js-confuser-vm 0.1.0 → 0.1.1

package/src/transforms/bytecode/dispatcher.ts

@@ -78,8 +78,6 @@
 // Runs BEFORE resolveRegisters (so injected RegisterOperands are picked up by
 // liveness analysis) and BEFORE resolveLabels (so label operands with transforms
 // are resolved as part of the normal label-resolution pass).
-//
-// Enabled by options.dispatcher = true.
 
 import type {
   Bytecode,
@@ -92,22 +90,19 @@ import { Compiler } from "../../compiler.ts";
 import { getRandomInt } from "../../utils/random-utils.ts";
 import { U16_MAX } from "../../utils/op-utils.ts";
 import { Template } from "../../template.ts";
-
+import {
+  ref,
+  buildMaxIdMap,
+  allocReg,
+  extractLabel,
+  forEachFunction,
+} from "../../utils/pass-utils.ts";
 // VERY IMPORTANT: All object operands should be unique objects for the entire compilation process.
 // This ensures that other passes that may reference/modify operands (e.g. specializedOpcodes) don't accidentally break behavior by mutating cloned objects.
-function ref(r: RegisterOperand): RegisterOperand {
-  return b.registerOperand(r.id, r.fnId);
-}
 
-// Monotonically increasing counter that makes every encoded label operand
-// JSON.stringify-distinguishable.  specializedOpcodes keys candidates by
-// JSON.stringify(operands), which drops the transform function.  Without this
-// counter, two LOAD_INT instructions for the same label but different siteKeys
-// would serialize identically and be coalesced into one specialized opcode
-// sharing a single operand object — causing both sites to decode with the
-// first site's key rather than their own.
+// VERY IMPORTANT: All "encoded" label operands include a unique "_id" property that survives JSON.stringify.
+// This allows Specialized Opcodes and other passes to correct distinguish them as the "transform" function WILL NOT be preserved
 let _encodedLabelId = 0;
-
 function encodedLabelOperand(
   label: string,
   siteKey: number,
@@ -131,39 +126,6 @@ function applyEncoding(pc: number, siteKey: number, fnSalt: number): number {
   return ((pc - fnSalt) & U16_MAX) ^ siteKey;
 }
 
-// ── Register allocation helpers ───────────────────────────────────────────────
-// At pass time FnContext objects are gone; we allocate new virtual registers by
-// scanning the bytecode for the highest existing id per fnId and incrementing.
-function buildMaxIdMap(bc: Bytecode): Map<number, number> {
-  const maxId = new Map<number, number>();
-  for (const instr of bc) {
-    for (let j = 1; j < instr.length; j++) {
-      const op = instr[j] as any;
-      if (op && op.type === "register") {
-        const cur = maxId.get(op.fnId) ?? -1;
-        if (op.id > cur) maxId.set(op.fnId, op.id);
-      }
-    }
-  }
-  return maxId;
-}
-
-// Allocate a new virtual register for fnId, updating maxId in-place.
-function allocReg(fnId: number, maxId: Map<number, number>): RegisterOperand {
-  const next = (maxId.get(fnId) ?? -1) + 1;
-  maxId.set(fnId, next);
-  return b.registerOperand(next, fnId);
-}
-
-// ── Label operand extraction ──────────────────────────────────────────────────
-// Returns the label string if the operand is a { type:"label" } object,
-// otherwise returns null.  Used to identify routable jump targets.
-function extractLabel(op: InstrOperand | undefined): string | null {
-  if (op && typeof op === "object" && (op as any).type === "label")
-    return (op as any).label as string;
-  return null;
-}
-
 // buildDispatcherBlock: emits the dispatcher label + call + indirect jump.
 // rClosure is already live (created at function entry); this block simply
 // calls the decode closure and jumps to the result.
@@ -201,7 +163,7 @@ function processFunctionBlock(
   compiler: Compiler,
   maxId: Map<number, number>,
   labelCounter: () => string,
-): { instrs: Bytecode; templateBytecode: Bytecode } {
+): { instrs: Bytecode; tail: Bytecode } {
   const OP = compiler.OP;
 
   // Only transform functions that actually contain simple jumps.
@@ -209,15 +171,13 @@ function processFunctionBlock(
     const op = instr[0];
     return op === OP.JUMP || op === OP.JUMP_IF_FALSE || op === OP.JUMP_IF_TRUE;
   });
-  if (!hasRoutableJump) return { instrs, templateBytecode: [] };
+  if (!hasRoutableJump) return { instrs, tail: [] };
 
   // Per-function salt baked into this function's decode Template.
   // Never stored as an operand — lives only inside the decode closure body.
   const fnSalt = getRandomInt(1, U16_MAX);
 
   // Compile a unique decode closure for this function.
-  // The fnSalt literal is inlined into the source so each function's closure
-  // body is structurally distinct; no single signature covers all functions.
   const tmpl = new Template(
     `function decode(x, k) { return ((x ^ k) + ${fnSalt}) & ${U16_MAX}; }`,
   ).compile({}, compiler);
@@ -238,6 +198,7 @@ function processFunctionBlock(
     decodeDesc.paramCount, // 2 (x, k)
     b.fnRegCountOperand(decodeDesc._fnIdx), // resolved by resolveRegisters()
     0, // no upvalues
+    0, // hasRest = false
   ]);
 
   // ── Transform each instruction ────────────────────────────────────────────
@@ -311,7 +272,7 @@ function processFunctionBlock(
     ...buildDispatcherBlock(compiler, rDisp, rKey, rClosure, dispatcherLabel),
   );
 
-  return { instrs: out, templateBytecode: tmpl.bytecode };
+  return { instrs: out, tail: tmpl.bytecode };
 }
 
 // ── Pass entry point ──────────────────────────────────────────────────────────
@@ -319,80 +280,13 @@ export function dispatcher(
   bc: Bytecode,
   compiler: Compiler,
 ): { bytecode: Bytecode } {
-  // Pre-compute max virtual register id per function across the whole bytecode.
   const maxId = buildMaxIdMap(bc);
-
-  // Label factory that delegates to the compiler's own counter so labels
-  // produced here never collide with compiler-generated or pass-generated ones.
+  // Label factory delegates to the compiler's counter so labels never collide.
   const labelCounter = () => compiler._makeLabel("dispatcher");
-
-  // Build a set of entry labels so we can detect function boundaries.
-  const entryLabels = new Set(compiler.fnDescriptors.map((d) => d.entryLabel));
-  // Build a map from entry label → fnId.
-  const entryLabelToFnId = new Map(
-    compiler.fnDescriptors.map((d) => [d.entryLabel!, d._fnIdx!]),
+  // forEachFunction collects each function's tail (decode closure bytecode) and
+  // appends them all after the last function body, so every MAKE_CLOSURE can
+  // reference its entryLabel regardless of where it appears in the bytecode.
+  return forEachFunction(bc, compiler, (fnInstrs, fnId) =>
+    processFunctionBlock(fnInstrs, fnId, compiler, maxId, labelCounter),
   );
-
-  const result: Bytecode = [];
-  // Collect each function's decode Template bytecode; appended at the end so
-  // all MAKE_CLOSURE instructions can reference their entryLabels regardless
-  // of where in the bytecode the function appears.
-  const decodeBytecodes: Bytecode[] = [];
-  let i = 0;
-
-  while (i < bc.length) {
-    const instr = bc[i];
-    const [op, operand0] = instr;
-    const isEntryLabel =
-      op === null &&
-      (operand0 as any)?.type === "defineLabel" &&
-      entryLabels.has((operand0 as any).label);
-
-    if (!isEntryLabel) {
-      result.push(instr);
-      i++;
-      continue;
-    }
-
-    // Found a function entry label.  Collect all instructions belonging to
-    // this function (until the next entry label or end of bytecode).
-    const entryLabel = (operand0 as any).label as string;
-    const fnId = entryLabelToFnId.get(entryLabel)!;
-    i++; // step past the defineLabel itself
-
-    const fnInstrs: Bytecode = [];
-    while (i < bc.length) {
-      const next = bc[i];
-      const [nextOp, nextOp0] = next;
-      if (
-        nextOp === null &&
-        (nextOp0 as any)?.type === "defineLabel" &&
-        entryLabels.has((nextOp0 as any).label)
-      )
-        break; // next function starts here
-      fnInstrs.push(next);
-      i++;
-    }
-
-    // Emit the entry defineLabel, then the (potentially transformed) body.
-    result.push(instr); // the defineLabel
-    const { instrs: processed, templateBytecode } = processFunctionBlock(
-      fnInstrs,
-      fnId,
-      compiler,
-      maxId,
-      labelCounter,
-    );
-    result.push(...processed);
-    if (templateBytecode.length > 0) decodeBytecodes.push(templateBytecode);
-  }
-
-  // Append all per-function decode closure bodies at the end of the bytecode.
-  // Each block defines the entryLabel that the corresponding MAKE_CLOSURE
-  // instruction references.
-  for (const tb of decodeBytecodes) {
-    result.push(...tb);
-  }
-
-  return { bytecode: result };
 }

package/src/transforms/bytecode/macroOpcodes.ts

@@ -1,5 +1,5 @@
 import type { Bytecode, Instruction } from "../../types.ts";
-import { Compiler, SOURCE_NODE_SYM } from "../../compiler.ts";
+import { Compiler, OP_ORIGINAL, SOURCE_NODE_SYM } from "../../compiler.ts";
 import { nextFreeSlot } from "../../utils/op-utils.ts";
 import { ok } from "assert";
 
@@ -68,7 +68,7 @@ export function macroOpcodes(
       if (nonTerminalExcluded.find((name) => opName.includes(name)))
         return false;
     }
-    return OP_NAME[op] !== undefined;
+    return OP_NAME[op] !== undefined && OP_ORIGINAL[opName] !== undefined;
   }
 
   // ── Step 1: count window frequencies ──────────────────────────────────────

package/src/transforms/bytecode/resolveRegisters.ts

@@ -38,7 +38,12 @@ export function resolveRegisters(
   function registerPoolKey(op: {
     kind?: string;
     scopeId?: string | number;
+    pinned?: boolean;
   }): string {
+    // Pinned registers must never share a slot with anything else.
+    // Passes set this on registers whose live range crosses a CFF back-edge
+    // that the linear-scan liveness analysis cannot see.
+    if (op.pinned) return "local::";
     return `${op.kind ?? "local"}::${op.scopeId ?? ""}`;
   }
 

package/src/transforms/bytecode/specializedOpcodes.ts

@@ -35,6 +35,8 @@ export function specializedOpcodes(
     }
   >();
 
+  const instrToOperandKey = new WeakMap<Instruction, string>();
+
   for (const instr of bc) {
     const op = instr[0];
     if (op === null || disallowedOps.has(op)) continue;
@@ -45,21 +47,26 @@ export function specializedOpcodes(
 
     // Convert numbers into operand objects so they can be modified elsewhere and preserved
     const oldOperands = instr.slice(1);
-    const operands = oldOperands.map((operand) => {
+
+    let operands = [];
+
+    for (const operand of oldOperands) {
       if (typeof operand === "number") {
-        return {
+        operands.push({
           type: "number",
           value: operand,
           resolvedValue: operand,
-        } as InstrOperand;
+        } as InstrOperand);
+      } else {
+        operands.push(operand as InstrOperand);
       }
-      return operand;
-    });
+    }
 
     instr.length = 1;
     instr.push(...operands);
 
     const operandsKey = JSON.stringify(operands);
+    instrToOperandKey.set(instr, operandsKey);
 
     const key = `${op},${operandsKey}`;
     const entry = freqMap.get(key);
@@ -78,7 +85,8 @@ export function specializedOpcodes(
   // ── Step 2: keep combinations that appear >= 2 times, sort by frequency ───
   const candidates = Array.from(freqMap.values())
     .filter((e) => e.occurences >= 1)
-    .sort((a, b) => b.occurences - a.occurences);
+    .sort((a, b) => b.occurences - a.occurences)
+    .slice(0, 1000);
 
   if (candidates.length === 0) return { bytecode: bc };
 
@@ -86,10 +94,10 @@ export function specializedOpcodes(
   const sigToSpecial = new Map<string, number>();
   const specializedOps: Compiler["SPECIALIZED_OPS"] = {};
 
-  for (let i = 0; i < candidates.length; i++) {
+  for (const candidate of candidates) {
     const specialOp = nextFreeSlot(compiler);
     if (specialOp === -1) break;
-    const { op: originalOp, operands, operandsKey } = candidates[i];
+    const { op: originalOp, operands, operandsKey } = candidate;
 
     const key = `${originalOp},${operandsKey}`;
     sigToSpecial.set(key, specialOp);
@@ -98,8 +106,7 @@ export function specializedOpcodes(
 
     // Register a human-readable name for disassembly / debugging
     const originalName = compiler.OP_NAME[originalOp] ?? `OP_${originalOp}`;
-    compiler.OP_NAME[specialOp] =
-      `${originalName}_${JSON.stringify(operandsKey)}`;
+    compiler.OP_NAME[specialOp] = `${originalName}_${operandsKey}`;
   }
 
   // Store mapping so the interpreter knows how to dispatch the specialized op
@@ -117,7 +124,11 @@ export function specializedOpcodes(
     }
 
     const operands = instr.slice(1);
-    const operandsKey = JSON.stringify(operands);
+    const operandsKey = instrToOperandKey.get(instr);
+    if (!operandsKey) {
+      result.push(instr);
+      continue;
+    }
 
     const key = `${op},${operandsKey}`;
 

package/src/transforms/bytecode/stringConcealing.ts

@@ -0,0 +1,130 @@
+// String Concealing
+//
+// Encodes every string constant in each function with base64, then inserts a
+// decode closure (atob) that is called immediately after each LOAD_CONST to
+// recover the original value at runtime.
+//
+// ── How it works ─────────────────────────────────────────────────────────────
+//
+// Each function that contains at least one string LOAD_CONST gets:
+//
+//   rClosure — a register holding the decode closure, created ONCE at function
+//              entry (hoisted).  All decode calls within the function reuse it.
+//
+// The decode function is compiled ONCE (shared across all functions) from a
+// Template:
+//
+//   function decode(encoded) { return atob(encoded); }
+//
+// String constant transformations:
+//
+//   Original:  LOAD_CONST  rDst, "hello"
+//   Becomes:   LOAD_CONST  rDst, "aGVsbG8="        (base64-encoded)
+//              CALL        rDst, rClosure, 1, rDst  (decode in-place)
+//
+// ── Pipeline position ─────────────────────────────────────────────────────────
+// Runs BEFORE resolveRegisters and resolveLabels (same slot as Dispatcher/CFF).
+
+import { Compiler } from "../../compiler.ts";
+import { Template } from "../../template.ts";
+import type { Bytecode, RegisterOperand } from "../../types.ts";
+import * as b from "../../types.ts";
+import { ref, buildMaxIdMap, allocReg, forEachFunction } from "../../utils/pass-utils.ts";
+
+// ── Per-function transformation ──────────────────────────────────────────────
+
+function processFunctionBlock(
+  instrs: Bytecode,
+  fnId: number,
+  compiler: Compiler,
+  maxId: Map<number, number>,
+  decodeDesc: any,
+): { instrs: Bytecode } {
+  const OP = compiler.OP;
+
+  // Only transform functions that contain string constants.
+  const hasStringConst = instrs.some((instr) => {
+    if (instr[0] !== OP.LOAD_CONST) return false;
+    const operands = instr.slice(1);
+    return (
+      operands.length === 2 &&
+      (operands[1] as any)?.type === "constant" &&
+      typeof (operands[1] as any).value === "string"
+    );
+  });
+  if (!hasStringConst) return { instrs };
+
+  const rClosure = allocReg(fnId, maxId);
+  const out: Bytecode = [];
+
+  // Hoist: create the decode closure once at function entry.
+  out.push([
+    OP.MAKE_CLOSURE!,
+    ref(rClosure),
+    { type: "label", label: decodeDesc.entryLabel },
+    decodeDesc.paramCount, // 1 (encoded)
+    b.fnRegCountOperand(decodeDesc._fnIdx),
+    0, // no upvalues
+    0, // hasRest = false
+  ]);
+
+  // Transform each instruction.
+  for (const instr of instrs) {
+    if (
+      instr[0] === OP.LOAD_CONST &&
+      instr.length === 3 &&
+      (instr[2] as any)?.type === "constant" &&
+      typeof (instr[2] as any).value === "string"
+    ) {
+      const dst = instr[1] as RegisterOperand;
+      const constOp = instr[2] as any;
+
+      // Encode the string in-place.
+      constOp.value = Buffer.from(constOp.value as string, "utf-8").toString(
+        "base64",
+      );
+
+      out.push(instr);
+
+      // Decode: rDst = decode(rDst)
+      out.push([
+        OP.CALL!,
+        ref(dst),       // dst — receives decoded string
+        ref(rClosure),  // the hoisted decode closure
+        1,              // argc
+        ref(dst),       // arg[0] = encoded value
+      ]);
+    } else {
+      out.push(instr);
+    }
+  }
+
+  return { instrs: out };
+}
+
+// ── Pass entry point ──────────────────────────────────────────────────────────
+export function stringConcealing(
+  bc: Bytecode,
+  compiler: Compiler,
+): { bytecode: Bytecode } {
+  const maxId = buildMaxIdMap(bc);
+
+  // Compile the decode function ONCE — all functions share the same closure body.
+  const decodeTemplate = new Template(`
+    function decode(encoded) {
+      return atob(encoded);
+    }
+  `).compile({}, compiler);
+  const decodeDesc = decodeTemplate.functions[0];
+
+  const { bytecode } = forEachFunction(bc, compiler, (fnInstrs, fnId) =>
+    processFunctionBlock(fnInstrs, fnId, compiler, maxId, decodeDesc),
+  );
+
+  // Append the decode function's bytecode at the end (defines its entryLabel).
+  // This is a single shared closure, not per-function, so it lives outside
+  // forEachFunction's tail mechanism.
+  bytecode.push(...decodeTemplate.bytecode);
+
+  return { bytecode };
+}

package/src/transforms/runtime/classObfuscation.ts

@@ -0,0 +1,59 @@
+import { Compiler } from "../../compiler.ts";
+import * as t from "@babel/types";
+import { shuffle } from "../../utils/random-utils.ts";
+
+function hasComment(node: t.Node, text: string): boolean {
+  const all = [
+    ...((node as any).leadingComments ?? []),
+    ...((node as any).innerComments ?? []),
+    ...((node as any).trailingComments ?? []),
+  ];
+  return all.some((c) => c.value.includes(text));
+}
+
+function isPrototypeAssignment(stmt: t.Statement): boolean {
+  if (!t.isExpressionStatement(stmt)) return false;
+  const expr = stmt.expression;
+  if (!t.isAssignmentExpression(expr)) return false;
+  const left = expr.left;
+  return (
+    t.isMemberExpression(left) &&
+    t.isMemberExpression(left.object) &&
+    t.isIdentifier((left.object as t.MemberExpression).property, {
+      name: "prototype",
+    })
+  );
+}
+
+export function applyClassObfuscation(ast: t.File, _compiler: Compiler): void {
+  const body = ast.program.body;
+
+  // Split at the first statement that carries the @BOOT comment.
+  // Everything from that statement onward is the boot section and must stay last.
+  let bootIdx = body.findIndex((stmt) => hasComment(stmt, "@BOOT"));
+  if (bootIdx === -1) bootIdx = body.length;
+
+  const shufflable = body.slice(0, bootIdx);
+  const boot = body.slice(bootIdx);
+
+  // Partition the shufflable section into two independent groups.
+  // Group A: variable/function declarations (constructors, standalone vars).
+  // Group B: prototype method assignments (X.prototype.Y = ...).
+  // Both groups are shuffled independently; A always precedes B so that
+  // constructors are defined before methods reference them.
+  const varDecls: t.Statement[] = [];
+  const methodDefs: t.Statement[] = [];
+
+  for (const stmt of shufflable) {
+    if (isPrototypeAssignment(stmt)) {
+      methodDefs.push(stmt);
+    } else {
+      varDecls.push(stmt);
+    }
+  }
+
+  shuffle(varDecls);
+  shuffle(methodDefs);
+
+  ast.program.body = [...varDecls, ...methodDefs, ...boot];
+}

package/src/transforms/runtime/specializedOpcodes.ts

@@ -27,6 +27,8 @@ function extractCaseBody(switchCase: t.SwitchCase): t.Statement[] {
 // *exactly one* numeric operand, every `_operand()` call inside the original
 // handler is replaced by the constant value that was baked into the opcode.
 function inlineFixedOperands(
+  newName: string, // for debugging
+  info: any,
   bodyStmts: t.Statement[],
   resolvedValues: number[],
 ): void {
@@ -66,10 +68,12 @@ function inlineFixedOperands(
     },
   });
 
-  ok(
-    replaced === resolvedValues.length,
-    `Expected to replace ${resolvedValues.length} operands, but replaced ${replaced}`,
-  );
+  if (replaced !== resolvedValues.length) {
+    console.error(resolvedValues, info);
+    throw new Error(
+      `Specialized Opcode Inline Error: Given ${resolvedValues.length} operands to replace, but only found ${replaced} for ${newName}`,
+    );
+  }
 }
 
 // Append a generated switch case for every entry in compiler.SPECIALIZED_OPS.
@@ -119,12 +123,13 @@ export function applySpecializedOpcodes(ast: t.File, compiler: Compiler): void {
     const placedOperands = info.operands;
     ok(placedOperands, `Could not find operand for original opcode ${newName}`);
 
-    const resolvedValues = placedOperands.map((placedOperand) => {
-      return (placedOperand as any)?.resolvedValue ?? placedOperand;
-    });
+    const resolvedValues = placedOperands
+      // .filter((x) => !(x as any)?.placeholder)
+      .map((placedOperand) => {
+        return (placedOperand as any)?.resolvedValue ?? placedOperand;
+      });
 
     if (resolvedValues.find((v) => typeof v !== "number")) {
-      console.error(info);
       throw new Error("Expected all resolved operand values to be numbers");
     }
 
@@ -132,7 +137,7 @@ export function applySpecializedOpcodes(ast: t.File, compiler: Compiler): void {
     compiler.OP_NAME[specialOpCode] = newName;
 
     // Replace this._operand() with the baked-in constant
-    inlineFixedOperands(bodyStmts, resolvedValues);
+    inlineFixedOperands(newName, info, bodyStmts, resolvedValues);
 
     // Add a leading comment so the generated source stays readable
     if (bodyStmts.length > 0) {

package/src/types.ts

@@ -1,5 +1,5 @@
 // Bytecode supports both real instructions and IR pseudo-instructions
-// Real instruction: [OP.ADD, 5]  or multi-operand: [OP.MAKE_CLOSURE, labelRef, 2, 3, 0]
+// Real instruction: [OP.ADD, 5]  or multi-operand: [OP.MAKE_CLOSURE, labelRef, 2, 3, 0, 0]
 // IR instruction: [null, { type: "defineLabel", label: "FN_ENTRY_1" }]
 
 // IR instructions are used to hold symbolic information during compilation
@@ -15,6 +15,11 @@ export type RegisterOperand = Op<{
   fnId: number;
   kind?: string;
   scopeId?: string | number;
+  // If true, resolveRegisters always assigns this register to the "local::"
+  // pool (no slot reuse).  Set by passes that emit registers whose live ranges
+  // span CFF dispatch-loop back-edges — regions the linear-scan liveness
+  // analysis cannot reason about.
+  pinned?: boolean;
 }>;
 
 // A placeholder for a function's concrete regCount, emitted in MAKE_CLOSURE.
@@ -91,3 +96,39 @@ export function freeRegOperand(reg: RegisterOperand): FreeRegOperand {
   if (reg.scopeId !== undefined) op.scopeId = reg.scopeId;
   return op;
 }
+
+export interface ObfuscationResult {
+  code: string;
+  profileData?: {
+    handlerCount: number;
+
+    /**
+     * How long the entire obfuscation process takes (ms)
+     */
+    obfuscationTime?: number;
+
+    /**
+     * How long @babel/parser takes (ms)
+     */
+    parseTime?: number;
+
+    /**
+     * How long @babel/generator takes (ms)
+     */
+    generateTime?: number;
+
+    /**
+     * How long the Compiler#compileAST takes (ms)
+     */
+    compileTime?: number;
+
+    transforms: {
+      [transformName: string]: {
+        fileSize?: number;
+        bytecodeSize?: number;
+        transformTime?: number;
+        handlerCount?: number;
+      };
+    };
+  };
+}

package/src/utils/ast-utils.ts

@@ -0,0 +1,19 @@
+import * as t from "@babel/types";
+import traverseImport from "@babel/traverse";
+
+const traverse = (traverseImport.default ||
+  traverseImport) as typeof traverseImport.default;
+
+export function getSwitchStatement(ast: t.File) {
+  let switchStatement: t.SwitchStatement | null = null;
+  traverse(ast, {
+    SwitchStatement(path) {
+      if (path.node.leadingComments?.some((c) => c.value.includes("@SWITCH"))) {
+        switchStatement = path.node;
+        path.stop();
+      }
+    },
+  });
+
+  return switchStatement;
+}

package/src/utils/op-utils.ts

@@ -21,7 +21,6 @@ export function nextFreeSlot(compiler: Compiler): number {
     while (attempts++ < 512) {
       const candidate = getRandomInt(0, U16_MAX);
       if (!usedOpcodes.has(candidate)) {
-        usedOpcodes.add(candidate);
         return candidate;
       }
     }
@@ -32,7 +31,6 @@ export function nextFreeSlot(compiler: Compiler): number {
   for (let i = 0; i <= U16_MAX; i++) {
     const v = (start + i) & U16_MAX;
     if (!usedOpcodes.has(v)) {
-      usedOpcodes.add(v);
       return v;
     }
   }