js-confuser-vm 0.1.0 → 0.1.2

package/src/transforms/bytecode/selfModifying.ts

@@ -1,121 +0,0 @@
-import type { Bytecode, Instruction } from "../../types.ts";
-import { Compiler } from "../../compiler.ts";
-import { choice } from "../../utils/random-utils.ts";
-import { getInstructionSize } from "../../utils/op-utils.ts";
-
-export function selfModifying(
-  bc: Bytecode,
-  compiler: Compiler,
-): { bytecode: Bytecode } {
-  // Walk the bytecode looking for "defineLabel" pseudo-ops, which start basic
-  // blocks. For each block we collect the body (instructions between the label
-  // and the next label/jump terminator), move it to the end of the bytecode
-  // under a fresh "patch_LXX" label, and replace it in-place with:
-  //
-  //   defineLabel ("originalLabel")               ← kept as-is (pseudo-op)
-  //   PATCH  destPc  sliceStart  sliceEnd          ← 4 flat slots total
-  //   Garbage Opcodes  × bodyFlatSize                         ← placeholder slots
-  //
-  // PATCH reads three inline operands via _operand():
-  //   destPc     = originalLabel + 4  (first slot after PATCH's own 4 slots)
-  //   sliceStart = patchLabel          (flat PC of appended body)
-  //   sliceEnd   = patchLabel + bodyFlatSize
-  //
-  // On first execution PATCH copies bytecode[sliceStart..sliceEnd) over the
-  // placeholder region starting at destPc.  Execution then falls through into
-  // the freshly-patched body.  Subsequent calls are idempotent.
-
-  const { OP, JUMP_OPS } = compiler;
-
-  const result: Bytecode = [];
-  const appended: Bytecode = [];
-  let patchCount = 0;
-
-  let i = 0;
-  while (i < bc.length) {
-    const instr = bc[i];
-    const [op, operand] = instr;
-
-    // Detect a defineLabel pseudo-op — start of a new basic block.
-    if (
-      op === null &&
-      operand !== null &&
-      typeof operand === "object" &&
-      (operand as any).type === "defineLabel"
-    ) {
-      const originalLabel = (operand as any).label as string;
-      result.push(instr); // keep the defineLabel marker
-      i++;
-
-      // Collect body: everything after the label until the next terminator.
-      let j = i;
-      while (j < bc.length) {
-        const [nextOp, nextOperand] = bc[j];
-
-        // Another defineLabel = boundary of the next block.
-        if (
-          nextOp === null &&
-          typeof nextOperand === "object" &&
-          (nextOperand as any)?.type === "defineLabel"
-        ) {
-          break;
-        }
-
-        // Jump instructions, RETURN all terminate the body.
-        if (nextOp !== null && (JUMP_OPS.has(nextOp) || nextOp === OP.RETURN)) {
-          break;
-        }
-
-        j++;
-      }
-
-      const body = bc.slice(i, j);
-      const N = body.length;
-
-      if (N === 0) {
-        // Nothing to transform — label is immediately followed by a terminator.
-        continue;
-      }
-
-      const patchLabel = `patch_${originalLabel}_${patchCount++}`;
-
-      // Flat size of the body (each instruction occupies instr.length slots).
-      const bodyFlatSize = body.reduce(
-        (acc, instr) => acc + getInstructionSize(instr),
-        0,
-      );
-
-      // ── PATCH instruction (4 flat slots: opcode + 3 operands) ───────────
-      //   destPc     = originalLabel + 4  (slot right after PATCH's 4 slots)
-      //   sliceStart = patchLabel
-      //   sliceEnd   = patchLabel + bodyFlatSize
-      result.push([
-        OP.PATCH as number,
-        { type: "label", label: originalLabel, offset: 4 },
-        { type: "label", label: patchLabel },
-        { type: "label", label: patchLabel, offset: bodyFlatSize },
-      ] as unknown as Instruction);
-
-      // ── Placeholders (Garbage Opcodes * bodyFlatSize, each 1 flat slot) ────────────
-      // These are overwritten by PATCH on first execution.
-      for (let p = 0; p < bodyFlatSize; p++) {
-        const randomOpcode = choice(Object.values(compiler.OP));
-        result.push([+randomOpcode]);
-      }
-
-      // ── Append real body at end ─────────────────────────────────────────
-      appended.push([null, { type: "defineLabel", label: patchLabel }]);
-      for (const bodyInstr of body) {
-        appended.push(bodyInstr);
-      }
-
-      i = j; // skip over the original body in the input array
-      continue;
-    }
-
-    result.push(instr);
-    i++;
-  }
-
-  return { bytecode: [...result, ...appended] };
-}

package/src/transforms/bytecode/specializedOpcodes.ts

@@ -1,153 +0,0 @@
-import type { Bytecode, InstrOperand, Instruction } from "../../types.ts";
-import { Compiler, SOURCE_NODE_SYM } from "../../compiler.ts";
-import { getInstructionSize, nextFreeSlot } from "../../utils/op-utils.ts";
-
-export const nSizedOps = [
-  "MAKE_CLOSURE",
-  "BUILD_ARRAY",
-  "BUILD_OBJECT",
-  "CALL",
-  "CALL_METHOD",
-  "NEW",
-];
-
-// Creates specialized opcodes for the most frequent (OPCODE + single_integer_operand) pairs.
-// Example: [OP.LOAD_CONST, 1] becomes [SPECIALIZED_LOAD_CONST_1].
-// Only instructions that are fixed-sized are considered.
-// MAKE_CLOSURE and other N-sized instructions cannot be specialized
-// Operands are converted into objects and marked as 'placeholder' - other passes can mutate and the reference stays intact
-// We need a reference throughout the pipeline so that final AST generation can place the actual value
-// The 'placeholder' flag drops the operand from the final bytecode - any size calculation must not count these
-export function specializedOpcodes(
-  bc: Bytecode,
-  compiler: Compiler,
-): { bytecode: Bytecode } {
-  const disallowedOps = new Set(nSizedOps.map((name) => compiler.OP[name]));
-
-  // ── Step 1: count frequency of eligible (op, operand) pairs ───────────────
-  const freqMap = new Map<
-    string,
-    {
-      op: number;
-      operands: InstrOperand[];
-      operandsKey: string;
-      occurences: number;
-    }
-  >();
-
-  for (const instr of bc) {
-    const op = instr[0];
-    if (op === null || disallowedOps.has(op)) continue;
-
-    // Only supports between 1-6 operands
-    const operandCount = getInstructionSize(instr) - 1;
-    if (operandCount < 1 || operandCount > 6) continue;
-
-    // Convert numbers into operand objects so they can be modified elsewhere and preserved
-    const oldOperands = instr.slice(1);
-    const operands = oldOperands.map((operand) => {
-      if (typeof operand === "number") {
-        return {
-          type: "number",
-          value: operand,
-          resolvedValue: operand,
-        } as InstrOperand;
-      }
-      return operand;
-    });
-
-    instr.length = 1;
-    instr.push(...operands);
-
-    const operandsKey = JSON.stringify(operands);
-
-    const key = `${op},${operandsKey}`;
-    const entry = freqMap.get(key);
-    if (entry) {
-      entry.occurences++;
-    } else {
-      freqMap.set(key, {
-        op,
-        operands,
-        operandsKey,
-        occurences: 1,
-      });
-    }
-  }
-
-  // ── Step 2: keep combinations that appear >= 2 times, sort by frequency ───
-  const candidates = Array.from(freqMap.values())
-    .filter((e) => e.occurences >= 1)
-    .sort((a, b) => b.occurences - a.occurences);
-
-  if (candidates.length === 0) return { bytecode: bc };
-
-  // ── Step 3: assign free opcode slots to the best candidates ───────────────
-  const sigToSpecial = new Map<string, number>();
-  const specializedOps: Compiler["SPECIALIZED_OPS"] = {};
-
-  for (let i = 0; i < candidates.length; i++) {
-    const specialOp = nextFreeSlot(compiler);
-    if (specialOp === -1) break;
-    const { op: originalOp, operands, operandsKey } = candidates[i];
-
-    const key = `${originalOp},${operandsKey}`;
-    sigToSpecial.set(key, specialOp);
-
-    specializedOps[specialOp] = { originalOp, operands };
-
-    // Register a human-readable name for disassembly / debugging
-    const originalName = compiler.OP_NAME[originalOp] ?? `OP_${originalOp}`;
-    compiler.OP_NAME[specialOp] =
-      `${originalName}_${JSON.stringify(operandsKey)}`;
-  }
-
-  // Store mapping so the interpreter knows how to dispatch the specialized op
-  compiler.SPECIALIZED_OPS = specializedOps;
-
-  // ── Step 4: replace matching instructions with the new single-byte opcode ─
-  const result: Bytecode = [];
-
-  for (const instr of bc) {
-    const op = instr[0];
-    // Only consider instructions with one or more operands
-    if (op === null || instr.length <= 1 || op === compiler.OP.MAKE_CLOSURE) {
-      result.push(instr);
-      continue;
-    }
-
-    const operands = instr.slice(1);
-    const operandsKey = JSON.stringify(operands);
-
-    const key = `${op},${operandsKey}`;
-
-    const specialOpCode = sigToSpecial.get(key)!;
-
-    if (!specialOpCode) {
-      result.push(instr);
-      continue;
-    }
-
-    const newOperands = operands.map((operand) => {
-      const operandAsObject: any =
-        typeof operand === "object" && operand
-          ? operand
-          : {
-              type: "number",
-              resolvedValue: operand,
-            };
-
-      operandAsObject.placeholder = true;
-      return operandAsObject;
-    });
-
-    const newInstr: Instruction = [specialOpCode, ...newOperands];
-
-    // Preserve source-node information for error reporting
-    (newInstr as any)[SOURCE_NODE_SYM] = (instr as any)[SOURCE_NODE_SYM];
-
-    result.push(newInstr);
-  }
-
-  return { bytecode: result };
-}

package/src/transforms/runtime/aliasedOpcodes.ts

@@ -1,191 +0,0 @@
-import * as t from "@babel/types";
-import traverseImport from "@babel/traverse";
-import { ok } from "assert";
-import { Compiler } from "../../compiler.ts";
-
-const traverse = (traverseImport.default ||
-  traverseImport) as typeof traverseImport.default;
-
-// Extract the real statement list from a SwitchCase consequent.
-function extractCaseBody(switchCase: t.SwitchCase): t.Statement[] {
-  let stmts: t.Statement[];
-  if (
-    switchCase.consequent.length === 1 &&
-    t.isBlockStatement(switchCase.consequent[0])
-  ) {
-    stmts = (switchCase.consequent[0] as t.BlockStatement).body;
-  } else {
-    stmts = switchCase.consequent as t.Statement[];
-  }
-  return stmts.filter((s) => !t.isBreakStatement(s) && !t.isEmptyStatement(s));
-}
-
-// Replace every `this._operand()` call in bodyStmts with `_operands[i]`
-// where i is the call's sequential index (0-based).
-// Returns the number of replacements performed.
-function replaceOperandCalls(bodyStmts: t.Statement[]): number {
-  let replaced = 0;
-
-  traverse(t.blockStatement(bodyStmts), {
-    noScope: true,
-    CallExpression(path) {
-      const callee = path.node.callee;
-
-      const isMethodCall = (methodName) => {
-        return (
-          t.isMemberExpression(callee) &&
-          t.isThisExpression(callee.object) &&
-          t.isIdentifier(callee.property, { name: methodName }) &&
-          path.node.arguments.length === 0
-        );
-      };
-
-      // Replace with _operands[i]
-      const createOperandAccess = () => {
-        return t.memberExpression(
-          t.identifier("_operands"),
-          t.numericLiteral(replaced++),
-          true, // computed
-        );
-      };
-
-      if (isMethodCall("_operand")) {
-        path.replaceWith(createOperandAccess());
-      }
-
-      if (isMethodCall("_constant")) {
-        path.node.arguments = [createOperandAccess(), createOperandAccess()];
-      }
-    },
-  });
-
-  return replaced;
-}
-
-// Appends a generated switch case for every entry in compiler.ALIASED_OPS.
-// Each alias case:
-//   1. Reads all operands eagerly into `_unsortedOperands` (in the shuffled
-//      bytecode order) via sequential this._operand() calls.
-//   2. Restores the original operand order into `_operands` using the INVERSE
-//      of the stored `order` permutation:
-//        inverseOrder[order[i]] = i
-//        _operands[j] = _unsortedOperands[inverseOrder[j]]
-//      This is necessary because the bytecode stored originalOperands[order[i]]
-//      at slot i, so recovering originalOperands[j] requires the inverse lookup.
-//   3. Executes a clone of the original handler body where every
-//      this._operand() has been replaced by the corresponding `_operands[i]`.
-//
-// Must run AFTER applyMacroOpcodes / applySpecializedOpcodes (so original
-// cases already exist) but BEFORE applyShuffleOpcodes (so the new alias
-// cases are also shuffled into the handler order).
-export function applyAliasedOpcodes(ast: t.File, compiler: Compiler): void {
-  if (!compiler.ALIASED_OPS || Object.keys(compiler.ALIASED_OPS).length === 0)
-    return;
-
-  let switchStatement: t.SwitchStatement | null = null;
-  traverse(ast, {
-    SwitchStatement(path) {
-      if (path.node.leadingComments?.some((c) => c.value.includes("@SWITCH"))) {
-        switchStatement = path.node;
-        path.stop();
-      }
-    },
-  });
-
-  ok(switchStatement, "Could not find @SWITCH statement for aliased opcodes");
-
-  // Build opName → SwitchCase map from existing OP.xxx case tests.
-  const nameToCaseMap = new Map<string, t.SwitchCase>();
-  for (const sc of (switchStatement as t.SwitchStatement).cases) {
-    const test = sc.test;
-    if (
-      test &&
-      t.isMemberExpression(test) &&
-      t.isIdentifier(test.object, { name: "OP" }) &&
-      t.isIdentifier(test.property)
-    ) {
-      nameToCaseMap.set((test.property as t.Identifier).name, sc);
-    }
-  }
-
-  for (const [aliasOpStr, info] of Object.entries(compiler.ALIASED_OPS)) {
-    const aliasOpCode = Number(aliasOpStr);
-    const { originalOp, order } = info;
-    const arity = order.length;
-
-    const originalName = compiler.OP_NAME[originalOp];
-    if (!originalName) continue;
-
-    const originalCase = nameToCaseMap.get(originalName);
-    if (!originalCase) continue;
-
-    // Clone the original handler body (deep clone so we don't mutate the source)
-    const bodyStmts: t.Statement[] = extractCaseBody(originalCase).map(
-      (s) => t.cloneNode(s, true) as t.Statement,
-    );
-
-    // Replace this._operand() calls with _operands[i]
-    const replaced = replaceOperandCalls(bodyStmts);
-
-    // If the handler has a different number of _operand() calls than our
-    // recorded arity, skip this alias (variable-operand handler guard).
-    if (replaced !== arity) continue;
-
-    // Build: var _unsortedOperands = [this._operand(), this._operand(), ...]
-    // Reads operands in the NEW (shuffled) bytecode order.
-    const unsortedInit = t.variableDeclaration("let", [
-      t.variableDeclarator(
-        t.identifier("_unsortedOperands"),
-        t.arrayExpression(
-          Array.from({ length: arity }, () =>
-            t.callExpression(
-              t.memberExpression(t.thisExpression(), t.identifier("_operand")),
-              [],
-            ),
-          ),
-        ),
-      ),
-    ]);
-
-    // The inverse permutation maps original position j → unsorted index i,
-    // because the bytecode stored originalOperands[order[i]] at slot i.
-    // inverseOrder[j] = i  means: original operand j lives at _unsortedOperands[i]
-    const inverseOrder = new Array<number>(arity);
-    for (let i = 0; i < arity; i++) {
-      inverseOrder[order[i]] = i;
-    }
-
-    // Build: var _operands = [_unsortedOperands[inverseOrder[0]], ...]
-    // Restores the original operand order expected by the handler body.
-    const operandsInit = t.variableDeclaration("let", [
-      t.variableDeclarator(
-        t.identifier("_operands"),
-        t.arrayExpression(
-          inverseOrder.map((idx) =>
-            t.memberExpression(
-              t.identifier("_unsortedOperands"),
-              t.numericLiteral(idx),
-              true, // computed
-            ),
-          ),
-        ),
-      ),
-    ]);
-
-    const allStmts: t.Statement[] = [unsortedInit, operandsInit, ...bodyStmts];
-
-    // Add a leading comment for readability in non-minified output
-    t.addComment(
-      allStmts[0],
-      "leading",
-      ` ${compiler.OP_NAME[aliasOpCode]} (order: [${order.join(",")}])`,
-      true,
-    );
-
-    allStmts.push(t.breakStatement());
-
-    (switchStatement as t.SwitchStatement).cases.push(
-      t.switchCase(t.numericLiteral(aliasOpCode), [t.blockStatement(allStmts)]),
-    );
-  }
-}