Sep 9 – 11, 2019
Europe/Lisbon timezone

Security feature parity between GCC and Clang

Sep 10, 2019, 11:00 AM
Jade/room-I&II (Corinthia Hotel Lisbon)


Corinthia Hotel Lisbon



Kees Cook (Google)


There are many security features common to both GCC and Clang, but there is a growing set of features that are missing from GCC and present in Clang, missing from Clang and present in GCC, or missing in both. This session seeks to enumerate and discuss these areas, with the eye toward finding next steps forward (or at least elevating development priority).

Potential areas of focus:
- LTO (especially link speed)
- forward-edge CFI (software and hardware support)
- backward-edge CFI (software and hardware support)
- stack variable auto-initialization
- caller-saved register wipe on function return
- integer overflow detection
- stack clash protection
- implicit fall-through
- memory tagging

I agree to abide by the anti-harassment policy Yes

Primary author

Kees Cook (Google)

Presentation materials