From what little I've seen on this, it kind of feels like the issue with Priuses acceleration out of control like 15 years ago. It was a huge scandal that lead to multiple Toyota recalls and even a lawsuit settlement and in the end, it seems like it was basically human error.
One person messed up and crashed their Prius claiming the accelerator got stuck and it got picked up by the news. That story then primed other people to start looking for that and from then on anytime a Prius crashed people were looking to blame the accelerator. More people reported their Priuses accelerating out of control which then reinforced the idea even more and so on and so on.
well, it wasn't a prius originally, it was a lexus that launched off a southern california freeway because they burned the brakes up trying to stop the acceleration.
Toyota and lexus sometimes have the gas pedal hinged on the floor panel, rather than suspended from piece of metal from up above. If you swap out the stock floor mats for ones not designed with this in mind, during a hard brake your feet can move forward, jamming the floor mat into the accelerator and causing the engine to receive more fuel.
If you'd like a picture, i can go take a picture of the accelerator pedal in my lexus from 2012, and the floor mats which are all but bolted down to prevent this from happening.
as a side note i prefer the hinged design because there's less distance to traverse, i just wish the brake was the same way!
Most of the Toyota acceleration accidents were almost certainly the result of operator error. The fact that the staistical probablity increased with age gives that away.
However, Toyota got convicted because their software development process was so terrible that they were effectively criminally negligent and deserved to get absolutely roasted for it.
Globals are common and even right in this application. However they didn't take proper care in other ways (i'm not clear what I've just been in embedded long enough to know globals are often required despite how hard they are to get right)
Global variables (nee static) are fairly normal in embedded. You want to preallocate all your memory since you generally don't have a heap.
Mostly you have specific inputs from some other tasks and your outputs are consumed by different tasks. So, even though the variables are "global" they generally only have one writer with multiple readers in properly done embedded programming.
What Toyota did was not even in the same universe as "properly done embedded".
"specific inputs from some other tasks and your outputs are consumed by different tasks" sounds a lot like how PLCs work. Just running an infinite loop scanning inputs and triggering outputs in response to the state of the inputs.
In general embedded controllers like this don't have a lot of people working on them. They also have rules (enforced by review which isn't great) about when they can be accessed. In an embedded context you are not allowed to allocate memory (except at startup), so a lot of these globals are just arrays/buffers only used by one function or pseudo class (a class by intent but not actually a class by the language if the language even has a concept of class)
One person messed up and crashed their Prius claiming the accelerator got stuck and it got picked up by the news. That story then primed other people to start looking for that and from then on anytime a Prius crashed people were looking to blame the accelerator. More people reported their Priuses accelerating out of control which then reinforced the idea even more and so on and so on.