Translating C To Rust: Lessons from a User Study
Ruishi Li
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Software Security: Code and Compiler
Memory safety vulnerabilities have long plagued system security, leading to a relentless stream of critical exploits. The C programming language, while foundational, is a primary culprit due to its manual memory management and lack of inherent safety guarantees. Rust has emerged as a compelling alternative, offering strong memory safety guarantees—both temporal and spatial—with minimal performance overhead, while still providing low-level control over system resources. This unique combination has garnered significant attention from both industry and government, fueling a desire to migrate existing C codebases to Rust.
AI review
Legitimate academic research with a clean methodology: 33 students, real C programs, measurable outcomes. The core finding — humans succeed at safe+correct translation by abstracting intent rather than mechanically mapping syntax — is valid and the specific strategies (AXM resolution, semantic lifting of char*, enum-for-union substitution) are well-articulated. Not groundbreaking for anyone who's spent serious time with Rust's borrow checker, but a useful empirical grounding for what the community already suspected.