Can Array Overruns Lead to Catastrophic Failures?

  • Context: C/C++ 
  • Thread starter Thread starter Lillyotv
  • Start date Start date
  • Tags Tags
    Array Lead
Click For Summary

Discussion Overview

The discussion centers around whether array overruns can lead to catastrophic failures in programming, particularly in the context of C++ and other C-type languages. Participants explore the implications of array bounds checking, the responsibilities of programmers, and the differences between languages like C++, Java, and C# regarding error handling and efficiency.

Discussion Character

  • Debate/contested
  • Technical explanation
  • Conceptual clarification

Main Points Raised

  • Some participants assert that array overruns can indeed lead to catastrophic failures, citing examples like buffer overflows.
  • Others argue that C++ does not provide bounds checking because it prioritizes efficiency and allows programmers to write optimized code.
  • It is suggested that the responsibility for preventing array overruns lies with the programmer, who should write correct code or use safer alternatives like customized array classes or the std::vector class.
  • Some participants note that while C/C++ lacks built-in bounds checking, languages like Java and C# do implement such checks, although there is disagreement about the extent and effectiveness of these checks.
  • There are discussions about the challenges compilers face in determining out-of-bounds access, especially when array indices are computed at runtime.
  • One participant shares personal experience with out-of-bounds issues in a project, highlighting the practical difficulties in identifying such errors.

Areas of Agreement / Disagreement

Participants generally disagree on the effectiveness of bounds checking in different programming languages and the implications of array overruns. There is no consensus on whether C# provides adequate bounds checking compared to C/C++.

Contextual Notes

Some statements reflect personal experiences and opinions about the efficiency of bounds checking and the responsibilities of programmers, which may vary based on individual programming practices and project requirements.

Lillyotv
Messages
12
Reaction score
0
Can over running of array lead to the catastrophic failures?
If ‘Yes’ then why does not C++ provide bound checking on array operations and who is responsible to prevent array overruns?
 
Technology news on Phys.org
First question: definitely. Obviously if you need a piece of data that doesn't exist, some operations will fail. My experience is in C# and not C++, but my understanding is that C-type languages can't ever be expected to catch all array bounding errors.

It's always better to write solid code that behaves in the way the programmer intended than to expect the compiler to catch errors for you.
 
Lillyotv said:
Can over running of array lead to the catastrophic failures?
Yes, or worse. See http://en.wikipedia.org/wiki/Buffer_overflow

If ‘Yes’ then why does not C++ provide bound checking on array operations
Bounds checking is inefficient. C++, like C, is intended to allow the programmer to write efficient code, and so it would be inappropriate for standard C++ to enforce bounds checking.


and who is responsible to prevent array overruns?
It's the programmer's job to write correct code. If you are worried about this error, then you shouldn't use raw arrays; you should write a customized array class that does provide bounds checking.

In fact, the C++ standard std::vector class does provide bounds checking if you use the at member to access data.
 
Sojourner01 said:
C-type languages can't ever be expected to catch all array bounding errors.
Java does. Wikipedia suggests that C# does too.
 
Also, IIRC, the following is valid C++ code
Code: 
int intarray[20];
int* ptr = intarray; 
// equivalently:
ptr = &intarray[0];
ptr += 4;
// now ptr points at either &intarray[1] or &intarray[4]
I can imagine it is hard for the compiler to check on every pointer assignment if it happens to point at an array, if the assignment would cause it to point outside it, and if the programmer didn't just mean to do it, as in
Code: 
... // above code, then
int someInt;
ptr = &someInt; 
// should the compiler warn or not?
 
The compiler cannot always determine whether an array access is out of bounds. Consider the cases of an array index formed from an argument passed to a function. How can the compiler possibly determine at compile time whether use of this computed index entails an out-of-bounds access? In languages that do check for out-of-bounds conditions, the check is almost always performed at execution time.

While C/C++ arrays are not accompanied with any bounds checking, the vector template in the C++ standard template library does provide this ability.
 
Hurkyl said:
Bounds checking is inefficient. C++, like C, is intended to allow the programmer to write efficient code, and so it would be inappropriate for standard C++ to enforce bounds checking.
This is exactly correct. C/C++ is intended to allow the programmer to write efficient code, not to efficiently write code!
 
Hurkyl said:
Java does. Wikipedia suggests that C# does too.

There's a world of difference between C/C++ and Java/C#, though :wink:
 
Wikipedia suggests that C# does too.

Not the case. I've been grappling with out-of-bounds issues for some time with a project of mine. I'm fortunate that my project will come across one every runtime if any are present, so they're relatively easy to find.
 
  • #10
Sojourner01 said:
Not the case. I've been grappling with out-of-bounds issues for some time with a project of mine. I'm fortunate that my project will come across one every runtime if any are present, so they're relatively easy to find.

Yes it does. Bounds checking means that array access attempts are checked at runtime to make sure an access to a memory location outside the array's bounds doesn't occur. If such an access is attempted, a runtime error will occur (specifically, an IndexOutOfRangeException will be thrown, in the case of C#), rather than the access going through, which would cause unpredictable results.

You're thinking of compile-time bounds checking, which is largely impossible.
 
Last edited:
  • #11
Thanks a lot. I have the concept clear in my head now.
Cheers:)
 

Similar threads

C/C++ Question about New syntax of C++
  • · Replies 31 ·
2
Replies
31
Views
3K
How to dynamically allocate an array of strings
  • · Replies 6 ·
Replies
6
Views
3K
C/C++ Questions about C++, pointers, OS and compiler memory allocation
  • · Replies 17 ·
Replies
17
Views
4K
C/C++ Passing a VBA array to a C++ dll - Example Needed
  • · Replies 3 ·
Replies
3
Views
8K
Why can I print C-Strings without a Loop?
  • · Replies 3 ·
Replies
3
Views
2K
C/C++ Associative Arrays in C/C++ - Favorite Strategies?
  • · Replies 7 ·
Replies
7
Views
4K
C/C++ OpenMP and Fortran90/C++ problems
  • · Replies 5 ·
Replies
5
Views
4K
Programming style in R - to array-process or not?
  • · Replies 2 ·
Replies
2
Views
1K
C/C++ C++ - dynamically allocating memory to array of structs
  • · Replies 10 ·
Replies
10
Views
7K
Graduate Question about factoring the Klein-Gordon equation
  • · Replies 6 ·
Replies
6
Views
2K