Location

(virtual)

Title: Automatically Improving the code quality of Rust via LLM

 

Date: Monday, December 2, 2024

Time: 10:00 AM – 11:30 AM EST

Location: (virtual) https://gatech.zoom.us/j/94397495362

 

Xiang Cheng

Ph.D. Student

School of Computer Science & School of Cybersecurity and Privacy

College of Computing

Georgia Institute of Technology

 

Committee:

Dr. Taesoo Kim (advisor), School of Cybersecurity and Privacy, Georgia Institute of Technology

Dr. Brendan D. Saltaformaggio, School of Cybersecurity and Privacy, Georgia Institute of Technology

Dr. Qirun Zhang - School of Computer Science, Georgia Institute of Technology

Dr. Alessandro Orso - School of Computer Science, Georgia Institute of Technology

 

Abstract:

Rust, as an emerging system programming language that performs strict compilation checks, is gaining traction for its performance and memory safety advancements. It is adopted in crucial projects such as OS kernels, device drivers, web browsers, etc. While Rust's stringent memory safety features enhance security, they also pose challenges for developers in creating high-quality software and can lead to potential vulnerabilities.

 

Recent advancements in large language models (LLMs) have demonstrated significant capabilities in understanding and reasoning about program logic, contributing to increased productivity in software development through LLM-based assistants. However, these tools often fall short in generating high-quality Rust code that adheres to its strict safety standards.

 

In this proposal, we analyze the root cause of such gaps and propose different LLM-based tools to automatically improve the code quality of Rust from different aspects. From a testing perspective, we demonstrate a unit test generator for Rust: RUG, to automatically generate unit tests comparable with human developers. From a security perspective, we present SPOT, to recover the unsafe regions in Rust binaries and help with vulnerability hunting process. Finally, we propose COIN, a LLM based code analyzer for Rust to find implicit unsafe operations in Rust code.

 

Other/Miscellaneous
Public