DEV Community
Follow
"They generate more bugs, more security holes": C++ creator takes aim at vibe coding
Bjarne Stroustrup, creator of C++, argues that modern AI tools are unreliable for complex system code and programming language design. He states that AI-generated code introduces more bugs and security vulnerabilities. A major problem is validation, as AI changes are difficult to track across a project. However, Stroustrup acknowledges AI's potential for technical writing with human oversight. He emphasizes that AI is not yet suitable for safety-critical or performance-critical code. Stroustrup also notes that LLMs, trained on existing code, may perpetuate old bugs and outdated approaches. The PVS-Studio team agrees that AI-generated code requires thorough checking, just like human-written code. Phillip Khandeliants highlights that unverified AI output can be suboptimal or insecure. He recommends extensive code review, static and dynamic analysis, and formal verification for all code. Oleg Lisiy compares uncritical AI use to mindlessly using autocomplete in an IDE. He believes that AI's role should be to streamline workflows, not replace human development entirely. The consensus is that AI-generated code must be rigorously validated before deployment.
