55
DARPA initiates a new program to automate the translation of the world’s highly vulnerable legacy C code to the inherently safer Rust programming language (www.darpa.mil)
submitted 6 days ago by buh@hexbear.net to c/technology@hexbear.net
20 comments fedilink hide all child comments

it's joever for Cniles (I am one of them 😔)

top 20 comments
sorted by: hot top controversial new old
[-] Zvyozdochka@hexbear.net 25 points 6 days ago* (last edited 6 days ago)

This sounds cool in theory, but would be extremely hard to pull off in any kind of meaningful fashion I think simply because Rust is just too different from C. You can probably make something to very roughly "transpile" C to Rust, but the Rust code that is generated probably wouldn't be good and will probably be a pain to work with simply because it'd end up being a mess and at that point, if you're going to have to end up refactoring a ton of generated code, you may as well just rewrite it yourself so it is actually half decent code.

[-] DefinitelyNotAPhone@hexbear.net 12 points 6 days ago

Also considering that a lot of this C code is going to be extremely critical code pathways, like making sure your banks don't collapse and your energy plants don't blow up, the major pain paths for migrating to another language are going to be rigorously testing every last path through it, not rewriting it.

[-] Speaker@hexbear.net 7 points 6 days ago* (last edited 6 days ago)

Your bank runs on COBOL and your energy plants run on one of a family of PLC (programmable logic controller) languages. Most of the critical path in your day-to-day that runs C is the gaping security hole that is the internet.

[-] git@hexbear.net 19 points 6 days ago

dead-dove-1 unsafe everywhere

dead-dove-2

dead-dove-3

[-] Zvyozdochka@hexbear.net 7 points 6 days ago

Many such cases

[-] citrussy_capybara@hexbear.net 16 points 6 days ago

us military to run C code through chatGPT to get rust code

recent breakthroughs in machine learning techniques, like large language models (LLMs), have created an environment that may lend itself to a new class of solutions.

DARPA’s Translating All C to Rust (TRACTOR) program wants to seize this opportunity by substantially automating the translation of the world’s legacy C code to Rust.

“You can go to any of the LLM websites, start chatting with one of the AI chatbots, and all you need to say is ‘here's some C code, please translate it to safe idiomatic Rust code,’ cut, paste, and something comes out, and it's often very good

[-] InevitableSwing@hexbear.net 9 points 6 days ago

‘Here's some C code, please translate it to safe idiomatic Rust code,’ cut, paste, and something comes out, and it's often very good.

For extra delicious pizza add glue!

[-] Gorb@hexbear.net 14 points 6 days ago

Just write everything in java and run the OS on the JVM

[-] heggs_bayer@hexbear.net 9 points 6 days ago

Just rewrite everything the DOD hosts on a server to use spring boot.

[-] heggs_bayer@hexbear.net 11 points 6 days ago

Unlimited memory safety vulnerabilities on the first world!

[-] Collatz_problem@hexbear.net 6 points 6 days ago

Critical support for automated generation of garbage code for American military.

[-] hypercracker@hexbear.net 7 points 6 days ago

I do kinda like the idea of using CHERI to run all this C code with memory safety properties enforced by hardware instead of rewriting it all in rust, but whatever either works

[-] itsraining@lemmygrad.ml 6 points 6 days ago

I actually find Rust pretty OK. The only things that I don't like about Rust is its quirky syntax. And its primitive implementation of OOP. And its compiler. And cargo. And the ecosystem...

OK well maybe I don't find Rust actually OK. Why did we have to invent a whole new language if we could improve standards and compilers for existing languages?

[-] AOCapitulator@hexbear.net 5 points 6 days ago* (last edited 6 days ago)

instead of using pooled resources to create a new program which would educate and gainfully employ thousands or tens of thousands (idk how big a task this is as I'm tech illiterate but I'm blindly assuming its on the scale of the US national highway system when first implemented) they're going to use a robot to make bad code

capitalism is very efficient

[-] keepcarrot@hexbear.net 5 points 6 days ago

I wonder what the inside of DARPA is like. Full of the worst nerds paid too much money to fuck around with explosives. Lots of true believers of tech and America

[-] EmoThugInMyPhase@hexbear.net 5 points 6 days ago

Learn to ~~code~~ write prompts

[-] bumpusoot@hexbear.net 5 points 6 days ago* (last edited 6 days ago)

Instead of mass translating C code in some insane ready-to-ruin codebases project, why not just.. make a compiler that addresses the vulnerabilities?

[-] Speaker@hexbear.net 8 points 6 days ago

They did, it's called rustc. A compliant C compiler cannot escape giving a programmer unfettered access to manipulate memory, so the problem is not in the compiler. There are safe subsets of C that don't exhibit these problems, but a compiler that only supports such a subset is no longer a C compiler.

[-] bumpusoot@hexbear.net 1 points 6 days ago

Thanks, guess that makes sense, kinda.

[-] krolden@lemmy.ml 5 points 6 days ago

So are they gonna stop using Linux or try to do this with the kernel?

this post was submitted on 17 Sep 2024
55 points (100.0% liked)

technology

23189 readers
54 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 4 years ago
MODERATORS
Jadzia_Dax@hexbear.net
blashork@hexbear.net
context@hexbear.net
EmmaGoldman@hexbear.net
SexUnderSocialism@hexbear.net
gaycomputeruser@hexbear.net
ZoomeristLeninist@hexbear.net