This is a popular but useless question. The reality is that to err is human. At scale it's even worse because now you're not just accepting that you personally may be capable of mistakes when writing software, you might have made a mistake when hiring the people who in turn hire the programmers. Ouch.
> What if you used static analyzers to detect these issues before shipping?
In principle all the modern safer languages are in some sense is more static analysis. But the analysis is made possible in considerable measure through language design. If you insist on an unsafe language (like C or C++) then the analyser can't help much beyond "Don't use this language". Good advice.
> What if you put bounds checking into your functions to prevent this?
Bounds checks are a very small part of the problem. They're symptomatic (a language designed to do well at this will enforce bounds by one means or another) but not sufficient.
> What if you tested your software more effectively before shipping it?
You can't afford to actually test software thoroughly by its nature. You will only be able to test a microscopic fraction of possible system states, whether the softwawre works as intended under all the many other states remains unknown.
This is a popular but useless question. The reality is that to err is human. At scale it's even worse because now you're not just accepting that you personally may be capable of mistakes when writing software, you might have made a mistake when hiring the people who in turn hire the programmers. Ouch.
> What if you used static analyzers to detect these issues before shipping?
In principle all the modern safer languages are in some sense is more static analysis. But the analysis is made possible in considerable measure through language design. If you insist on an unsafe language (like C or C++) then the analyser can't help much beyond "Don't use this language". Good advice.
> What if you put bounds checking into your functions to prevent this?
Bounds checks are a very small part of the problem. They're symptomatic (a language designed to do well at this will enforce bounds by one means or another) but not sufficient.
> What if you tested your software more effectively before shipping it?
You can't afford to actually test software thoroughly by its nature. You will only be able to test a microscopic fraction of possible system states, whether the softwawre works as intended under all the many other states remains unknown.