On Tue, Aug 14, 2018 at 03:27:43PM +0200, Norbert Manthey wrote: > Thanks a lot! I used your scripts and compiled Xen now, as well as > created the data base for it. As I am interested in analysis that is run > for the kernel, I also asked the tool to name the project "kernel", as > that enabled this analysis (e.g. the spectre analysis). > > I called the build_xen_data.sh scripts multiple times on an upstream Xen > release branch, and the number of warnings did not increase, while for > the Linux kernel the number of warnings would increase, e.g. warnings > that depend on the taint analysis like the spectre analysis. Is that > expected, and is there a way to improve that for Xen? > Yeah. I just noticed that as well. I've added the --db-file= option. See the new attached build scripts. I'm going to make xen it's own project for the purposes of check_user_data2.c. Which functions should set the data as tainted? Like copy_from_user() in the kernel. Is it really just the same functions? I wish I could figure out which version of GCC smatch is saying it is so I could sort out why the build fails. It's parsing compiler.h wrong. regards, dan carpenter
Attachment:
build_xen_data.sh
Description: Bourne shell script
Attachment:
check.sh
Description: Bourne shell script