Comment by CamperBob2

16 days ago

When's the last time you saw a decent coding model create a buffer-overflow bug while trying to use C strings?

Serious question. Anyone else seen this happen in the last 12-18 months? If so, which model and version were you using?

I had Claude write a bit of stupid C# the other day that had an off by one string truncate. Surprised the hell out of me.

Would you even know? Serious question. The volume of code the models can produce, the subtle ways these bugs can manifest (or even only manifest when under attack), it seems like they would be easy to overlook.

  • I have a habit of getting GPT 5.5 to review everything Opus writes for me, and vice versa. The model in the reviewer role frequently finds things I overlooked myself. Occasionally in parts of the code I wrote.

    No modern LLM has found any buffer overflow bugs in parts of my code that originated from another LLM. Again, though, they have found one or two that were my fault.

I use Zig, which has slices, so so far none. But man, it can't get ref counting right to save its life. There have been remarkably few times it's gotten it right on the first try. My codebase considers OOM recoverable, so it keeps forgetting to clean up memory when OOM is raised. Even in the happy path though it still messes up ref counting. I use Kimi k2.6.