<div dir="ltr"><div><div style="color:rgb(34,34,34);font-family:sans-serif;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial">I was wondering about the size of the ring buffer used by the taint2 plugin.</div><div style="color:rgb(34,34,34);font-family:sans-serif;font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial">It is <a href="https://github.com/panda-re/panda/blob/6507f991703b8ac1afdac8b92bff709bded3a0e4/panda/plugins/taint2/taint_ops.h#L35">defined</a> as:<br></div><font face="monospace, monospace"><span style="color:rgb(34,34,34);font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">#define TAINT2_MEMLOG_SIZE 2</span><br style="color:rgb(34,34,34);font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"></font><br>Why is this size chosen?</div><div>There&#39;s a comment <a href="https://github.com/panda-re/panda/blob/6507f991703b8ac1afdac8b92bff709bded3a0e4/panda/plugins/taint2/taint_ops.h#L30">above</a> the definition for the use of ring buffer, but it does&#39;t give any clues:</div><div><div style="color:rgb(34,34,34);font-size:13px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration-style:initial;text-decoration-color:initial"><div style=""><font face="monospace, monospace">// This will replace the dynamic log, since we now need to track values for</font></div><div style=""><font face="monospace, monospace">// a much shorter period of time. Instead of full-fledged file logging, we&#39;re</font></div><div style=""><font face="monospace, monospace">// just going to use a ring buffer.</font></div></div><br></div><div>Intuitively, I&#39;d guess that 2 is the maximum number of memory arguments for LLVM (?) instructions. Taint is updated per instruction, so a ring buffer of size 2 is enough for taint2.</div><div><br></div><div>Would that be correct?</div><div>Or is there another rationale that I&#39;m missing?</div><div><br></div><div>Thanks,</div><div>Manolis</div><div><br></div><div><div><br></div></div><div><br></div><div><br></div></div>