Memory safety issues are widespread in current architectures. The CHERI project offers a solution by enhancing security with minimal changes to C code, using hardware capabilities and Clang/LLVM and GCC. CHERI is undergoing testing by Arm and Microsoft for future use in mass-market systems. The challenge lies in defining CHERI C semantics clearly for porting and compiler implementation. The paper presents the first comprehensive definition of CHERI C semantics, addressing various design questions. This advancement creates a solid foundation for CHERI C, benefiting code porters, compiler developers, and future semantics and verification efforts. Surprisingly, CHERI C’s semantics remains an open question, waiting for further exploration.
https://dl.acm.org/doi/10.1145/3617232.3624859?ai=&ui=&af=