To accelerate the transition to memory safe programming languages, the US Defense Advanced Research Projects Agency (DARPA) is driving the development of TRACTOR, a programmatic code conversion vehicle.

The term stands for TRanslating All C TO Rust. It’s a DARPA project that aims to develop machine-learning tools that can automate the conversion of legacy C code into Rust.

The reason to do so is memory safety. Memory safety bugs, such buffer overflows, account for the majority of major vulnerabilities in large codebases. And DARPA’s hope is that AI models can help with the programming language translation, in order to make software more secure.

“You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is ‘here’s some C code, please translate it to safe idiomatic Rust code,’ cut, paste, and something comes out, and it’s often very good, but not always,” said Dan Wallach, DARPA program manager for TRACTOR, in a statement.

  • zaphod@sopuli.xyz
    link
    fedilink
    arrow-up
    24
    ·
    5 months ago

    I threw some simple code at it and it even put unsafe on the main function, what’s the point of Rust then if everything is unsafe?

      • ulterno@lemmy.kde.social
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        And I hope that’s not someone who doesn’t understand the static keyword after 2+ years of C++ development.

    • JackbyDev@programming.dev
      link
      fedilink
      English
      arrow-up
      6
      ·
      5 months ago

      Baby steps. It’s easier to convert code marked unsafe in Rust to not need unsafe than it is convert arbitrary code in other languages to Rust code that doesn’t need unsafe.

    • The_Decryptor@aussie.zone
      link
      fedilink
      English
      arrow-up
      6
      ·
      5 months ago

      Ideally you don’t directly ship the code it outputs, you use it instead of re-writing it from scratch and then slowly clean it up.

      Like Mozilla used it for the initial port of qcms (the colour management library they wrote for Firefox), then slowly edited the code to be idiomatic rust code. Compare that to something like librsvg that did a function by function port