From Fedora Project Wiki

(→‎GCC work: Add link to blog post about my GCC 10 static analysis work)
m (→‎GCC work: add link to LPC 2021 talk)
 
(8 intermediate revisions by the same user not shown)
Line 5: Line 5:
My Fedora People page: http://dmalcolm.fedorapeople.org/
My Fedora People page: http://dmalcolm.fedorapeople.org/


My blog: http://dmalcolm.livejournal.com/
I'm currently working on [https://gcc.gnu.org/ GCC] upstream. Previously I worked on the [[SIGs/Python|Python runtimes within Fedora]] and Red Hat Enterprise Linux.


A very old, out-of-date Red Hat People Page: http://people.redhat.com/dmalcolm
I'm interested in [[StaticAnalysis|static code analysis]]


I'm currently working on [https://gcc.gnu.org/ GCC] upstream. Previously I worked on the [[SIGs/Python|Python runtimes within Fedora]] and Red Hat Enterprise Linux.
My old blog: http://dmalcolm.livejournal.com/


I'm interested in [[StaticAnalysis|static code analysis]]
A very old, out-of-date Red Hat People Page: http://people.redhat.com/dmalcolm


= GCC work =
= GCC work =
* GCC 15:
** Presentation (Cauldron 2024): [https://gcc.gnu.org/wiki/cauldron2024talks?action=AttachFile&do=get&target=2024-Cauldron-diagnostics-talk.pdf What's new with diagnostics in GCC 15]
* GCC 14:
** Blog post: [https://developers.redhat.com/articles/2024/04/03/improvements-static-analysis-gcc-14-compiler Improvements to static analysis in the GCC 14 compiler]
** Presentation (Cauldron 2023): [https://gcc.gnu.org/wiki/cauldron2023talks?action=AttachFile&do=get&target=2023-Cauldron-diagnostics-talk.pdf Updates to diagnostics in GCC 14]
* GCC 13:
** Blog post: [https://developers.redhat.com/articles/2023/05/31/improvements-static-analysis-gcc-13-compiler Improvements to static analysis in the GCC 13 compiler]
** Presentation (Cauldron 2022): [https://gcc.gnu.org/wiki/cauldron2022?action=AttachFile&do=get&target=2022-Cauldron-analyzer-talk.pdf What’s new in GCC -fanalyzer ?]
* GCC 12:
** Blog post: [https://developers.redhat.com/articles/2022/04/12/state-static-analysis-gcc-12-compiler The state of static analysis in the GCC 12 compiler]
** Blog post: [https://developers.redhat.com/articles/2022/01/12/prevent-trojan-source-attacks-gcc-12 Prevent Trojan Source attacks with GCC 12]
** Presentation (LPC 2021): [https://lpc.events/event/11/contributions/1076/attachments/888/1701/2021-LPC-analyzer-mc.pdf Adding kernel-specific test coverage to GCC's -fanalyzer option]
* GCC 11:
** Blog post: [https://developers.redhat.com/blog/2021/01/28/static-analysis-updates-in-gcc-11/ Static analysis updates in GCC 11]
** Presentation (LPC 2020): [https://lpc.events/event/7/contributions/721/attachments/542/961/2020-LPC-analyzer-talk.pdf GCC’s -fanalyzer option]
* GCC 10:
* GCC 10:
** Implemented experimental new [https://gcc.gnu.org/wiki/DavidMalcolm/StaticAnalyzer static analysis pass]
** Blog post: [https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-10/ Static analysis in GCC 10]
** Blog post: [https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-10/ Static analysis in GCC 10]
* GCC 9:
* GCC 9:

Latest revision as of 20:26, 11 October 2024

David Malcolm

Email: dmalcolm@redhat.com

My Fedora People page: http://dmalcolm.fedorapeople.org/

I'm currently working on GCC upstream. Previously I worked on the Python runtimes within Fedora and Red Hat Enterprise Linux.

I'm interested in static code analysis

My old blog: http://dmalcolm.livejournal.com/

A very old, out-of-date Red Hat People Page: http://people.redhat.com/dmalcolm

GCC work

Some of the software I've written

  • libgccjit: a branch of GCC allowing it to be built as a shared library for use in Just-In-Time compilation
  • gcc-python-plugin: allowing you to write new GCC plugins in Python.
  • cpychecker: a static analysis pass for GCC to find bugs in C extensions to Python, written in Python using gcc-python-plugin
  • gdb Python hooks for debugging CPython itself
  • gdb-heap, an extension to gdb for analyzing malloc/free
  • squeal: a SQL-like syntax for use in shell pipelines
  • asmdiff: tool for comparing objdump results
  • gccinvocation: Python module for parsing GCC invocation lines
  • jamais-vu: a tool for working with DejaGnu output
  • firehose: a proposed common format for static analyzer output, along with a Python module for working with it
  • mock-with-analysis: a way of rebuilding an RPM in mock, injecting static analysis, and capturing the result in Firehose format
  • gcc-build: some scripts to make it easier to hack on GCC

Older stuff