> It does, but as I mentioned, Red-Hat and Android ship with bounds checking enabled via FORTIFY.
I was under the impression FORTIFY only checked bounds with specific functions (mostly those starting with "mem" or "str"), and not on general pointer arithmetic. Thus, an OOB array access would not be caught. Am I wrong on this? Online sources seem to agree with my understanding: https://zatoichi-engineer.github.io/2017/10/06/fortify-sourc...
Additionally, FORTIFY does not work on variable length arrays (like std::vector), only those which have a size known at compile time.
> Hence why the ultimate solution is to have hardware memory tagging for bounds checking, Solaris has been doing it for a decade, ARM is following along, including a collaboration with CHERI, only Intel borked their MPX design, and it seems not to be on RISC-V's radar.
Unfortunately, Intel and ARM are the only relevant vendors here (at least in 2022, but for the record I wish the others the best of luck), so Intel's implementation sucking is a huge blow.
The point being made, if we scroll way back up this thread, is that Rust (supposedly, I have maybe 30 mins of experience with it) has these protections built into the language, and doesn't require compiler flags with "DEBUG" in their name to get them.
If this is true, for new projects, such as the experimental OS we're all talking about, Rust (or any language with a similar feature) could be a better choice.
I was under the impression FORTIFY only checked bounds with specific functions (mostly those starting with "mem" or "str"), and not on general pointer arithmetic. Thus, an OOB array access would not be caught. Am I wrong on this? Online sources seem to agree with my understanding: https://zatoichi-engineer.github.io/2017/10/06/fortify-sourc...
Additionally, FORTIFY does not work on variable length arrays (like std::vector), only those which have a size known at compile time.
> Hence why the ultimate solution is to have hardware memory tagging for bounds checking, Solaris has been doing it for a decade, ARM is following along, including a collaboration with CHERI, only Intel borked their MPX design, and it seems not to be on RISC-V's radar.
Unfortunately, Intel and ARM are the only relevant vendors here (at least in 2022, but for the record I wish the others the best of luck), so Intel's implementation sucking is a huge blow.