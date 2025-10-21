Now that ARM’s memory tagging, used extensively by Android ROMs such as GrapheneOS and now also by Apple, is becoming the new norm to aid in improving memory safety, the x86 world can’t sit idly by. As such, Intel and AMD have announced a ChkTag, x86’s version of memory tagging.
ChkTag is a set of new and enhanced x86 instructions to detect memory safety violations, such as buffer overflows and misuses of freed memory (use-after-free). ChkTag is designed to be suitable for hardening applications, operating system kernels, hypervisors for virtualization, and UEFI firmware. ChkTag places control in the software developers’ hands to balance their security needs with operational elements that often become prominent when deploying code. For example, ChkTag provides instruction-granular control over which memory accesses are checked. Compilers can offer optimizations and new language features or intrinsics. ChkTag prepares x86 for a future with increasing amounts of code written in memory-safe languages running alongside code in other languages. Furthermore, ChkTag loads tags from linear/virtual memory that can often be committed on demand.↫ Intel and AMD’s announcement
It’s important to note that ChkTag – why not just call it CheckTag – isn’t ready yet, nor is there any indication when it will be included in any processors from Intel and AMD. The goal is to catch certain memory safety problems in hardware. According to Intel and AMD’s shared announcement, developers will have fine-grained control over the feature, allowing them to tap into the functionality in whatever way they deem necessary or valuable for their software in specific circumstances.
My fear is that Intel and AMD will use this feature as a product differentiator, restricting it to either more expensive processors or to Xeon/Threadripper processors, thereby fracturing the market. This would inevitably lead to spotty support for the feature across the x86 landscape, meaning most ordinary consumer won’t benefit from it at all.
Intel probably, but AMD has no problems bringing “pro” features such as ECC to consumer systems, forcing Intel to follow along. If this new ChkTag features doesn’t cost too many transistors, I expect AMD to offer it across the line-up.
Traditionally Intel definitely has done this, but AMD historically seems to be more loose, such as with virtualization extensions available, generally, top to bottom of the stack. Not just more expensive or “pro” desktop/workstation CPUs.
Assuming this new instruction set appears tomorrow, and is put on the celerons on the weekend, the world will still have billions of chktagless x86s for the coming decade. So, Microsoft won’t be in a hurry to introduce support for it, and even when it does, it will come with enforced edge, copilot, and startmenu ads shits, so I won’t get it because I won’t update the machine. I’m 47 years old, and I am losing my job to LLMs. I don’t expect to earn a living long enough to see that chktag thing in action.
Sure, you’ll say, it will appear on ATMs or such. I don’t expect to have cash in curculation for that long as well.
This is NOT needed for languages that are already memory safe. It’s really unsafe languages that benefit from hardware accelerated tagging. Tagging should still be considered worse than a memory safe language because safe languages provide stronger assurances that the compiled code doesn’t contain these faults in the first-place. Whereas tagging doesn’t fix the fault, but makes ti more likely to be caught when it does happen.
Here’s a much more technical writeup, obviously it doesn’t cover this new x86 tagging accelerator…
“Memory Tagging and how it improves C/C++ memory safety”
https://arxiv.org/pdf/1802.09517