Jessica Clarke

Inline citations tend to either be some combination of author+year or just an index. Once you start including the title it becomes unwieldy. Given the field I would normally default...

FYI https://github.com/riscv/riscv-cheri/blob/b87760e740dfaaaa783609a9d4960393a84eaec4/src/riscv-cheri.adoc?plain=1#L22 is where this comes from.

Isn't the problem just that it's using the anti-pattern of "in \" rather than "in \ \" (i.e. "in the RISC-V Zfoo extension [42]")?

> it is not okay to check if just 2 bytes are within bounds and fail during instruction fetch if the target instruction ends up being a 4-byte instruction Sure...

> > MPrevPCC > > I'm strongly opposed to adding new architectural state to debug control transfers when we have perfectly good E-Trace and CTR extensions that should compose with...

> > so in a world where jumps don't check their targets prior to changing PCC > > Just to re-iterate, the current spec does exactly that - a bad...

> > But it's tagged, so the caller didn't fabricate it from nowhere. > > It got it prior to JIT-ing in my example. (And the revocation mechanism is reliant...

> > Well don't do that then? > > If you are relying on never executing bad/buggy code, and/or not using straightforward algorithms for revocation, one might as well get...

> which they might have had valid use cases for even if the loader knew nothing of sealing It is completely reasonable, maybe even a good idea, to require the...

I would suggest just assigning each combination its own code, as is done with (instruction, load, store) * (access fault, page fault, alignment fault) for xcause in the base privileged...