Alright. After restricting isTainted to ignore “complex symbols” (10), the report diff looks a lot better: (-61 +63 ~81) About half of the projects were completely unmodified.
None of the affected reports were taint-related. Mostly OOBv2 (-15 +25), NullDeref (-20 +16), garbage read (-11 +12) and none of the projects were more targeted than the rest.
When looking at the running times, the translation unit for ffmpeg sheervideo.c, it takes only 5.6% of the time without this fix.
I think this approach is the way.
Now, I’ll have a bit of a vacation, but after that I’ll come back to finish this.