ARCH16.md (998B)
1 # ARCH16: Track STG Stack Slots (x20-relative) 2 3 ## Goal 4 5 Extend stack-slot taint/kind tracking to the GHC STG stack pointer 6 (`x20`), so argument values passed via the STG stack are propagated. 7 8 ## Scope 9 10 - Treat `[x20, #imm]` like `[sp, #imm]` for load/store tracking. 11 - Clear STG stack slot maps when `x20` is modified. 12 - Keep SP tracking unchanged. 13 14 ## Rationale 15 16 GHC-generated code passes arguments via STG registers and the STG stack 17 (`x20`), not the hardware `sp`. Tracking only `[sp, #imm]` misses most 18 value flows in worker code. 19 20 ## Design 21 22 - Maintain a separate `tsStgStack` map (and provenance/kind) keyed by 23 `x20` offsets, or reuse existing maps with a tagged key space. 24 - Update `storeToStack`/`loadFromStack` to recognize `BaseImm X20 imm` and 25 pre/post-index variants. 26 - Clear the STG stack map when `x20` is updated (similar to SP). 27 28 ## Risks 29 30 - Misclassifying non-stack uses of `x20` (unlikely in GHC ABI). 31 - Pre/post-indexed updates must mirror SP handling to avoid stale data.