I wonder if their efforts to leverage modern chip capabilities to address memory safety (e.g: ARM memory tagging) contributed to that drop of memory safety vulnerabilities
Looked this up as it's new to me. Seems interesting but not far enough, if you configure it to crash the system on an error for dev only, you aren't going to spot the hard to reach cases which are usually the target of these attacks, and having it set to crash on the release build is likely going to be seen as unacceptable.
Something like Rust which can ahead of time verify that these issues aren't present is a better solution imo. Maybe then we can use this as a last resort check that the usages of unsafe didn't cause issues.
These technologies are intended for production use. It’s most of the reason why you’d want them in the hardware itself, because it drives the performance impact down.
It helps along with the other (software) tooling that exists to improve the safety story for existing C and C++ code. However, it does not eliminate these issues.
