this post was submitted on 04 Aug 2024

206 points (96.4% liked)

Programming

17314 readers

71 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 1 year ago

MODERATORS

[email protected]

206

DARPA suggests turning old C code automatically into Rust – using AI, of course (www.theregister.com)

submitted 3 months ago by [email protected] to c/[email protected]

59 comments fedilink hide all child comments

To accelerate the transition to memory safe programming languages, the US Defense Advanced Research Projects Agency (DARPA) is driving the development of TRACTOR, a programmatic code conversion vehicle.

The term stands for TRanslating All C TO Rust. It's a DARPA project that aims to develop machine-learning tools that can automate the conversion of legacy C code into Rust.

The reason to do so is memory safety. Memory safety bugs, such buffer overflows, account for the majority of major vulnerabilities in large codebases. And DARPA's hope is that AI models can help with the programming language translation, in order to make software more secure.

"You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is 'here's some C code, please translate it to safe idiomatic Rust code,' cut, paste, and something comes out, and it's often very good, but not always," said Dan Wallach, DARPA program manager for TRACTOR, in a statement.

top 50 comments

sorted by: hot top controversial new old

[–] [email protected] 32 points 2 months ago

Key detail in the actual memo is that they're not using just an LLM. "Wallach anticipates proposals that include novel combinations of software analysis, such as static and dynamic analysis, and large language models."

They also are clearly aware of scope limitations. They explicitly call out some software, like entire kernels or pointer arithmetic heavy code, as being out of scope. They also seem to not anticipate 100% automation.

So with context, they seem open to any solutions to "how can we convert legacy C to Rust." Obviously LLMs and machine learning are attractive avenues of investigation, current models are demonstrably able to write some valid Rust and transliterate some code. I use them, they work more often than not for simpler tasks.

TL;DR: they want to accelerate converting C to Rust. LLMs and machine learning are some techniques they're investigating as components.

[–] [email protected] 2 points 2 months ago

Using an LLM to come up with function names for transpiled code would be a good idea, but other than that. Nope.

[–] [email protected] 47 points 2 months ago* (last edited 2 months ago) (1 children)

Code works in C

Want to make it safer

Put it into a fucking LLM

You know sometimes I wonder if I'm an idiot or that maybe I just don't have the right family connections to get a super high paying job

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

Too bad commenters are as bad as reading articles as LLMs are at handling complex scenarios. And are equally as confident with their comments.

This is a pretty level headed, calculated, approach DARPA is taking (as expected from DARPA).

[–] [email protected] 23 points 3 months ago (1 children)

c2rust: Am I a joke to you?

[–] [email protected] 24 points 3 months ago (3 children)

I threw some simple code at it and it even put unsafe on the main function, what's the point of Rust then if everything is unsafe?

[–] [email protected] 6 points 2 months ago

Baby steps. It's easier to convert code marked unsafe in Rust to not need unsafe than it is convert arbitrary code in other languages to Rust code that doesn't need unsafe.

[–] [email protected] 6 points 2 months ago

Ideally you don't directly ship the code it outputs, you use it instead of re-writing it from scratch and then slowly clean it up.

Like Mozilla used it for the initial port of qcms (the colour management library they wrote for Firefox), then slowly edited the code to be idiomatic rust code. Compare that to something like librsvg that did a function by function port

[–] [email protected] 8 points 2 months ago (1 children)

For all of our sake, I hope humans are the final set of eyes before the code is used in prod.

[–] [email protected] 1 points 2 months ago

And I hope that's not someone who doesn't understand the static keyword after 2+ years of C++ development.

[–] [email protected] 15 points 3 months ago

Thirty percent of the time it works all of the time!

[–] [email protected] 67 points 3 months ago (1 children)

turning C code automatically into Rust...

Oh wow they must have some sick transpiler, super exciting...

With AI, of course

God fucking damnit.

[–] [email protected] 7 points 3 months ago (1 children)

You want Skynet? 'Cause that's how you get Skynet.

[–] [email protected] 2 points 2 months ago

Maybe, but it's gonna be more like SkyNet with electrolytes; it's what terminators crave.

[–] [email protected] 45 points 3 months ago (1 children)

[–] [email protected] 2 points 2 months ago

On a bit serious note, flux.1 model is pretty good…

load more comments