From cf3f275aa126c25c85a298c4c8620b147592ea3e Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Tue, 4 Aug 2020 16:02:32 +0200
Subject: [PATCH 1/4] make DestructuringPattern non-abstract

---
 javascript/ql/src/LanguageFeatures/NonLinearPattern.ql | 3 +--
 javascript/ql/src/semmle/javascript/Variables.qll      | 6 ++++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/javascript/ql/src/LanguageFeatures/NonLinearPattern.ql b/javascript/ql/src/LanguageFeatures/NonLinearPattern.ql
index 5a8bf72dbb2..626e10c5aa4 100644
--- a/javascript/ql/src/LanguageFeatures/NonLinearPattern.ql
+++ b/javascript/ql/src/LanguageFeatures/NonLinearPattern.ql
@@ -14,9 +14,8 @@
 
 import javascript
 
-class RootDestructuringPattern extends BindingPattern {
+class RootDestructuringPattern extends DestructuringPattern {
   RootDestructuringPattern() {
-    this instanceof DestructuringPattern and
     not this = any(PropertyPattern p).getValuePattern() and
     not this = any(ArrayPattern p).getAnElement()
   }
diff --git a/javascript/ql/src/semmle/javascript/Variables.qll b/javascript/ql/src/semmle/javascript/Variables.qll
index 2e2210f320e..1bad2e75d81 100644
--- a/javascript/ql/src/semmle/javascript/Variables.qll
+++ b/javascript/ql/src/semmle/javascript/Variables.qll
@@ -406,6 +406,8 @@ class BindingPattern extends @pattern, Expr {
   }
 }
 
+private class TDestructuringPattern = @arraypattern or @objectpattern;
+
 /**
  * A destructuring pattern, that is, either an array pattern or an object pattern.
  *
@@ -418,9 +420,9 @@ class BindingPattern extends @pattern, Expr {
  * }
  * ```
  */
-abstract class DestructuringPattern extends BindingPattern {
+class DestructuringPattern extends TDestructuringPattern, BindingPattern {
   /** Gets the rest pattern of this destructuring pattern, if any. */
-  abstract Expr getRest();
+  Expr getRest() { none() } // Overridden in subtypes.
 }
 
 /**

From 5727e6f9f8c76bf7f0f797c09ade540ad9457ee1 Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Tue, 4 Aug 2020 16:10:49 +0200
Subject: [PATCH 2/4] make CompoundAssignExpr non-abstract

---
 javascript/ql/src/semmle/javascript/Expr.qll | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/javascript/ql/src/semmle/javascript/Expr.qll b/javascript/ql/src/semmle/javascript/Expr.qll
index 652b60eac0a..cba8be4241f 100644
--- a/javascript/ql/src/semmle/javascript/Expr.qll
+++ b/javascript/ql/src/semmle/javascript/Expr.qll
@@ -1848,6 +1848,11 @@ class AssignExpr extends @assignexpr, Assignment {
   override Expr getUnderlyingValue() { result = getRhs().getUnderlyingValue() }
 }
 
+private class TCompoundAssignExpr =
+  @assignaddexpr or @assignsubexpr or @assignmulexpr or @assigndivexpr or @assignmodexpr or
+      @assignexpexpr or @assignlshiftexpr or @assignrshiftexpr or @assignurshiftexpr or
+      @assignorexpr or @assignxorexpr or @assignandexpr;
+
 /**
  * A compound assign expression.
  *
@@ -1858,7 +1863,7 @@ class AssignExpr extends @assignexpr, Assignment {
  * x /= 2
  * ```
  */
-abstract class CompoundAssignExpr extends Assignment { }
+class CompoundAssignExpr extends TCompoundAssignExpr, Assignment { }
 
 /**
  * A compound add-assign expression.

From 016bdc161486fd6e1923202e8208f6bf1187f50b Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Wed, 5 Aug 2020 09:59:30 +0200
Subject: [PATCH 3/4] make ControlStmt non abstract

---
 javascript/ql/src/semmle/javascript/Stmt.qll | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/javascript/ql/src/semmle/javascript/Stmt.qll b/javascript/ql/src/semmle/javascript/Stmt.qll
index b3c7730b673..6ddf3b0c33a 100644
--- a/javascript/ql/src/semmle/javascript/Stmt.qll
+++ b/javascript/ql/src/semmle/javascript/Stmt.qll
@@ -64,6 +64,13 @@ class Stmt extends @stmt, ExprOrStmt, Documentable {
   }
 }
 
+private class TControlStmt =
+  TLoopStmt or @ifstmt or @withstmt or @switchstmt or @trystmt or @catchclause;
+
+private class TLoopStmt = TEnhancedForLoop or @whilestmt or @dowhilestmt or @forstmt;
+
+private class TEnhancedForLoop = @forinstmt or @foreachstmt or @forofstmt;
+
 /**
  * A control statement, that is, is a loop, an if statement, a switch statement,
  * a with statement, a try statement, or a catch clause.
@@ -82,7 +89,7 @@ class Stmt extends @stmt, ExprOrStmt, Documentable {
  * }
  * ```
  */
-abstract class ControlStmt extends Stmt {
+class ControlStmt extends TControlStmt, Stmt {
   /** Gets a statement controlled by this control statement. */
   abstract Stmt getAControlledStmt();
 }
@@ -102,7 +109,7 @@ abstract class ControlStmt extends Stmt {
  * } while(++i < lines.length);
  * ```
  */
-abstract class LoopStmt extends ControlStmt {
+class LoopStmt extends TLoopStmt, ControlStmt {
   /** Gets the body of this loop. */
   abstract Stmt getBody();
 
@@ -801,7 +808,7 @@ class ForStmt extends @forstmt, LoopStmt {
  * }
  * ```
  */
-abstract class EnhancedForLoop extends LoopStmt {
+class EnhancedForLoop extends TEnhancedForLoop, LoopStmt {
   /**
    * Gets the iterator of this `for`-`in` or `for`-`of` loop; this can be either a
    * pattern, a property reference, or a variable declaration statement.

From 67c4320287400afcc99ffed5cb7057b2ccfeabea Mon Sep 17 00:00:00 2001
From: Erik Krogh Kristensen <erik-krogh@github.com>
Date: Wed, 5 Aug 2020 10:03:46 +0200
Subject: [PATCH 4/4] make JumpStmt non abstract

---
 javascript/ql/src/semmle/javascript/Stmt.qll | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/javascript/ql/src/semmle/javascript/Stmt.qll b/javascript/ql/src/semmle/javascript/Stmt.qll
index 6ddf3b0c33a..1033127755e 100644
--- a/javascript/ql/src/semmle/javascript/Stmt.qll
+++ b/javascript/ql/src/semmle/javascript/Stmt.qll
@@ -457,6 +457,10 @@ class LabeledStmt extends @labeledstmt, Stmt {
   Stmt getStmt() { result = getChildStmt(1) }
 }
 
+private class TJumpStmt = TBreakOrContinueStmt or @returnstmt or @throwstmt;
+
+private class TBreakOrContinueStmt = @breakstmt or @continuestmt;
+
 /**
  * A statement that disrupts structured control flow, that is, a `continue` statement,
  * a `break` statement, a `throw` statement, or a `return` statement.
@@ -470,7 +474,7 @@ class LabeledStmt extends @labeledstmt, Stmt {
  * return -1;
  * ```
  */
-abstract class JumpStmt extends Stmt {
+class JumpStmt extends TJumpStmt, Stmt {
   /**
    * Gets the target of this jump.
    *
@@ -497,7 +501,7 @@ abstract class JumpStmt extends Stmt {
  * break;
  * ```
  */
-abstract class BreakOrContinueStmt extends JumpStmt {
+class BreakOrContinueStmt extends TBreakOrContinueStmt, JumpStmt {
   /** Gets the label this statement refers to, if any. */
   string getTargetLabel() { result = getChildExpr(0).(Identifier).getName() }