IMPL16.md (860B)
1 # IMPL16: Implement STG Stack Slot Tracking 2 3 ## Summary 4 5 Extend stack-slot taint/provenance/kind tracking to `[x20, #imm]` (STG 6 stack) to propagate taints through GHC worker code. 7 8 ## Steps 9 10 1) Extend TaintState 11 - Add STG stack maps (e.g., `tsStgStack`, `tsStgStackProv`, `tsStgStackKind`). 12 - Keep SP maps as-is. 13 14 2) Update stack load/store helpers 15 - Recognize `BaseImm X20 imm` in `storeToStack`/`loadFromStack`. 16 - Mirror pre/post-index handling for `X20` similar to `SP`. 17 18 3) Clear on X20 updates 19 - When `x20` is modified, clear STG stack maps (similar to `clearStackMap`). 20 21 4) Tests 22 - Add tests for spill/reload via `[x20, #imm]` preserving taint and kind. 23 24 ## Files to Touch 25 26 - `lib/Audit/AArch64/Taint.hs` 27 - `test/` 28 29 ## Validation 30 31 - `cabal test` 32 - Re-run on `etc/Curve.s` with taint config for inv#; expect fewer 33 unknown-base warnings in worker paths.