al-sem 0.0.1

package/src/engine/scc.ts

@@ -0,0 +1,110 @@
+import type { RoutineId } from "../model/ids.ts";
+
+/** Minimal graph shape tarjanScc needs: sorted nodes + outgoing edges that carry `to`. */
+export interface SccInputGraph {
+	nodes: readonly RoutineId[];
+	edgesByFrom: ReadonlyMap<RoutineId, readonly { to: RoutineId }[]>;
+}
+
+/** One strongly-connected component. `recursive` = size > 1 or has a self-edge. */
+export interface Scc {
+	members: RoutineId[]; // sorted
+	recursive: boolean;
+}
+
+export interface SccResult {
+	/** SCCs in reverse-topological order: callees before callers. */
+	sccs: Scc[];
+	/** routineId -> index into `sccs`. */
+	sccIdByRoutine: Map<RoutineId, number>;
+}
+
+/**
+ * Tarjan's SCC algorithm over the combined graph. Iterative (no recursion — AL call graphs
+ * can be deep). Tarjan emits SCCs in reverse-topological order naturally, which is exactly
+ * the bottom-up order the summary engine wants. Node iteration follows `graph.nodes` (sorted)
+ * and edge iteration follows the pre-sorted edge lists, so the result is deterministic.
+ */
+export function tarjanScc(graph: SccInputGraph): SccResult {
+	let nextIndex = 0;
+	const index = new Map<RoutineId, number>();
+	const lowlink = new Map<RoutineId, number>();
+	const onStack = new Set<RoutineId>();
+	const stack: RoutineId[] = [];
+	const rawSccs: RoutineId[][] = [];
+
+	// Explicit work stack: each frame is a node plus its next-child cursor.
+	for (const start of graph.nodes) {
+		if (index.has(start)) continue;
+		const work: { node: RoutineId; childIdx: number }[] = [{ node: start, childIdx: 0 }];
+
+		while (work.length > 0) {
+			const frame = work[work.length - 1];
+			if (frame === undefined) break;
+			const { node } = frame;
+
+			if (frame.childIdx === 0) {
+				index.set(node, nextIndex);
+				lowlink.set(node, nextIndex);
+				nextIndex++;
+				stack.push(node);
+				onStack.add(node);
+			}
+
+			const children = graph.edgesByFrom.get(node) ?? [];
+			if (frame.childIdx < children.length) {
+				const child = children[frame.childIdx];
+				frame.childIdx++;
+				if (child === undefined) continue;
+				const to = child.to;
+				if (!index.has(to)) {
+					work.push({ node: to, childIdx: 0 });
+				} else if (onStack.has(to)) {
+					const cur = lowlink.get(node) ?? 0;
+					const toIdx = index.get(to) ?? 0;
+					lowlink.set(node, Math.min(cur, toIdx));
+				}
+				continue;
+			}
+
+			// All children processed — settle this node.
+			if (lowlink.get(node) === index.get(node)) {
+				const members: RoutineId[] = [];
+				while (true) {
+					const w = stack.pop();
+					if (w === undefined) break;
+					onStack.delete(w);
+					members.push(w);
+					if (w === node) break;
+				}
+				rawSccs.push(members);
+			}
+			work.pop();
+			const parent = work[work.length - 1];
+			if (parent !== undefined) {
+				const pCur = lowlink.get(parent.node) ?? 0;
+				const nCur = lowlink.get(node) ?? 0;
+				lowlink.set(parent.node, Math.min(pCur, nCur));
+			}
+		}
+	}
+
+	// rawSccs is already in reverse-topological order (Tarjan property).
+	const sccs: Scc[] = [];
+	const sccIdByRoutine = new Map<RoutineId, number>();
+	for (const members of rawSccs) {
+		const sorted = [...members].sort();
+		let recursive = sorted.length > 1;
+		if (!recursive) {
+			const only = sorted[0];
+			if (only !== undefined) {
+				recursive = (graph.edgesByFrom.get(only) ?? []).some((e) => e.to === only);
+			}
+		}
+		const sccId = sccs.length;
+		sccs.push({ members: sorted, recursive });
+		for (const m of sorted) sccIdByRoutine.set(m, sccId);
+	}
+
+	return { sccs, sccIdByRoutine };
+}

package/src/engine/source-anchor.ts

@@ -0,0 +1,25 @@
+/**
+ * Source-anchor ordering helpers shared by detectors that need to compare positions
+ * within a single routine. AL positions are `(startLine, startColumn)` zero-or-one-
+ * based pairs (whichever the parser emits — we only compare, never display).
+ *
+ * Extracted here so detectors d11/d21/d22/d33/d36/d37/d39/d40/d41/d42 share one
+ * definition; ten byte-identical copies had drifted into separate files and any
+ * future tweak (e.g. ordering by an `index` tiebreaker on equal positions) would
+ * have had to land in ten places.
+ */
+
+/** Minimal shape accepted by `beforeAnchor` — just the line/column pair. */
+export interface PositionLike {
+	range: { startLine: number; startColumn: number };
+}
+
+/**
+ * Strict "is `a` source-anchor positioned strictly before `b`" predicate.
+ * Returns `false` when the positions are equal (so callers can treat the
+ * comparison as a half-open "earlier than" check without re-handling ties).
+ */
+export function beforeAnchor(a: PositionLike, b: PositionLike): boolean {
+	if (a.range.startLine !== b.range.startLine) return a.range.startLine < b.range.startLine;
+	return a.range.startColumn < b.range.startColumn;
+}

package/src/engine/summary-context.ts

@@ -0,0 +1,104 @@
+// src/engine/summary-context.ts
+// One-time O(1) lookup indexes for the per-routine summary fixed-point.
+//
+// The fixed-point composer touches `model.routines`, `model.callGraph`, `model.tables`,
+// `model.eventGraph.events`, and `graph.uncertaintyEdges` once per edge per routine per
+// iteration. Linear `.find()` over those arrays is the dominant cold-run cost on large
+// dependencies (10k+ routines): a 50k-routine app turns each scan into ~50k ops, and
+// composing 50k routines × ~3 edges = ~7.5 billion array scans.
+//
+// This context builds the lookups once at the top of `runSummaries` and threads them
+// through `composeRoutine` / `baseIntraproceduralSummary` / `resolvePublishedEvent` /
+// `computeRecordRoles` / `computeFieldEffects`. No behavior change — pure data
+// access path swap (O(N²) → O(N)).
+
+import type { Routine, Table } from "../model/entities.ts";
+import type { CallEdge, EventSymbol } from "../model/graph.ts";
+import type { CallsiteId, EventId, OperationId, RoutineId, TableId } from "../model/ids.ts";
+import type { SemanticModel } from "../model/model.ts";
+import type { CombinedGraph, UncertaintyEdge } from "./combined-graph.ts";
+
+export interface SummaryContext {
+	routineById: Map<RoutineId, Routine>;
+	tableById: Map<TableId, Table>;
+	/**
+	 * CallEdges keyed by `operationId`. The summary engine resolves a published event
+	 * by following `operationId → CallEdge.to (publisher routine) → EventSymbol`. A
+	 * single operationId has at most one resolved CallEdge in `model.callGraph`, so a
+	 * `Map<OperationId, CallEdge>` is sufficient (no duplicates).
+	 */
+	resolvedCallEdgeByOperation: Map<OperationId, CallEdge>;
+	/**
+	 * CallEdges keyed by `callsiteId`. Used by the c1b exit-effect composition pass
+	 * to look up the resolved edge for each call site without a full scan.
+	 */
+	resolvedCallEdgeByCallsite: Map<CallsiteId, CallEdge>;
+	/** EventSymbol keyed by `publisherRoutineId` — used to recover the published event id. */
+	eventByPublisher: Map<RoutineId, EventSymbol>;
+	/**
+	 * UncertaintyEdges keyed by `from`. composeRoutine previously did
+	 * `for (ue of graph.uncertaintyEdges) if (ue.from !== routine.id) continue;` — a
+	 * global scan per routine. With this index the loop only visits its own entries.
+	 */
+	uncertaintyEdgesByFrom: Map<RoutineId, UncertaintyEdge[]>;
+}
+
+/**
+ * Build all SummaryContext indexes from a SemanticModel and (optionally) a CombinedGraph.
+ * If no graph is passed, `uncertaintyEdgesByFrom` is empty — callers that don't traverse
+ * uncertainty edges (e.g. test helpers calling `baseIntraproceduralSummary` directly)
+ * pay nothing for it.
+ *
+ * O(R + T + C + E) where R=routines, T=tables, C=callGraph edges, E=event symbols.
+ */
+export function buildSummaryContext(model: SemanticModel, graph?: CombinedGraph): SummaryContext {
+	const routineById = new Map<RoutineId, Routine>();
+	for (const r of model.routines) routineById.set(r.id, r);
+
+	const tableById = new Map<TableId, Table>();
+	for (const t of model.tables) tableById.set(t.id, t);
+
+	// Mirror the old `resolvePublishedEvent` precondition: the matched CallEdge had to
+	// have `to !== undefined`. We only index those — unresolved edges can never satisfy
+	// the publisher-routine lookup downstream.
+	const resolvedCallEdgeByOperation = new Map<OperationId, CallEdge>();
+	const resolvedCallEdgeByCallsite = new Map<CallsiteId, CallEdge>();
+	for (const ce of model.callGraph) {
+		if (ce.to === undefined) continue;
+		// `model.callGraph` may have multiple edges per operationId in pathological cases
+		// (e.g. interface multi-target). The old `.find()` returned the FIRST match — we
+		// preserve that by keeping the first writer and ignoring later ones.
+		if (!resolvedCallEdgeByOperation.has(ce.operationId)) {
+			resolvedCallEdgeByOperation.set(ce.operationId, ce);
+		}
+		if (!resolvedCallEdgeByCallsite.has(ce.callsiteId)) {
+			resolvedCallEdgeByCallsite.set(ce.callsiteId, ce);
+		}
+	}
+
+	const eventByPublisher = new Map<RoutineId, EventSymbol>();
+	for (const sym of model.eventGraph.events) {
+		if (sym.publisherRoutineId === undefined) continue;
+		if (!eventByPublisher.has(sym.publisherRoutineId)) {
+			eventByPublisher.set(sym.publisherRoutineId, sym);
+		}
+	}
+
+	const uncertaintyEdgesByFrom = new Map<RoutineId, UncertaintyEdge[]>();
+	if (graph !== undefined) {
+		for (const ue of graph.uncertaintyEdges) {
+			const list = uncertaintyEdgesByFrom.get(ue.from);
+			if (list) list.push(ue);
+			else uncertaintyEdgesByFrom.set(ue.from, [ue]);
+		}
+	}
+
+	return {
+		routineById,
+		tableById,
+		resolvedCallEdgeByOperation,
+		resolvedCallEdgeByCallsite,
+		eventByPublisher,
+		uncertaintyEdgesByFrom,
+	};
+}

package/src/engine/summary-engine.ts

@@ -0,0 +1,296 @@
+import type { Routine } from "../model/entities.ts";
+import type { EventId, FieldId, OperationId, RoutineId, TableId } from "../model/ids.ts";
+import type { SemanticModel } from "../model/model.ts";
+import type {
+	DbEffect,
+	EffectPresence,
+	FieldEffectSet,
+	RecordRoleSummary,
+	RoutineSummary,
+} from "../model/summary.ts";
+import { effectKeyOf, joinPresence } from "./effect-lattice.ts";
+import { classifyOp, isDbTouchingClass, recordFlowRoleOf } from "./op-classification.ts";
+import { type SummaryContext, buildSummaryContext } from "./summary-context.ts";
+import { compareStrings } from "./uncertainty-util.ts";
+
+/**
+ * Resolve which event a call site raises. Phase 1 does not emit `event-publish` operation
+ * sites — a published event is a CallEdge whose `to` routine has kind "event-publisher".
+ * Returns the EventId of the matching EventSymbol, or undefined if the operation is not an
+ * event publish.
+ *
+ * O(1) variant — used inside the fixed-point composer. The two `Map` lookups replace the
+ * old `model.callGraph.find()` + `model.eventGraph.events.find()` pair, which dominated
+ * cold-run cost on large dependencies (~50G+ ops on Base App).
+ */
+export function resolvePublishedEventCtx(
+	operationId: OperationId,
+	ctx: SummaryContext,
+): EventId | undefined {
+	const edge = ctx.resolvedCallEdgeByOperation.get(operationId);
+	if (edge?.to === undefined) return undefined;
+	return ctx.eventByPublisher.get(edge.to)?.id;
+}
+
+/**
+ * Public, model-based form kept for callers outside the fixed-point (d2 detector, tests).
+ * Builds a one-shot SummaryContext per call — fine for cold call sites, NOT for hot loops.
+ */
+export function resolvePublishedEvent(
+	operationId: OperationId,
+	model: SemanticModel,
+): EventId | undefined {
+	return resolvePublishedEventCtx(operationId, buildSummaryContext(model));
+}
+
+/**
+ * Derive a RecordRoleSummary per record parameter from a routine's intraprocedural
+ * features. Field names are resolved to FieldId via the parameter record's table. Unresolved
+ * field names are skipped here (they surface as D3 bailouts, not silent drops).
+ *
+ * O(1) variant — used inside the fixed-point composer. Replaces `model.tables.find()` per
+ * record parameter with a single `Map` lookup.
+ */
+export function computeRecordRolesCtx(routine: Routine, ctx: SummaryContext): RecordRoleSummary[] {
+	const out: RecordRoleSummary[] = [];
+	for (const param of routine.parameters) {
+		if (!param.isRecord) continue;
+		const recVar = routine.features.recordVariables.find(
+			(rv) => rv.isParameter && rv.parameterIndex === param.index,
+		);
+		if (recVar === undefined) continue; // missing RecordVariable — skip rather than corrupt
+		const tableId = recVar.tableId;
+		const table = tableId !== undefined ? ctx.tableById.get(tableId) : undefined;
+
+		const resolveField = (fieldName: string): FieldId | undefined =>
+			table?.fields.find((f) => f.name.toLowerCase() === fieldName.toLowerCase())?.id;
+
+		const recVarName = recVar.name.toLowerCase();
+		// Phase 1's FieldAccess does not distinguish read vs. direct-assignment write, so
+		// readsFields is "all dot-notation field accesses" on this parameter. Targeted writes
+		// (Validate ops) feed writesFields separately below.
+		const readsFields: FieldId[] = [];
+		const writesFields: FieldId[] = [];
+		for (const fa of routine.features.fieldAccesses) {
+			if (fa.recordVariableName.toLowerCase() !== recVarName) continue;
+			const fid = resolveField(fa.fieldName);
+			if (fid !== undefined) readsFields.push(fid);
+		}
+
+		let mayResetFilters = false;
+		let mayChangeLoadFields = false;
+		let mayAssignRecord = false;
+		let loadsFromDbParam: EffectPresence = "no";
+		let initialisesParam: EffectPresence = "no";
+		let persistsCurrentRecord: EffectPresence = "no";
+		let setBasedDbWrites: EffectPresence = "no";
+		let validatesParam: EffectPresence = "no";
+		let copiesIntoParam: EffectPresence = "no";
+		let resetsFiltersOnParam: EffectPresence = "no";
+
+		for (const op of routine.features.recordOperations) {
+			if (op.recordVariableName.toLowerCase() !== recVarName) continue;
+			if (op.op === "Validate") {
+				for (const arg of op.fieldArguments ?? []) {
+					const fid = resolveField(arg);
+					if (fid !== undefined) writesFields.push(fid);
+				}
+			}
+			if (op.op === "Reset" || op.op === "Copy") mayResetFilters = true;
+			if (op.op === "SetLoadFields" || op.op === "AddLoadFields" || op.op === "Reset")
+				mayChangeLoadFields = true;
+			if (op.op === "Copy" || op.op === "TransferFields") mayAssignRecord = true;
+
+			// May-fact bootstrap — record-flow op roles.
+			const role = recordFlowRoleOf(op.op);
+			switch (role) {
+				case "loadsFromDb":
+					loadsFromDbParam = "yes";
+					break;
+				case "initialises":
+					initialisesParam = "yes";
+					break;
+				case "persistsCurrent":
+					persistsCurrentRecord = "yes";
+					break;
+				case "setBasedWrite":
+					setBasedDbWrites = "yes";
+					break;
+				case "validates":
+					validatesParam = "yes";
+					break;
+				case "copiesInto":
+					copiesIntoParam = "yes";
+					break;
+				case "resetsFilter":
+					resetsFiltersOnParam = "yes";
+					break;
+			}
+		}
+
+		// RecordRef / FieldRef / Variant params: detectable from the raw type text.
+		const mayUseRecordRef = /\b(RecordRef|FieldRef|Variant)\b/i.test(param.typeText);
+
+		out.push({
+			parameterIndex: param.index,
+			tableId: tableId ?? "unknown",
+			readsFields: mayUseRecordRef ? "unknown" : [...new Set(readsFields)].sort(),
+			writesFields: mayUseRecordRef ? "unknown" : [...new Set(writesFields)].sort(),
+			mayResetFilters,
+			mayChangeLoadFields,
+			mayAssignRecord,
+			mayUseRecordRef,
+			// Entry requirements — populated in Phase 4.
+			requiresLoadedAtEntry: "unknown",
+			requiredLoadedFieldsAtEntry: "unknown",
+			mutatesBeforeLoad: "unknown",
+			// Exit-effect may-facts — populated this phase.
+			persistsCurrentRecord,
+			setBasedDbWrites,
+			validatesParam,
+			copiesIntoParam,
+			resetsFiltersOnParam,
+			// Path-aware exit-effect facts — populated in Phase 6.
+			dirtyAtExit: "unknown",
+			currentLoadedFieldsAtExit: "unknown",
+			// Convenience derivations.
+			mutatesParam: joinPresence(
+				joinPresence(persistsCurrentRecord, validatesParam),
+				copiesIntoParam,
+			),
+			loadsFromDbParam,
+			initialisesParam,
+		});
+	}
+	return out.sort((a, b) => a.parameterIndex - b.parameterIndex);
+}
+
+/**
+ * Public, model-based form kept for callers outside the fixed-point (tests, helpers).
+ * Builds a one-shot SummaryContext — fine for one-off calls, NOT for hot loops.
+ */
+export function computeRecordRoles(routine: Routine, model: SemanticModel): RecordRoleSummary[] {
+	return computeRecordRolesCtx(routine, buildSummaryContext(model));
+}
+
+/**
+ * Build a routine's summary from its OWN intraprocedural features only — no callee
+ * composition. Recomputed every fixed-point pass (never inherited), so opaque /
+ * parse-incomplete facts are always re-applied.
+ *
+ * O(1)-lookup variant — used inside the fixed-point composer.
+ */
+export function baseIntraproceduralSummaryCtx(
+	routine: Routine,
+	ctx: SummaryContext,
+): RoutineSummary {
+	const parameterRoles = computeRecordRolesCtx(routine, ctx);
+
+	// Opaque (.app symbol, no body) — unknown everything; the caller (which has the
+	// callsiteId) attaches the opaque-callee uncertainty, not this routine itself.
+	if (!routine.bodyAvailable) {
+		return {
+			routineId: routine.id,
+			dbEffects: [],
+			inRecursiveCycle: false,
+			hasUnresolvedCalls: true,
+			// the opaque-callee uncertainty is created at the call site, not here
+			uncertainties: [],
+			parameterRoles,
+		};
+	}
+
+	// Parse-incomplete — body present but unparseable; record the typed uncertainty.
+	if (routine.parseIncomplete) {
+		return {
+			routineId: routine.id,
+			dbEffects: [],
+			inRecursiveCycle: false,
+			hasUnresolvedCalls: true,
+			uncertainties: [{ kind: "parse-incomplete", routineId: routine.id }],
+			parameterRoles,
+		};
+	}
+
+	// Body available + parsed — derive direct facts from the operation stream.
+	const dbEffects: DbEffect[] = [];
+
+	for (const op of routine.features.recordOperations) {
+		const cls = classifyOp(op.op);
+		if (!isDbTouchingClass(cls)) continue; // state-only / trigger ops do not touch the DB
+		const tableId: TableId | "unknown" = op.tableId ?? "unknown";
+		const effect: DbEffect = {
+			effectKey: effectKeyOf({
+				op: op.op,
+				tableId,
+				operationId: op.id,
+				tempState: op.tempState,
+			}),
+			operationId: op.id,
+			op: op.op,
+			tableId,
+			recordVariableId: op.recordVariableId,
+			tempState: op.tempState,
+			via: "direct",
+		};
+		dbEffects.push(effect);
+	}
+
+	return {
+		routineId: routine.id,
+		dbEffects: dbEffects.sort((a, b) => compareStrings(a.effectKey, b.effectKey)),
+		inRecursiveCycle: false,
+		hasUnresolvedCalls: false,
+		uncertainties: [],
+		parameterRoles,
+	};
+}
+
+/**
+ * Public, model-based form. Builds a one-shot SummaryContext per call — fine for tests,
+ * NOT for hot loops. The fixed-point composer uses `baseIntraproceduralSummaryCtx` directly.
+ */
+export function baseIntraproceduralSummary(routine: Routine, model: SemanticModel): RoutineSummary {
+	return baseIntraproceduralSummaryCtx(routine, buildSummaryContext(model));
+}
+
+// Orchestration moved to summary-runner.ts in Phase 2c. Re-exported so existing import
+// sites (src/index.ts, detector tests) keep importing `computeSummaries` from here.
+export { computeSummaries } from "./summary-runner.ts";
+
+/**
+ * Lazy field-effects seam — compute the field-effect set for one routine on demand.
+ *
+ * This function is intentionally NOT yet consumed by D3. D3 requires window-scoped field
+ * accesses (accesses that occur between a retrieval op and the next invalidating op), which
+ * this routine-level snapshot cannot provide. `computeFieldEffects` is kept as the interface
+ * for future on-demand field-effect queries once those callers exist; do not wire it into D3
+ * until the window-scoping concern is resolved.
+ *
+ * Groups resolved field reads by record-variable name.
+ */
+export function computeFieldEffectsCtx(routineId: RoutineId, ctx: SummaryContext): FieldEffectSet {
+	const routine = ctx.routineById.get(routineId);
+	const readsByRecordVariable: Record<string, string[]> = {};
+	if (routine === undefined) return { readsByRecordVariable };
+
+	for (const fa of routine.features.fieldAccesses) {
+		const recVar = routine.features.recordVariables.find(
+			(rv) => rv.name.toLowerCase() === fa.recordVariableName.toLowerCase(),
+		);
+		const table = recVar?.tableId !== undefined ? ctx.tableById.get(recVar.tableId) : undefined;
+		const fieldId = table?.fields.find(
+			(f) => f.name.toLowerCase() === fa.fieldName.toLowerCase(),
+		)?.id;
+		if (fieldId === undefined) continue;
+		const key = fa.recordVariableName;
+		const list = readsByRecordVariable[key] ?? [];
+		if (!list.includes(fieldId)) list.push(fieldId);
+		readsByRecordVariable[key] = list.sort();
+	}
+	return { readsByRecordVariable };
+}
+
+export function computeFieldEffects(routineId: RoutineId, model: SemanticModel): FieldEffectSet {
+	return computeFieldEffectsCtx(routineId, buildSummaryContext(model));
+}