FRIEDERIKE NIEDTNER, Principal Technical Research Program Manager, Microsoft Research AI Frontiers: The following talk combines two projects that both harness the LLM’s capabilities to understand and produce code. Both aim to help developers tackle the difficulties of safe low-level programming. One to ensure memory safety in legacy C code; the other presents RustAssistant, a tool for developers to automatically fix compilation errors in Rust. ASEEM RASTOGI: Hi, my name is Aseem Rastogi, and I’m a researcher in the Future of Scalable Software Engineering organization in Microsoft Research. I’m going to talk to you about our paper, “LLM Assistance for Memory Safety.” This paper will be presented at the 47th International Conference on Software Engineering in May later this year. The lack of memory safety in low-level languages like C and C++ is one of the leading causes of software security vulnerabilities. For instance, a study by Microsoft estimated that 70% of the security bugs that Microsoft fixes and assigns a CVE every year are due to memory safety issues. Researchers have proposed safe dialects of C, for example, Checked C, that—with the help of additional source-level annotations—provide memory safety guarantees with low performance overheads. However, the cost of adding these annotations and the code restructuring required to enable them becomes a bottleneck in the adoption of these tools. In general, application of formal verification to real software faces the same challenge. In our paper, we explore the use of pretrained large language models to help with the task of code restructuring and inferring source annotations required to adopt Checked C. Let’s consider an example that takes an array of integers as input and sums the first n elements. To reason about the memory safety of this function, Checked C requires an annotation on p. One such annotation is as shown here. This tells the compiler that p is an array with at least n elements, which is enough to...
First seen: 2025-05-02 07:39
Last seen: 2025-05-02 18:41