In C bounds checks aren’t tightly coupled to the underlying guarded data. But in a safe PL, check+load is conceptually a single atomic op.
-
-
Show this thread
-
So, in theory, if we had a “load without speculation” CPU insn, a safe language could use it precisely for bounds checked data.
Show this thread
End of conversation
New conversation -
-
-
there’s some cool research OSes that run code in ring 0 iff it can be proven to only access in-bounds memory (usually by prefixing every load with an AND mask, preventing self modifying code, etc)
-
This Tweet is unavailable.
- 4 more replies
New conversation -
-
-
Why is preventing speculative fetches necessary for security? As long as the bounds checks get done and the instruction aborted before writeback?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.