Post Syndicated from corbet original http://lwn.net/Articles/691102/rss
It has long been understood that static-analysis tools can be useful in
finding (and defending against) bugs and security problems in code. One of
the best places to implement
such tools is in the compiler itself, since much of the work required to
analyze a program is already done in the compilation process. Despite the
fact that GCC has had the ability to support security-oriented plugins for
some years, the mainline kernel has never adopted any such plugins. That
situation looks likely to change with the 4.8 kernel release, though.