IMPL12.md (1356B)
1 # IMPL12: Implement Array-Backed Register Taint/Provenance 2 3 ## Summary 4 5 Refactor `TaintState` to use `SmallArray` for register taint and 6 provenance, and make block analysis folds strict. 7 8 ## Steps 9 10 1) Add register indexing 11 - Define `regIndex :: Reg -> Int` and `regCount :: Int`. 12 - Provide total mapping for all `Reg` constructors. 13 14 2) Update TaintState 15 - Replace `tsRegs :: Map Reg Taint` with `tsRegs :: SmallArray Taint`. 16 - Replace `tsProv :: Map Reg Provenance` with `tsProv :: SmallArray Provenance`. 17 - Keep `tsStack`/`tsStackProv` unchanged. 18 19 3) Access helpers 20 - Add `getRegTaint`, `setRegTaint`, `getRegProv`, `setRegProv`. 21 - Update `getTaint`/`setTaint`/`getProvenance` and call sites. 22 23 4) Initialization 24 - Build arrays with defaults (Unknown/ProvUnknown). 25 - Overwrite `publicRoots` indices to Public/ProvPublic. 26 27 5) Strict folds 28 - Use `foldl'` in `analyzeBlock` and `analyzeBlockWithSummaries`. 29 30 6) Update joins 31 - Implement `joinTaintState` with element-wise array zip. 32 - Consider an ST-based update for fewer allocations if needed. 33 34 7) Tests/Validation 35 - Re-run taint tests; add a small test for register array indexing. 36 - `cabal test` and (optionally) benchmark deltas. 37 38 ## Files to Touch 39 40 - `lib/Audit/AArch64/Taint.hs` 41 - `lib/Audit/AArch64/Types.hs` (if Reg mapping helpers live there) 42 - `test/` 43 44 ## Validation 45 46 - `cabal test` 47 - `cabal bench`