(610) 584-4261 sales@gimpel.com
Request Evaluation Online Demo Blog
Gimpel Software LLC Logo   Gimpel Software PC-lint Plus Order Evaluate Support About
Famous Software Bugs

It's hard to do much in today's world without bumping into computers.   As consumers, we expect our devices, computers and gadgets to work as intended, and most of the time they do.   But, what happens when the software that runs them has a bug.  Most software bugs result in inconvenience or annoying situations. However, they can sometimes result in financial losses,  life-threatening situations and even in the death of innocent people.   We examine a few of the more famous and serious software bugs below.

Toyota Unintended Acceleration Problem

As early as 1992, drivers were reporting unintended acceleration (UA) problems with their Toyotas.  Since that time, at last 52 people lost their lives in Toyota auto accidents due to a combination of hardware and software problems leading to UA.  Michael Barr and Prof. Philip Koopman served as expert witnesses in the Bookout vs. Toyota lawsuit of 2013.  Among the software problems they found were buffer overflow, invalid pointers, race conditions and stack overflow. Read More...

Apple’s "goto fail" bug

In Feb 2014, Apple issued a security update in reference to SSL/TLS. The culprit was a “goto fail;” statement which caused the statement following it to be unreachable.

For additional information, see Susan McCord’s excellent Barr Group webinar beginning with minute 42 or slide 39 in the transcript.

Mars Climate Orbiter

Back in 1999, the $327.6 million project Mars Climate Orbiter built by NASA's Jet Propulsion Laboratory approached the Red Planet at the wrong angle resulting in the spacecraft's demise. What went wrong? It was discovered that different parts of the engineering team were using different units of measurement. One group working on the thrusters measured in English units of pounds-force seconds; the other used metric Newton-seconds. Read More...

USS Yorktown

On September 21, 1997, a division by zero error in the "Remote Data Base Manager" aboard USS Yorktown brought down all the machines on the network, causing the ship's propulsion system to fail.  A crewman had entered a blank field into a data base. The blank was treated as a zero and caused a Divide-by-Zero Exception which the data-base program could not handle. It aborted to the operating system, Microsoft Windows NT 4.0, which crashed, bringing down all the ship’s LAN consoles and remote terminals

Ariane 5 Rocket, Flight 501

In June 1996, the Ariane 5 rocket had its maiden flight, known as Flight 501.  The rocket self-destructed 37 seconds after launch, resulting in a failed mission at a cost of approximately $370 Million dollars.  The failure was caused by the data conversion from a 64-bit floating point value to a 16-bit signed integer value which resulted in integer overflow.

For additional information, see Barr Group’s video beginning at minute 16 or slide 16 of the transcript.

Patriot Missile System

The Patriot Missile System is a surface-to-air missile system designed to shoot down enemy aircraft.  In February, 1991, an enemy missile struck American troop barracks in Saudi Arabia when a battery of Patriot missiles failed to intercept an incoming Scud missile. The result was 28 dead soldiers and over 100 other casualties.  The cause was determined to be a software error in the system's clock -  an accumulated clock drift that worsened the longer the system was in operation.

For additional information, see Barr Group’s video beginning at minute 26 or Slide 24 of the transcript.

The Morris Worm

In 1988, Robert Morris, Jr. released the internet worm which eloquently pointed out the vulnerability of the internet and the need for better security.  His  use of the gets() function to cause a buffer overflow in the Berkeley Unix finger daemon led to the crippling of thousands of machines.

Therac-25

Between June 1985 and January 1987, six patients were either seriously injured or killed by a massive overdose of radiation from the computer controlled radiation therapy machine, Therac 25. Among the software problems detected were race conditions and arithmetic overflow.

Go Here for an extensive report on this incident.