Sep 9 – 11, 2019
Europe/Lisbon timezone

Security feature parity between GCC and Clang

Sep 10, 2019, 11:00 AM
Jade/room-I&II (Corinthia Hotel Lisbon)


Corinthia Hotel Lisbon



Kees Cook (Google)


There are many security features common to both GCC and Clang, but there is a growing set of features that are missing from GCC and present in Clang, missing from Clang and present in GCC, or missing in both. This session seeks to enumerate and discuss these areas, with the eye toward finding next steps forward (or at least elevating development priority).

Potential areas of focus:
- LTO (especially link speed)
- forward-edge CFI (software and hardware support)
- backward-edge CFI (software and hardware support)
- stack variable auto-initialization
- caller-saved register wipe on function return
- integer overflow detection
- stack clash protection
- implicit fall-through
- memory tagging

I agree to abide by the anti-harassment policy Yes

Primary author

Kees Cook (Google)

Presentation materials

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Evening Event Sponsor

Lunch Sponsor

Catchbox Sponsor

T-Shirt Sponsor

Official Carrier

Location Sponsor