Colin has a new blog post about static source analysis of the Linux kernel:
Static analysis on the Linux kernel
There are a wealth of powerful static analysis tools available nowadays for analyzing C source code. These tools help to find bugs in code by just analyzing the source code without actually having to execute the code. Over that past year or so I have been running the following static analysis tools on linux-next every weekday to find kernel bugs: cppcheck, smatch, sparse, clang scan-build, CoverityScan, and The latest gcc. Typically each tool can take 10-25+ hours of compute time to analyze the kernel source; fortunately I have a large server at hand to do this. The automated analysis creates an Ubuntu server VM, installs the required static analysis tools, clones linux-next and then runs the analysis. The VMs are configured to minimize write activity to the host and run with 48 threads and plenty of memory to try to speed up the analysis process.[…]
http://smackerelofopinion.blogspot.com/2017/09/static-analysis-on-linux-kernel.html
Firmware Security 