Wondering to what degree this was done to support Anthropic’s web crawler. Would assume that having a whole JS runtime rather than just a HTTP client could be rather useful. Just hypothesising here, no clue what they use for their crawler.

I am incredibly happy that Apple has added MTE support to the latest iPhones and perhaps the M5 chips as well (?). If that’s the case I don’t think any other personal computers have anything close to Apple machines in terms of memory safety and related topics (Secure Enclave etc).

Hope other vendors will ship MTE in their laptop and desktop chips soon enough. While I’m very positive about x86_64 adding support for this (ChkTag), it’ll definitely take a while…

In my opinion a worthwhile enough reason to upgrade but feels like a waste given my current devices work great.

Not only does M5 have MTE, it has an "enhanced" version of it.

"We conducted a deep evaluation and research process to determine whether MTE, as designed, would meet our goals for hardware-assisted memory safety. Our analysis found that, when employed as a real-time defensive measure, the original Arm MTE release exhibited weaknesses that were unacceptable to us, and we worked with Arm to address these shortcomings in the new Enhanced Memory Tagging Extension (EMTE) specification, released in 2022."[1]

The enhancements add:[2]

* Canonical tag checking

* Reporting of all non-address bits on a fault

* Store-only Tag checking

* Memory tagging with Address tagging disabled

[1] https://security.apple.com/blog/memory-integrity-enforcement...

[2] https://developer.arm.com/documentation/109697/0100/Feature-...

It's MTE4. The "enhancements" mostly make it easier for Apple developers to hack XNU into continuing to operate with MTE.

It's more like MTE was originally intended as a debugging tool (like ASan), and MTE4 makes it work as a security hardening measure.

Do you know if macos has the changes needed to make use of MIE with M5? I assume that it has with iPadOS.

do you have a citation for M5 having MTE?

I did primary research. I just bought an M5 Mac and confirmed by doing:

  $ sysctl -a | grep MTE4
  hw.optional.arm.FEAT_MTE4: 1

Thank you for posting that. I was pretty sure the M5 was going to ship with MTE, but the last time I checked the documents, they still hadn't updated them (nor any mention of M5 having Apple10 in the metal feature tables). Some big features there that makes me want to upgrade!

It does.

Compiler/runtime support via clang and llvm should help I hope.

I'd like to get to the point where web browsers (for example) always run with memory-safe compilation and runtime features on every platform. OS kernels would be nice as well.

It will be nice to see more OSes ship with memory safety on by default for everything. Maybe OpenBSD is next?

As mentioned elsewhere, Solaris SPARC and Linux on SPARC since 2015.

sel4 ships with memory safety on by default.

Pixels with GrapheneOS also use MTE for security hardening

Really enjoyed reading this. Thanks for writing it!

These metrics can be used in performance reviews at Facebook.

Zig 0.13 is required according to https://ghostty.org/docs/install/build

This is pretty cool work.

Something that’s been on my mind recently is that there’s a need of a high-performance flame graph library for the web. Unfortunately the most popular flame graph as a library / component, basically the react and d3 ones, work fine but the authors don’t actively maintain them anymore and their performance with large profiles is quite poor.

Most people that care about performance either hard-fork the Firefox profiler / speedscope flame graph component or create their own.

Would be nice to have a reusable, high performance flame graph for web platforms.

Axum + minijinja is quite close to this I would say. Been using it for a little while and I am very happy so far.

Seconding the recommendation, it's really great when paired with HTMX on the frontend too.

Haven’t had the chance to play with WezTerm just yet but wanted to share that the author is an incredibly smart, friendly, and humble.

Had the opportunity to work on a project together at work some years back and I can only aspire to be 1/10th as good of an engineer as him. A true hacker.

Or in other parts of the kernel. It's been the case in multiple occasions that buggy locking (or more generalised, missing 'resource' release) has caused problems for perfectly safe BPF programs. For example, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033398 and the fix https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/lin...

This is actually exactly the bug I was thinking of, so fair point! (I work at PS now and am aware you worked on debugging it a while back).

It is not, programs that are accepted are proved to terminate. Large and more complex programs are accepted by BPF as of now, which might give the impression that it's now Turing complete, when it is definitely not the case.