(In reply to Axel Viala from comment #2)
Hi Sylvestre, I suggest you to add
-fanalyzer option somewhere in the build with gcc10 if not already done, found some CWE in C/C++ projects with this fabulous warning, might be a good one to share with Mozilla teams using C/C++ and security reviewer of 3rd party codes.
Detailed article: https://developers.redhat.com/blog/2020/03/26/static-analysis-in-gcc-10/
This check probably should be done maybe once a day for all the platforms where this -fanalyze is supported.
Once a day, because this compilation with -fanalyze is memory hog. I have 16GB assigned to my VirtualBox image running under Windows10 on my home PC. During the compilation of C-C TB with -analyze , I saw swap growing to 8GB (with much paging activity) and sure enough there are many CWEs in the code to my surprise in M-C and C-C trees, but memory pressure is something people need to be aware of. It is not something you may want to run too often.