[question] why does Bionic's memory tagging in software write to the entire top byte? #1653
Description
I think this would normally be addressed on the Android bug tracker, but that apparently requires a google account even to view it, which I don't use, and this NDK is the primary way people are going to run into this memory tagging issue, so worth documenting here.
Bionic added software memory tagging in malloc a couple years ago, which is meant to collide with any software applying its own tags and flush out these collisions in preparation for the hardware MTE coming once more devices support it. However, hardware MTE only uses the bottom half of the top byte, while the current software tagging writes to the entire top byte, causing problems for software that moved their tag to the top half of the top byte to accommodate MTE, such as swiftlang/swift#21310.
What is the plan here: will Android's memory tagging also write to the top half of the top byte, even once hardware MTE is enabled? If not, perhaps this current trial run with software tagging can be amended to only write to the bottom half of the top byte, as hardware MTE is supposed to be limited to.
@hctim wrote the initial patch for this that I linked first, maybe one of the NDK devs can ask him what the plan is here.