I work at Red Hat on GCC, the GNU Compiler Collection. For the last five releases of GCC, I’ve been working on
-fanalyzer
, a static analysis pass that tries to identify various problems at compile-time, rather than at runtime. It performs “symbolic execution” of C source code—effectively simulating the behavior of the code along the various possible paths of execution through it.This article summarizes what’s new with
David Malcolm-fanalyzer
in GCC 14, which I hope will be officially released sometime in April 2024.
No matter how many more of you become a Patreon to keep OSAlert alive, I’ll never be able to really add anything meaningful to articles like these.