The most annoying is the PDF viewer gets stuck but it happens with other things intermittently. It's frustrating as these things worked fine on the Pixel 6 Pro under Android 14, so they seem like reversions or maybe something different on a system level/perhaps even hardware related (but I've not looked into it to be able to tell).
The connectivity could be better but it's hard to be sure this is the phone and not the network where I live/work.
So really it's just the freezes with the software - mainly the built in PDF viewer I mentioned but also the camera at times and the keyboard does odd things where it gets stuck only accepting single key presses (ie no swiping through words). The lag issue seems to appear most when switching back to an app rather than during continuous use.
and if refactoring impact performance metrics in their artificial environments, it will never be done.
Google is the new Microsoft. even their business model is the same (bribe OEMs)
For hot parts of the code that the sanitizer can guarantee is safe, either due to it being trivial or with annotations(https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2023/p27...), it can safely exclude these checks to limit performance impact.
This seems much more realistic than e.g. Microsoft rewriting Excel in Rust with bug for bug compatibility. It would also benefit Rust code, that has sections marked as unsafe.
Yes, stuff like MTE will help, and what you mention is already being used on Android, see HWSAN, and there is now some movement regarding C++ security profiles, however there is still a very long way to go.
This is how Microsoft sees improving safety on C++ codebases,
"Build Reliable and Secure C++ programs"
https://devblogs.microsoft.com/cppblog/build-reliable-and-se...
"Lifetime Safety in C++: Past, Present and Future – CppCon 2023"
https://www.youtube.com/watch?v=PTdy65m_gRE&feature=youtu.be
This seems like an incredibly low amount of money to achieve something like that.
Similar to how clang slowed down as Apple and Google decided to focus on their languages, and key contributors abandoned clang.
That site still lists 2x CPU overhead. I am fuzzy on details but I believe some variant is in the works that has low enough overhead to enable in the wild. That site also just says it uses TBI so possibly the performant version I am thinking of is just a version that uses full MTE?
Took me multiple queries to locate the definition for myself. There's the communications company, the finance definition, the adjacency to the term LTE, the common slang use....etc.
>Nowadays, there is increasing interest in adding tagged memory functionality to CPU architectures. Such architectures associate one or more tag bits with each quantum of a system's memory. There are many motivations for this ability to associate “metadata” with individual memory words, but one of the most clear is the potential security benefits and the ability to track the providence of certain kinds of data in memory, such as pointers. This can be used to create capability-based architectures such as CHERI.
Based on that last sentence, one may reason that this MTE feature for ARM could be a basis for implementing CHERI on ARM.
(Though this article also explains how to enable MTE for user apps and verify that it's enabled.)
What was fascinating to me was that they are already picking up bugs in existing apps, which is a plus in that even having a small number of people running this will provide security for the rest of us that aren't running it by finding buggy and malicious apps.
