this post was submitted on 04 Aug 2024
201 points (96.3% liked)

Programming

16971 readers
198 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 1 year ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
201
DARPA suggests turning old C code automatically into Rust – using AI, of course (www.theregister.com)
submitted 1 month ago by lemmee_in@lemm.ee to c/programming@programming.dev
61 comments fedilink hide all child comments
 

To accelerate the transition to memory safe programming languages, the US Defense Advanced Research Projects Agency (DARPA) is driving the development of TRACTOR, a programmatic code conversion vehicle.

The term stands for TRanslating All C TO Rust. It's a DARPA project that aims to develop machine-learning tools that can automate the conversion of legacy C code into Rust.

The reason to do so is memory safety. Memory safety bugs, such buffer overflows, account for the majority of major vulnerabilities in large codebases. And DARPA's hope is that AI models can help with the programming language translation, in order to make software more secure.

"You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is 'here's some C code, please translate it to safe idiomatic Rust code,' cut, paste, and something comes out, and it's often very good, but not always," said Dan Wallach, DARPA program manager for TRACTOR, in a statement.

you are viewing a single comment's thread
view the rest of the comments
[–] litchralee@sh.itjust.works 21 points 1 month ago* (last edited 1 month ago) (10 children)

This is an interesting application of so-called AI, where the result is actually desirable and isn't some sort of frivolity or grift. The memory-safety guarantees offered by native Rust code would be a very welcome improvement over C code that guarantees very little. So a translation of legacy code into Rust would either attain memory safety, or wouldn't compile. If AI somehow (very unlikely) manages to produce valid Rust that ends up being memory-unsafe, then it's still an advancement as the compiler folks would have a new scenario to solve for.

Lots of current uses of AI have focused on what the output could enable, but here, I think it's worth appreciating that in this application, we don't need the AI to always complete every translation. After all, some C code will be so hardware-specific that it becomes unwieldy to rewrite in Rust, without also doing a larger refactor. DARPA readily admits that their goal is simply to improve the translation accuracy, rather than achieve perfection. Ideally, this means the result of their research is an AI which knows its own limits and just declines to proceed.

Assuming that the resulting Rust is: 1) native code, and 2) idiomatic, so humans can still understand and maintain it, this is a project worth pursuing. Meanwhile, I have no doubt grifters will also try to hitch their trailer on DARPA's wagon, with insane suggestions that proprietary AI can somehow replace whole teams of Rust engineers, or some such nonsense.

Edit: is my disdain for current commercial applications of AI too obvious? Is my desire for less commercialization and more research-based LLM development too subtle? :)

[–] RiikkaTheIcePrincess@pawb.social 21 points 1 month ago

so-called AI

knows its own limits

frustration noises It knows nothing! It's not intelligent. It doesn't understand anything. Attempts to keep those things acting within expected/desired lines fail constantly, and not always due to malice. This project's concept reeks of laziness and trend-following. Instead of a futile effort to make a text generator reliably produce either an error or correct code, they should perhaps put that effort into writing a transpiler built on knowable, understandable rules. ... Oh, and just hire a damn Rust dev. They're climbing up the walls looking to Rust-ify everything, just let them do it.

load more comments (9 replies)