Date: Thu, 23 May 2024 20:51:43 +0200
Am Donnerstag, dem 23.05.2024 um 20:36 +0200 schrieb Corentin:
>
>
> On Thu, May 23, 2024, 20:31 Martin Uecker via Liaison <liaison_at_[hidden]> wrote:
> > Am Donnerstag, dem 23.05.2024 um 13:22 -0400 schrieb Bjarne Stroustrup via Liaison:
> > > IMO, CHERI or similar is going to be immensely important in the future
> > > because it is an obvious and elegant solution to key aspects of the
> > > heavily emphasized memory safety issues.
> > >
> > > Caveat: for my PhD, I worked on a distant ancestor to CHERI pioneering
> > > hardware memory controls (the CAP).
> > >
> > > On 5/23/2024 7:58 AM, Corentin via Liaison wrote:
> > > > (As an aside, while I understand there are platforms where uintptr
> > > > would need to be bigger than sizeof(void*)... that's allowed!
> > > > It's what CHERI seem to be doing
> > > > https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-947.pdf )
> >
> >
> > I don't thinks so. CHERI extends the size of a void*
> > to include space for a capability and uintptr_t then
> > has the same size to make roundtrips possible.
> > And uintptr_t in CHERI is not a true integer type.
>
> Can you define what a "true integer type" is and why you think uintptr_t on cheri isnt one?
uintptr_t is a type that carries the capability whose
validity is ensured using out-of-band flags. This may work most
of the time but it a hack that breaks the usual mathematical
semantics of integers. Transforming the same value may then
not give a valid pointer if some intermediate operation caused
the capability to be lost. This is problematic from a semantical
analysis and optimization point of view.
Martin
>
> Thanks
>
> >
> > Martin
> >
> > > _______________________________________________
> > > Liaison mailing list
> > > Liaison_at_[hidden]
> > > Subscription: https://lists.isocpp.org/mailman/listinfo.cgi/liaison
> > > Link to this post: http://lists.isocpp.org/liaison/2024/05/1419.php
> >
> > _______________________________________________
> > Liaison mailing list
> > Liaison_at_[hidden]
> > Subscription: https://lists.isocpp.org/mailman/listinfo.cgi/liaison
> > Link to this post: http://lists.isocpp.org/liaison/2024/05/1421.php
>
>
> On Thu, May 23, 2024, 20:31 Martin Uecker via Liaison <liaison_at_[hidden]> wrote:
> > Am Donnerstag, dem 23.05.2024 um 13:22 -0400 schrieb Bjarne Stroustrup via Liaison:
> > > IMO, CHERI or similar is going to be immensely important in the future
> > > because it is an obvious and elegant solution to key aspects of the
> > > heavily emphasized memory safety issues.
> > >
> > > Caveat: for my PhD, I worked on a distant ancestor to CHERI pioneering
> > > hardware memory controls (the CAP).
> > >
> > > On 5/23/2024 7:58 AM, Corentin via Liaison wrote:
> > > > (As an aside, while I understand there are platforms where uintptr
> > > > would need to be bigger than sizeof(void*)... that's allowed!
> > > > It's what CHERI seem to be doing
> > > > https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-947.pdf )
> >
> >
> > I don't thinks so. CHERI extends the size of a void*
> > to include space for a capability and uintptr_t then
> > has the same size to make roundtrips possible.
> > And uintptr_t in CHERI is not a true integer type.
>
> Can you define what a "true integer type" is and why you think uintptr_t on cheri isnt one?
uintptr_t is a type that carries the capability whose
validity is ensured using out-of-band flags. This may work most
of the time but it a hack that breaks the usual mathematical
semantics of integers. Transforming the same value may then
not give a valid pointer if some intermediate operation caused
the capability to be lost. This is problematic from a semantical
analysis and optimization point of view.
Martin
>
> Thanks
>
> >
> > Martin
> >
> > > _______________________________________________
> > > Liaison mailing list
> > > Liaison_at_[hidden]
> > > Subscription: https://lists.isocpp.org/mailman/listinfo.cgi/liaison
> > > Link to this post: http://lists.isocpp.org/liaison/2024/05/1419.php
> >
> > _______________________________________________
> > Liaison mailing list
> > Liaison_at_[hidden]
> > Subscription: https://lists.isocpp.org/mailman/listinfo.cgi/liaison
> > Link to this post: http://lists.isocpp.org/liaison/2024/05/1421.php
Received on 2024-05-23 18:51:46