From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,87627bdc747a0287 X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news2.google.com!news3.google.com!border1.nntp.dca.giganews.com!nntp.giganews.com!wn12feed!worldnet.att.net!4.24.21.153!newsfeed3.dallas1.level3.net!news.level3.com!newsfeed1.easynews.com!easynews.com!easynews!sn-xt-sjc-02!sn-xt-sjc-01!sn-xt-sjc-06!sn-post-sjc-01!supernews.com!corp.supernews.com!not-for-mail From: "ME" Newsgroups: comp.lang.ada Subject: Re: Martian Rover Spirit's mulitasking software reset. Date: Thu, 7 Sep 2006 20:46:09 -0700 Organization: Posted via Supernews, http://www.supernews.com Message-ID: <12g1ps4mqkpj3de@corp.supernews.com> References: <12fsfpic0ccq16b@corp.supernews.com> <9YadnSb_QKCM-GPZRVnytQ@bt.com> <12fv43a6m46o2e5@corp.supernews.com> <44fff0ed$1_4@newsfeed.slurp.net> X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.2869 X-RFC2646: Format=Flowed; Response X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 X-Complaints-To: abuse@supernews.com Xref: g2news2.google.com comp.lang.ada:6514 Date: 2006-09-07T20:46:09-07:00 List-Id: Paul, I think that you are thinking go an earlier problem which was the flash but this latest problem was as described above. There have been others as well... "Paul Anderson" wrote in message news:44fff0ed$1_4@newsfeed.slurp.net... > All: > >>>>>The mars rover Spirit suffered a software reset as a result of a >>>>>multitasking problem. >>>>>"The apparent cause was that the rover's central processing unit was >>>>>overworked as several tasks were running in parallel at the time." >>>>> The rover uses VX works and I believe C. Testing obviously did not >>>>>catch this fault. Would the use of Ada made any difference? >>>>> >>>> >>>>My understanding is that there was a "priority inverstion", so had >>> >>>That is also my understanding. > > This isn't right. The problem with Spirit was with the flash > memory. It is hard to find a good description of exactly what > went wrong, but the reboots happened because there were too > many files open. Whether Ada might have helped is really > impossible to say, given the paucity of information available. > > The Mars Pathfinder mission from 1997 was the one that had the > priority inversion problem. I doubt that they were aware of > the problem before launch, as it turned out to be so easy > to fix. In VxWorks, when you create a semaphore you do > something like: > > sem_id = semMCreate(options); > > where options is a bitmask that specifies the set of options > you want for the semaphore. VxWorks implements the priority > inheritance protocol, so if you want to use it, you would do: > > sem_id = semMCreate(SEM_Q_PRIORITY | SEM_INVERSION_SAFE); > > On the Pathfinder, they simply did not specify the > SEM_INVERSION_SAFE option. > > Fortunately, the options were held in a global variable, and > they were able to upload a patch that updated that variable to > specify that option. > > I don't believe that VxWorks had an implementation of the > priority ceiling protocol at that time. > > For more information, see: > http://en.wikipedia.org/wiki/Priority_inversion > http://research.microsoft.com/~mbj/Mars_Pathfinder/Mars_Pathfinder.html > > There was a third Mars mission that had a software problem: the Mars > Polar Lander. In this case, during entry to the atmosphere, a sensor > generated a spurious signal indicating that the craft had landed, and > the software set a bit accordingly. This shut down the descent engines > prematurely. The craft then plummetted to the surface and was > destroyed. The software should have detected that the sensor input > was invalid at that time, and unset the problematic bit. Apparently > the addition of a single line of code would have prevented the problem. > > It is hard to see how Ada could have helped here either. > > Paul