Moved AST modifications to preprocessor

Author: amoeller

src/analysis/analysisstate.ts

@@ -9,8 +9,7 @@ import {
     isNode,
     NewExpression,
     Node,
-    OptionalCallExpression,
-    SourceLocation
+    OptionalCallExpression
 } from "@babel/types";
 import {
     FilePath,
@@ -42,7 +41,7 @@ import {ConstraintVarProducer} from "./constraintvarproducer";
 import Timer from "../misc/timer";
 import {VulnerabilityDetector} from "../patternmatching/vulnerabilitydetector";
 
-export const globalLoc: SourceLocation = {start: {line: 0, column: 0}, end: {line: 0, column: 0}};
+export const globalLoc: SourceLocationWithFilename = {start: {line: 1, column: 0}, end: {line: 1, column: 0}, filename: "%global"};
 
 export const undefinedIdentifier = identifier("undefined"); // TODO: prevent writes to 'undefined'?
 undefinedIdentifier.loc = globalLoc;
@@ -537,9 +536,9 @@ export class AnalysisState { // TODO: move some of these fields to FragmentState
     /**
      * Registers a new FunctionInfo for a function/method/constructor.
      */
-    registerFunctionInfo(file: FilePath, path: NodePath<Function | Class>, name: string | undefined, fun: Function, loc: SourceLocation | null | undefined) {
+    registerFunctionInfo(file: FilePath, path: NodePath<Function | Class>, name: string | undefined, fun: Function) {
         const m = this.moduleInfos.get(file)!;
-        const f = new FunctionInfo(name, loc, m);
+        const f = new FunctionInfo(name, fun, m);
         this.functionInfos.set(fun, f);
         const parent = path.getFunctionParent()?.node;
         (parent ? this.functionInfos.get(parent)!.functions : m.functions).set(fun, f);

src/analysis/analyzer.ts

@@ -19,6 +19,7 @@ import {Operations} from "./operations";
 import {Program} from "@babel/types";
 import {UnknownAccessPath} from "./accesspaths";
 import {Token} from "./tokens";
+import {preprocessAst} from "../parsing/extras";
 
 export async function analyzeFiles(files: Array<string>, solver: Solver, returnFileMap: boolean = false): Promise<Map<FilePath, {sourceCode: string, program: Program}>> {
     const a = solver.analysisState;
@@ -67,11 +68,14 @@ export async function analyzeFiles(files: Array<string>, solver: Solver, returnF
                     solver.prepare();
 
                     // prepare model of native library
-                    const [globals, specials] = buildNatives(solver, moduleInfo);
+                    const {globals, globalsHidden, specials} = buildNatives(solver, moduleInfo);
+
+                    // preprocess the AST
+                    preprocessAst(ast, file, globals, globalsHidden);
 
                     // traverse the AST
                     writeStdOutIfActive("Traversing AST...");
-                    visit(ast, new Operations(file, solver, globals, specials));
+                    visit(ast, new Operations(file, solver, specials));
 
                     // propagate tokens until fixpoint reached for the module
                     await solver.propagate();

src/analysis/astvisitor.ts

@@ -63,7 +63,6 @@ import {
     ObjectProperty,
     OptionalCallExpression,
     OptionalMemberExpression,
-    Program,
     RegExpLiteral,
     ReturnStatement,
     SequenceExpression,
@@ -72,8 +71,6 @@ import {
     TaggedTemplateExpression,
     ThisExpression,
     ThrowStatement,
-    variableDeclaration,
-    variableDeclarator,
     VariableDeclarator,
     WithStatement,
     YieldExpression
@@ -90,9 +87,8 @@ import {
 } from "./tokens";
 import {ModuleInfo} from "./infos";
 import logger from "../misc/logger";
-import {mapArrayAdd, sourceLocationToStringWithFile, SourceLocationWithFilename} from "../misc/util";
+import {mapArrayAdd, sourceLocationToStringWithFile} from "../misc/util";
 import assert from "assert";
-import {globalLoc, undefinedIdentifier} from "./analysisstate";
 import {options} from "../options";
 import {ComponentAccessPath, PropertyAccessPath, UnknownAccessPath} from "./accesspaths";
 import {ConstraintVar} from "./constraintvars";
@@ -118,44 +114,17 @@ export const IDENTIFIER_KIND = Symbol();
 export function visit(ast: File, op: Operations) {
     const solver = op.solver;
     const a = solver.analysisState;
-    let nextNodeIndex = 1;
 
     a.maybeEscaping.clear(); // TODO: move to method in AnalysisState?
 
+    // set module source location
+    op.moduleInfo.node = ast.program;
+
     // traverse the AST and extend the analysis result with information about the current module
     if (logger.isVerboseEnabled())
         logger.verbose(`Traversing AST of ${op.file}`);
     traverse(ast, {
 
-        enter(path: NodePath) {
-
-            // workaround to ensure that AST nodes with undefined location (caused by desugaring) can be identified uniquely
-            if (!path.node.loc) {
-                let p: NodePath | null = path;
-                while (p && !p.node.loc)
-                    p = p.parentPath;
-                path.node.loc = {filename: op.file, start: p?.node.loc?.start, end: p?.node.loc?.end, nodeIndex: nextNodeIndex++} as any; // see sourceLocationToString
-            }
-        },
-
-        Program(path: NodePath<Program>) {
-
-            // set module source location
-            op.moduleInfo.loc = path.node.loc;
-
-            // artificially declare all globals in the program scope (if not already declared)
-            const decls = [...op.globals, undefinedIdentifier] // TODO: treat 'undefined' like other globals?
-                .filter(d => path.scope.getBinding(d.name) === undefined)
-                .map(id => {
-                    const d = variableDeclarator(id);
-                    d.loc = globalLoc;
-                    return d;
-                });
-            const d = variableDeclaration("var", decls);
-            d.loc = globalLoc;
-            path.scope.registerDeclaration(path.unshiftContainer("body", d)[0]);
-        },
-
         ThisExpression(path: NodePath<ThisExpression>) {
 
             // this
@@ -249,13 +218,10 @@ export function visit(ast: File, op: Operations) {
                 (isObjectMethod(path.node) || isClassMethod(path.node)) ? getKey(path.node) :
                     cls ? cls.id?.name : undefined;// for constructors, use the class name if present
             const anon = isFunctionDeclaration(path.node) || isFunctionExpression(path.node) ? path.node.id === null : isArrowFunctionExpression(path.node);
-            const loc = cls ? cls.loc : // for constructors, use the class location (workaround to match dyn.ts)
-                isClassMethod(fun) && fun.static ? {filename: (fun.key.loc as SourceLocationWithFilename).filename, start: fun.key.loc!.start, end: fun.loc!.end} : // for static methods, use the identifier location (workaround to match dyn.ts)
-                    fun.loc;
             const msg = cls ? "constructor" : `${name ?? (anon ? "<anonymous>" : "<computed>")}`;
             if (logger.isVerboseEnabled())
-                logger.verbose(`Reached function ${msg} at ${sourceLocationToStringWithFile(loc)}`);
-            a.registerFunctionInfo(op.file, path, name, fun, loc);
+                logger.verbose(`Reached function ${msg} at ${sourceLocationToStringWithFile(fun.loc)}`);
+            a.registerFunctionInfo(op.file, path, name, fun);
             if (!name && !anon)
                 a.warnUnsupported(fun, `Computed ${isFunctionDeclaration(path.node) || isFunctionExpression(path.node) ? "function" : "method"} name`); // TODO: handle functions/methods with unknown name?
 

src/analysis/infos.ts

@@ -1,5 +1,5 @@
-import {FilePath, sourceLocationToString} from "../misc/util";
-import {Function, SourceLocation} from "@babel/types";
+import {FilePath, sourceLocationToString, strHash} from "../misc/util";
+import {Function, Program} from "@babel/types";
 import {FragmentState} from "./fragmentstate";
 
 /**
@@ -57,15 +57,18 @@ export class ModuleInfo {
 
     readonly isEntry: boolean; // true for entry modules
 
-    loc: SourceLocation | null | undefined = null; // top-level source location (set by astvisitor)
+    node: Program | undefined; // top-level source location (set by astvisitor)
 
     fragmentState: FragmentState | undefined = undefined; // analysis solution after local analysis of this module
 
+    hash: number;
+
     constructor(relativePath: string, packageInfo: PackageInfo, path: FilePath, isEntry: boolean) {
         this.relativePath = relativePath;
         this.packageInfo = packageInfo;
         this.path = path;
         this.isEntry = isEntry;
+        this.hash = strHash(this.toString());
     }
 
     toString(): string {
@@ -110,7 +113,7 @@ export class FunctionInfo {
 
     readonly name: string | undefined; // function name
 
-    readonly loc: SourceLocation | null | undefined; // function source location
+    readonly node: Function; // function source location
 
     readonly moduleInfo: ModuleInfo; // module containing this function
 
@@ -120,13 +123,13 @@ export class FunctionInfo {
         return this.moduleInfo.packageInfo;
     }
 
-    constructor(name: string | undefined, loc: SourceLocation | null | undefined, moduleInfo: ModuleInfo) {
+    constructor(name: string | undefined, node: Function, moduleInfo: ModuleInfo) {
         this.name = name;
-        this.loc = loc;
+        this.node = node;
         this.moduleInfo = moduleInfo;
     }
 
     toString() {
-        return `${this.moduleInfo}:${sourceLocationToString(this.loc)}:${this.name ?? "<anonymous>"}`;
+        return `${this.moduleInfo}:${sourceLocationToString(this.node.loc)}:${this.name ?? "<anonymous>"}`;
     }
 }

src/analysis/operations.ts

@@ -2,7 +2,6 @@ import {
     CallExpression,
     Expression,
     Function,
-    Identifier,
     isArrayPattern,
     isAssignmentPattern,
     isExportDeclaration,
@@ -80,8 +79,6 @@ export class Operations {
 
     readonly solver: Solver;
 
-    readonly globals: Array<Identifier>;
-
     readonly natives: SpecialNativeObjects
 
     readonly a: AnalysisState; // shortcut to this.solver.analysisState
@@ -96,10 +93,9 @@ export class Operations {
 
     readonly exportsObjectToken: NativeObjectToken;
 
-    constructor(file: FilePath, solver: Solver, globals: Array<Identifier>, natives: SpecialNativeObjects) {
+    constructor(file: FilePath, solver: Solver, natives: SpecialNativeObjects) {
         this.file = file;
         this.solver = solver;
-        this.globals = globals;
         this.natives = natives;
 
         this.a = this.solver.analysisState;

src/analysis/solver.ts

@@ -37,6 +37,7 @@ import Timer from "../misc/timer";
 import {setImmediate} from "timers/promises";
 import {AnalysisDiagnostics} from "../typings/diagnostics";
 import {getMemoryUsage} from "../misc/memory";
+import {JELLY_NODE_ID} from "../parsing/extras";
 
 export class AbortedException extends Error {}
 
@@ -50,9 +51,6 @@ export default class Solver {
 
     unprocessedSubsetEdges: Map<ConstraintVar, Set<ConstraintVar>> = new Map;
 
-    idSymbol = Symbol();
-    nextNodeID = 0;
-
     // TODO: move some of this into AnalysisDiagnostics?
     // for diagnostics only
     unprocessedTokensSize: number = 0;
@@ -335,12 +333,9 @@ export default class Solver {
      * Provides a unique ID for the given key and node.
      */
     private getListenerID(key: TokenListener, n: Node): ListenerID {
-        let id = (n as any)[this.idSymbol] as number | undefined;
-        if (id === undefined) {
-            id = this.nextNodeID++;
-            (n as any)[this.idSymbol] = id;
-        }
-        return (id << 10) + key;
+        let id = (n as any)[JELLY_NODE_ID];
+        assert(id !== undefined);
+        return ((id << 10) + key) ^ (this.analysisState.moduleInfos.get((n as any)?.loc?.filename)?.hash || 0);
     }
 
     /**

src/dynamic/soundnesstester.ts

@@ -19,13 +19,13 @@ export function testSoundness(jsonfile: string, analysisState: AnalysisState): [
     // collect all static functions including module top-level functions (excluding aliases)
     const staticFunctions = new Map<string, FunctionInfo | ModuleInfo>();
     for (const m of analysisState.moduleInfos.values())
-        if (m.loc) // TODO: m.loc may be empty with --ignore-dependencies
-            staticFunctions.set(`${m.path}:${m.loc.start.line}:${m.loc.start.column + 1}:${m.loc.end.line}:${m.loc.end.column + 1}`, m);
+        if (m.node?.loc) // TODO: m.node.loc may be empty with --ignore-dependencies
+            staticFunctions.set(`${m.path}:${m.node.loc.start.line}:${m.node.loc.start.column + 1}:${m.node.loc.end.line}:${m.node.loc.end.column + 1}`, m);
     for (const f of analysisState.functionInfos.values())
-        if (!f.loc || "nodeIndex" in f.loc)
+        if (!f.node?.loc || "nodeIndex" in f.node.loc)
             analysisState.warn(`Source location missing for function ${f.name || "<anonymous>"} in ${f.moduleInfo.path}`);
         else
-            staticFunctions.set(`${f.moduleInfo.path}:${f.loc.start.line}:${f.loc.start.column + 1}:${f.loc.end.line}:${f.loc.end.column + 1}`, f);
+            staticFunctions.set(`${f.moduleInfo.path}:${f.node.loc.start.line}:${f.node.loc.start.column + 1}:${f.node.loc.end.line}:${f.node.loc.end.column + 1}`, f);
 
     // log static locations
     if (logger.isDebugEnabled()) {

src/natives/nativebuilder.ts

@@ -61,9 +61,10 @@ export type SpecialNativeObjects = Map<string, NativeObjectToken | PackageObject
  * Prepares models for the ECMAScript and Node.js native declarations.
  * Returns the global identifiers and the tokens for special native objects.
  */
-export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): [Array<Identifier>, SpecialNativeObjects] {
+export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): {globals: Array<Identifier>, globalsHidden: Array<Identifier>, specials: SpecialNativeObjects} {
     const globals: Array<Identifier> = [];
-    const natives: SpecialNativeObjects = new Map;
+    const globalsHidden: Array<Identifier> = [];
+    const specials: SpecialNativeObjects = new Map;
     const a = solver.analysisState;
 
     const models = [ecmascriptModels, nodejsModels];
@@ -84,13 +85,12 @@ export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): [Array<Ide
             if (options.natives || m.name === "ecmascript" || (m.name === "nodejs" && ["exports", "module"].includes(name))) {
                 const id = identifier(name);
                 id.loc = loc;
-                if (!hidden)
-                    globals.push(id);
+                (hidden ? globalsHidden : globals).push(id);
                 const t = init
-                    ? init({solver, moduleInfo, natives, id})
+                    ? init({solver, moduleInfo, natives: specials, id})
                     : a.canonicalizeToken(new NativeObjectToken(name, moduleSpecific ? moduleInfo : undefined, invoke, constr));
                 solver.addTokenConstraint(t, a.varProducer.nodeVar(id));
-                natives.set(name, t);
+                specials.set(name, t);
             }
         }
 
@@ -107,9 +107,9 @@ export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): [Array<Ide
         function definePrototypeObject(name: string): NativeObjectToken {
             const t = a.canonicalizeToken(new NativeObjectToken(`${name}.prototype`));
             if (m.name === "ecmascript")
-                natives.set(t.name, t);
+                specials.set(t.name, t);
             if (options.natives || m.name === "ecmascript")
-                solver.addTokenConstraint(t, a.varProducer.objPropVar(natives.get(name)!, "prototype"));
+                solver.addTokenConstraint(t, a.varProducer.objPropVar(specials.get(name)!, "prototype"));
             return t;
         }
 
@@ -127,8 +127,8 @@ export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): [Array<Ide
             if (options.natives) {
                 const t = a.canonicalizeToken(new NativeObjectToken(`${x.name}.${f.name}`, undefined, f.invoke));
                 if (m.name === "ecmascript")
-                    natives.set(t.name, t);
-                solver.addTokenConstraint(t, a.varProducer.objPropVar(natives.get(x.name)!, f.name));
+                    specials.set(t.name, t);
+                solver.addTokenConstraint(t, a.varProducer.objPropVar(specials.get(x.name)!, f.name));
             }
         }
 
@@ -139,7 +139,7 @@ export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): [Array<Ide
             if (options.natives) {
                 const t = a.canonicalizeToken(new NativeObjectToken(`${x.name}.prototype.${f.name}`, undefined, f.invoke));
                 if (m.name === "ecmascript")
-                    natives.set(t.name, t);
+                    specials.set(t.name, t);
                 solver.addTokenConstraint(t, a.varProducer.objPropVar(pro, f.name));
             }
         }
@@ -188,10 +188,10 @@ export function buildNatives(solver: Solver, moduleInfo: ModuleInfo): [Array<Ide
         if (m.init) {
             if (logger.isVerboseEnabled())
                 logger.verbose(`Running initialization for ${m.name}`);
-            m.init({solver, moduleInfo, natives});
+            m.init({solver, moduleInfo, natives: specials});
         }
     if (logger.isVerboseEnabled())
         logger.verbose("Adding natives completed");
 
-    return [globals, natives];
+    return {globals, globalsHidden, specials};
 }

src/output/analysisstatereporter.ts

@@ -87,7 +87,7 @@ export class AnalysisStateReporter {
             const fileIndex = fileIndices.get(fun instanceof ModuleInfo ? fun : fun.moduleInfo);
             if (fileIndex === undefined)
                 assert.fail(`File index not found for ${fun}`);
-            fs.writeSync(fd, `${first ? "" : ","}\n  "${funIndex}": ${JSON.stringify(makeLocStr(fileIndex, fun.loc))}`);
+            fs.writeSync(fd, `${first ? "" : ","}\n  "${funIndex}": ${JSON.stringify(makeLocStr(fileIndex, fun.node?.loc))}`);
             first = false;
         }
         fs.writeSync(fd, `\n },\n "calls": {`);
@@ -176,7 +176,7 @@ export class AnalysisStateReporter {
             const fileIndex = fileIndices.get(fun instanceof ModuleInfo ? fun : fun.moduleInfo);
             if (fileIndex === undefined)
                 assert.fail(`File index not found for ${fun}`);
-            cg.functions[funIndex] = makeLocStr(fileIndex, fun.loc);
+            cg.functions[funIndex] = makeLocStr(fileIndex, fun.node?.loc);
         }
         const callIndices = new Map<Node, number>();
         for (const [m, calls] of this.a.calls)

src/output/graphviz.ts

@@ -41,7 +41,7 @@ export function toDot(a: AnalysisState, fd: number = process.stdout.fd) {
             ids.set(f, moduleId);
         else
             writeSync(fd, `${ind(i)}subgraph cluster${id(f)} {\n` +
-                `${ind(i)} label=\"${f.name ?? "<anon>"}@${sourceLocationToString(f.loc)}\";\n` +
+                `${ind(i)} label=\"${f.name ?? "<anon>"}@${sourceLocationToString(f.node.loc)}\";\n` +
                 `${ind(i)} bgcolor=\"#ffffff\";\n` +
                 `${ind(i)}node${id(f)}[style=invis,shape=point];\n`);
         for (const fs of f.functions.values())

src/output/tostringwithcode.ts

@@ -18,7 +18,7 @@ import {FunctionInfo} from "../analysis/infos";
  * Returns a string description of the given function, with a code snippet.
  */
 export function funcToStringWithCode(info: FunctionInfo): string {
-    return `'${codeFromLocation(info.loc)}'${info}`;
+    return `'${codeFromLocation(info.node.loc)}'${info}`;
 }
 
 /**