On 09/18/2014 09:33 PM, Dmitry Vyukov wrote:
What is the number of cases it will fix for kasan?
Re-added kernel people again.
AFAIR silly instrumentation that assumed all memory accesses in inline
asm are must-accesses (instead of may-accesses) resulted in only one
false positive. We haven't performed an extensive testing though.
It won't fix the memchr function because the size is indeed not known
statically. So it's a bad example.
Sure, we will _not_ be able to instrument memchr. But being able to
identify "safe" inline asms would allow us to instrument those (and my
gut feeling is that they are a vast majority).
My impression was that kernel has relatively small amount of assembly,
Well,
$ grep -r '"[=+]\?[moVv<>]" *(' ~/src/linux-stable/ | wc -l
1133
And also
$ grep -r '"[=+]\?[moVv<>]" *(' ~/src/ffmpeg-2.2.2/ | wc -l
211
> And the rest is just not interesting enough.
Now that may be the case. But how do we know without trying?
-Y
