←back to thread

The Therac-25 Incident (2021)

(thedailywtf.com)
449 points lemper | 5 comments | 27 Aug 25 06:57 UTC | HN request time: 0.516s | source
Show context
napolux ◴[27 Aug 25 08:17 UTC] No.45036831[source]
The most deadly bug in history. If you know any other deadly bug, please share! I love these stories!
replies(8): >>45036858 #>>45036868 #>>45036872 #>>45036943 #>>45037179 #>>45037200 #>>45037786 #>>45038530 #
NitpickLawyer ◴[27 Aug 25 08:23 UTC] No.45036858[source]
The MCAS related bugs @ Boeing led to 300+ deaths, so it's probably a contender.
replies(1): >>45036870 #
solids ◴[27 Aug 25 08:26 UTC] No.45036870[source]
Was that a bug or a failure to inform pilots about a new system?
replies(4): >>45036913 #>>45036916 #>>45037108 #>>45037315 #
1. AdamN ◴[27 Aug 25 08:33 UTC] No.45036913[source]
Both - and really MCAS was fine but the issue was the metering systems (Pitot tubes) and the handling of conflicting data. That part of the puzzle was definitely a bug in the logic/software.
replies(3): >>45037015 #>>45037262 #>>45037861 #
2. kijin ◴[27 Aug 25 08:49 UTC] No.45037015[source]
Remember the Airbus that crashed in the middle of the Atlantic because one of the pilots kept pulling on his yoke, and the computer decided to average his input with normal input from the other pilot?

Conflict resolution in redundant systems seems to be one of the weakest spots in modern aircraft software.

replies(1): >>45037812 #
3. phire ◴[27 Aug 25 09:30 UTC] No.45037262[source]
That wasn't a bug.

They deliberately designed it to only look at one of the Pitot tubes, because if they had designed it to look at both, then they would have had to implement a warning message for conflicting data.

And if they had implemented a warning message, they would have had to tell the pilots about the new system, and train them how to deal with it.

It wasn't a mistake in logic either. This design went through their internal safety certification, and passed.

As far as I'm aware, MCAS functioned exactly as designed, zero bugs. It's just that the design was very bad.

4. sgerenser ◴[27 Aug 25 10:41 UTC] No.45037812[source]
Air France 447: https://en.m.wikipedia.org/wiki/Air_France_Flight_447

Inputs were averaged, but supposedly there’s at least a warning: Confused, Bonin exclaimed, "I don't have control of the airplane any more now", and two seconds later, "I don't have control of the airplane at all!"[42] Robert responded to this by saying, "controls to the left", and took over control of the aircraft.[84][44] He pushed his side-stick forward to lower the nose and recover from the stall; however, Bonin was still pulling his side-stick back. The inputs cancelled each other out and triggered an audible "dual input" warning.

5. mnw21cam ◴[27 Aug 25 10:48 UTC] No.45037861[source]
It wasn't pitot tubes that had the hardware problem, it was the angle of attack sensor. The software was poorly designed to believe the input from just one fallible angle of attack sensor.