
I wondered what would cause that overflow after 248 days, and played with the numbers.
It turns out that if you measure time in 1/100 seconds, a 32 bit signed int will overflow in 248 days, 13 hours, 13 minutes and 56.48 seconds.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by darkfeline on Monday May 04 2015, @08:28AM
Centiseconds? That's not a very common way of expressing time. The only reason I can think of for using centiseconds instead of, say, milliseconds is that they were really tight on space on whatever embedded system this was on, but if that were true, why would they be using a signed int?
Join the SDF Public Access UNIX System today!
(Score: 2) by maxwell demon on Monday May 04 2015, @05:46PM
Maybe because an unsigned short would already overflow after less than 11 minutes. I'm pretty sure that most flights take longer than that.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by darkfeline on Tuesday May 05 2015, @01:50PM
And an unsigned int would last twice as long as a signed int. I have no idea why you thought bringing up shorts was relevant.
Join the SDF Public Access UNIX System today!
(Score: 2) by maxwell demon on Tuesday May 05 2015, @06:19PM
And an unsigned int is an invitation to introduce bugs due to signed/unsigned issues. Thanks to integer promotion, those are no issue for unsigned short.
Also, an unsigned int would not have saved a single byte compared to a signed int, and as already stated in another post, reaching the current limit is only a theoretical issue anyway.
Let me quote again from your post I had replied to (it was your own post, so one would think you knew what you wrote, and additionally I had quoted that part directly in my reply, but well …):
So what would you prefer to int when being tight on space: A type that uses less space than int, or a type that uses the exact same space as int?
The Tao of math: The numbers you can count are not the real numbers.