People will say, but, gee, those systems had to be checked out, both in simulations and actual tests. Well, sure, as best we can set up test conditions. But say something happened on this re-entry that triggered a portion of the controller that had heretofore gone untested. It could be any minor thing, misalignment on re-entry, a few degrees of trim and yaw not fully corrected, whatever. If those PID limits failed or were never implemented, it doesn't take much to drive the system into saturation and instability.
Yup, I have seen it many times. It usually resulted in a 99 code and total failure as well as loss of data and program lock up.
Theoretically possible I'd guess, but I would be looking elsewhere before I'd go there. I too have seen software problems appear that no one had considered before. Never a 'fatal flaw' but stuff that should not have happened. But these are on systems that haven't been exposed to the intensive V&V that NASA uses. Few if any companies have the money, manpower or luxury of time to devote to the intense simulation regime that NASA uses. That software has been through the wringer for 20 years and it just seems that if a fatal flaw were there, it would have been spotted long ago. Mechanical devices on the other hand can test perfectly today and go bad tomorrow.