[PRL] [Risks Digest 23.24] Trouble with Mars rover Spirit
Mitchell Wand
wand at ccs.neu.edu
Wed Mar 24 21:18:07 EST 2004
FYE. The article at the cited URL is actually quite informative.
--Mitch
Date: Tue, 2 Mar 2004 13:55:38 +0100
From: Erling.Kristiansen at esa.int
Subject: Trouble with Mars rover Spirit
A good explanation of what happened to Spirit is at
http://www.eetimes.com/sys/news/OEG20040220S0046
In brief:
- A software upload took place in order to correct some problem
- A utility to delete files belonging to the old software was uploaded, but
the upload failed
- This failure was apparently forgotten or ignored, resulting in less file
space being available for experiment data than anticipated
- When the file system overflowed, a reboot occurred. This, apparently, was
the intended behaviour
- The reboot could not complete due to insufficient available file space
- An infinite loop of reboots was entered
RISKS, as I perceive them:
- Relying on mission planners, working on assumed rather than actual file
space, to not overflow file system
- A file system that does not fail gracefully when overflowed
- A boot sequence that requires resources that may become unavailable
More information about the PRL
mailing list