Whole Sky Technologies / Dewdrop: Hardware Enforcement of Memory Safety and More at a Modest Cost

ARM Memory Tagging Extension https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/enhancing-memory-safety : has a tagged-memory system coming out which might detect memory safety violations but is just best-effort (provides no guarantee).

Dover Microsystems CoreGuard® https://www.dovermicrosystems.com : offers something even more heavyweight than ARM tagged memory, but in their ASPLOS paper they admit that their attempt at memory safety is also just best-effort (despite their more recent slides suggesting otherwise).

The University of Cambridge CHERI project https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/ : while they solve the spatial bounds problem, they do not not solve the temporal bounds problem (use-after-free) unless (a) no object is re-used until a whole-memory stale-pointer pass has been done and (b) all stack objects are heapified. CHERI also doubles the size of a pointer, which is very heavyweight. A recent analysis by Microsoft research https://msrc-blog.microsoft.com/2020/10/14/security-analysis-of-cheri-isa/ concluded that (a) CHERI is not done and (b) it is already hard enough to use that you really might be better off just re-writing your program in another language ( see "Things You Should Never Do" https://www.joelonsoftware.com/2000/04/06/things-you-should-never-do-part-i/ ).

In contrast to CHERI, Dewdrop enforces both spatial and temporal bounds on heap and stack, even preventing use-after-free for stack objects (for stack objects < 128 bytes). Dewdrop also provides many other useful features which CHERI does not even attempt. Further, if Dewdrop were allowed to have the same size pointers at CHERI, we could do even better, including providing far more uses of an object before a stale pointer collection pass is required (one billion for a 128-bit Dewdrop vs one for CHERI) and providing type safety even for stack objects.