This chapter explores the difficulties encountered in dealing with infinite loops in symbolic execution and introduces new breakthroughs in static analysis, including the incorporation of machine learning in symbolic execution and the use of specialized languages like Daphne. Additionally, it covers the developments in C++ static analysis through tools like AutoConfig from Sonar that improve code understanding and dependency management beyond traditional compiler capabilities.
Static analysis is the examination of code without executing the program. It’s used to identify potential errors, code quality issues, security vulnerabilities, and adherence to coding best practices.
Abbas Sabra is a Principal Engineer at Sonar, which creates tools to help developers produce clean code. Abbas specializes in C++ static analysis, and began his career in the financial industry, where he identified inefficiencies within the C++ tooling ecosystem. He joins the show to talk about static analysis and static analysis tool development.
Sean’s been an academic, startup founder, and Googler. He has published works covering a wide range of topics from information visualization to quantum computing. Currently, Sean is Head of Marketing and Developer Relations at Skyflow and host of the podcast Partially Redacted, a podcast about privacy and security engineering. You can connect with Sean on Twitter @seanfalconer.
Please click here to see the transcript of this episode.
The post C++ Static Analysis with Abbas Sabra appeared first on Software Engineering Daily.