This sounds like a good idea, but is it really? The idea that the language that code is expressed in can make it better is a subtle one and this might just have escaped the DARPA bosses.

We all know that Rust is a safer language than C and so it seems like a no-brainer to see if AI can convert all existing programs in C into Rust:

"After more than two decades of grappling with memory safety issues in C and C++, the software engineering community has reached a consensus. It’s not enough to rely on bug-finding tools. The preferred approach is to use “safe” programming languages that can reject unsafe programs at compile time, thereby preventing the emergence of memory safety issues."

OK, this sounds like the sort of thing that DARPA should get involved in and if nothing else, TRAnslating all C to Rust gives us a good acronym. TRACTOR. Shame the project isn't called "Rusty Tractor".

The suggested methods are:

"The TRACTOR program aims to automate the translation of legacy C code to Rust. The goal is to achieve the same quality and style that a skilled Rust developer would produce, thereby eliminating the entire class of memory safety security vulnerabilities present in C programs. This program may involve novel combinations of software analysis, such as static analysis and dynamic analysis, and machine learning techniques like large language models."

The idea seems to stem from the belief that AI can solve all difficult problems, but I would say that this isn't really the problem you want to solve. C and C++ are prone to certain errors that we all know about - mostly concerned with the way memory is used, or rather misused. Rust has mechanisms that mean that it is more difficult to misuse memory without noticing that you are doing it, by making it clear who, or rather what pointer, actually owns the memory at any given time. This makes tree data structures safer, but if you want something that isn't a tree, like a doubly-linked list, then you probably need to use an unsafe block. where the ownership rules aren't enforced. This isn't a terrible thing in that at least you now know where your dangerous code is, but the code is on a par with C or C++ as far are "safe" goes.

So this AI entity is going to have to translate unsafe C code into safe Rust code by keeping track of ownership and perhaps now and again giving up and putting it in an unsafe block. My guess is that most of the code will end up in unsafe blocks because of the way it has been written.

Now we come to the obvious, but often overlooked, fact that program correctness has very little to do with the language it is written in. Languages make mistakes easier or harder to make, but you don't have to make them in any language. TRACTOR could just as easily express the correct algorithm in C or C++ as in Rust. If you detect a null pointer then the fix in C is just as good as a fix in Rust.

Safe code is safe in any language and if some languages make it easier to write safe code then that is good, but the idea that the code has to be translated to another language to become "safe" is nuts. You can't even argue that translating it to Rust makes it easier to maintain as safe code as the code base would be machine-generated and likely not human-friendly. Using simpler tools to do a manual conversion to Rust, where the human programmer joins in the process and improves both the code and their understanding of the code, seems much more rewarding.

It would make much more sense to purpose the AI to find and fix unsafe code in C/C++, but of course we already have some tools that help with this problem and you probably don't even need AI for the job.

New code might be better generated in Rust, but translating old code into it isn't an enterprise worth the effort.

The first event for those planning to submit proposals for the TRACTOR project will be held on August 26, 2024. If you want to join in register by August 19.

• Mike James is Chief Editor of I Programmer and the author of several programming books in the I Programmer Library. Safe and unsafe behavior is one of the topics in his  recently published Deep C Dives: Adventures in C (I/O Press).  

More Information

Translating All C to Rust (TRACTOR)

Related Articles

Is Rust Safe?

DARPA Launches AI Cyber Challenge

New DARPA Challenge Takes Autonomous Driving Off Road

DARPA's AI Next Campaign - $2 Billion!

Darpa Robotics Challenge Grows

DARPA Funds Big Code Database Project

DARPA Cyber Grand Challenge AI Will Prevail

DARPA Competition For The Intelligent Defensive Computer

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Comments

Make a Comment or View Existing Comments Using Disqus

or email your comment to: comments@i-programmer.info

<ASIN:1871962889>