[musicale]

> I'm a little surprised things like tagged memory and CHERI

I think we're seeing some improvements in memory safety for C (e.g. -fbounds-safety in clang) and C++ (e.g. -fsanitize=address) as well as adoption of more memory-safe languages (Rust, Swift, Java, Go, etc.) And I wouldn't be surprised to see Apple eventually add some hardware support for memory safety to Apple Silicon (note that Morello was a prototype implementation of CHERI for ARM.)

> And is there a benefit to calling directly into an executable instead of making a shared library and a thin executable that uses it?

I think so - having one thing instead of two, and being able to use it for either purpose with minimal effort.