For the second year in a row, the GNU Tools Cauldron (the annual gathering
of GNU toolchain developers) has been held as a dedicated track at the
online Linux Plumbers
Conference. For the 2021 event, that track started with a talk by
David Malcolm on his work with the GCC -fanalyzer option, which
provides access to a number of static-analysis features. Quite a bit has
been happening with -fanalyzer and more is on the way with the
upcoming GCC 12 release, including, possibly, a set of checks that
have already found at least one vulnerability in the kernel.
もっと詳しく