recon-generate 0.0.17 → 0.0.19

package/dist/info.js

@@ -34,25 +34,12 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.runInfo = void 0;
-const child_process_1 = require("child_process");
 const fs = __importStar(require("fs/promises"));
 const path = __importStar(require("path"));
 const solc_typed_ast_1 = require("solc-typed-ast");
 const utils_1 = require("./utils");
 const z3Solver_1 = require("./z3Solver");
 const call_tree_builder_1 = require("./analyzer/call-tree-builder");
-const runCmd = (cmd, cwd) => {
-    return new Promise((resolve, reject) => {
-        (0, child_process_1.exec)(cmd, { cwd, env: { ...process.env, PATH: (0, utils_1.getEnvPath)() } }, (err, _stdout, stderr) => {
-            if (err) {
-                reject(new Error(stderr || err.message));
-            }
-            else {
-                resolve();
-            }
-        });
-    });
-};
 const loadLatestBuildInfo = async (foundryRoot) => {
     var _a;
     const outDir = path.join(foundryRoot, 'out');

package/dist/sourcemap.d.ts

@@ -0,0 +1,14 @@
+#!/usr/bin/env node
+/**
+ * Recon Expander
+ *
+ * Generates CFGs and coverage-map.json for coverage-directed fuzzing.
+ * Auto-detects Foundry project in current directory or parent directories.
+ *
+ * Usage: recon-expander
+ */
+export interface SourcemapOptions {
+    outputDir?: string;
+    verbose?: boolean;
+}
+export declare function runSourcemap(foundryRoot: string, options?: SourcemapOptions): Promise<void>;

package/dist/sourcemap.js

@@ -0,0 +1,317 @@
+#!/usr/bin/env node
+"use strict";
+/**
+ * Recon Expander
+ *
+ * Generates CFGs and coverage-map.json for coverage-directed fuzzing.
+ * Auto-detects Foundry project in current directory or parent directories.
+ *
+ * Usage: recon-expander
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runSourcemap = runSourcemap;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const solc_typed_ast_1 = require("solc-typed-ast");
+const utils_1 = require("./utils");
+const call_tree_builder_1 = require("./analyzer/call-tree-builder");
+const cfg_1 = require("./cfg");
+// Functions to exclude from CFG analysis (harness setup, not coverage targets)
+const EXCLUDED_FUNCTIONS = new Set([
+    'setUp', 'targetContracts', 'targetSelectors', 'targetSenders',
+    'targetInterfaces', 'targetArtifacts', 'targetArtifactSelectors',
+    'excludeContracts', 'excludeSelectors', 'excludeSenders',
+    'excludeArtifacts', 'excludeArtifactSelectors', 'vm', 'kevm', 'stdstore',
+    'stdChainsInitialized', 'stdChains'
+]);
+// ============================================================================
+// Project Detection
+// ============================================================================
+function findFoundryProject(startDir = process.cwd()) {
+    let dir = startDir;
+    while (dir !== path.dirname(dir)) {
+        if (fs.existsSync(path.join(dir, 'foundry.toml'))) {
+            return dir;
+        }
+        dir = path.dirname(dir);
+    }
+    return null;
+}
+function findBuildInfo(projectDir) {
+    const buildInfoDir = path.join(projectDir, 'out', 'build-info');
+    if (!fs.existsSync(buildInfoDir))
+        return null;
+    const files = fs.readdirSync(buildInfoDir).filter(f => f.endsWith('.json'));
+    if (files.length === 0)
+        return null;
+    // Return the most recent build-info file
+    const sorted = files.sort((a, b) => {
+        const statA = fs.statSync(path.join(buildInfoDir, a));
+        const statB = fs.statSync(path.join(buildInfoDir, b));
+        return statB.mtimeMs - statA.mtimeMs;
+    });
+    return path.join(buildInfoDir, sorted[0]);
+}
+function loadBuildInfo(buildInfoPath) {
+    const content = fs.readFileSync(buildInfoPath, 'utf-8');
+    const buildInfo = JSON.parse(content);
+    return buildInfo.output || buildInfo;
+}
+function getAllSourceContracts(sourceUnits, astData) {
+    const results = [];
+    const sources = astData.sources || {};
+    for (const su of sourceUnits) {
+        const sourcePath = Object.keys(sources).find(key => {
+            var _a;
+            const src = sources[key];
+            return ((_a = src === null || src === void 0 ? void 0 : src.ast) === null || _a === void 0 ? void 0 : _a.id) === su.id;
+        }) || '';
+        // Only include contracts from src/ directory
+        if (!sourcePath.startsWith('src/'))
+            continue;
+        for (const contract of su.vContracts) {
+            if (contract.kind === solc_typed_ast_1.ContractKind.Interface || contract.abstract)
+                continue;
+            if (contract.kind === solc_typed_ast_1.ContractKind.Library)
+                continue;
+            results.push({ contract, sourcePath });
+        }
+    }
+    return results;
+}
+// ============================================================================
+// Call Tree Building
+// ============================================================================
+function buildCallTreesForContract(contract) {
+    const callTrees = [];
+    const inheritedFunctions = (0, utils_1.getDefinitions)(contract, 'vFunctions', false).reverse();
+    const processedSignatures = new Set();
+    for (const func of [...contract.vFunctions, ...inheritedFunctions]) {
+        if (!func.implemented || !func.vBody)
+            continue;
+        if (EXCLUDED_FUNCTIONS.has(func.name))
+            continue;
+        const signature = (0, utils_1.getSignature)(func);
+        if (processedSignatures.has(signature))
+            continue;
+        processedSignatures.add(signature);
+        if (func.visibility === solc_typed_ast_1.FunctionVisibility.Public ||
+            func.visibility === solc_typed_ast_1.FunctionVisibility.External) {
+            const context = {
+                nodeCounter: { value: 0 },
+                contract,
+                callStack: [],
+                activeNodes: new Map()
+            };
+            const callTree = (0, call_tree_builder_1.buildCallTree)(func, [], undefined, undefined, context);
+            callTrees.push({ contract: contract.name, function: func, callTree });
+        }
+    }
+    return callTrees;
+}
+async function runSourcemap(foundryRoot, options = {}) {
+    var _a, _b;
+    const { verbose = false } = options;
+    console.log(`\n🚀 Recon-Expander: Coverage Map Generation`);
+    console.log('═'.repeat(60));
+    const projectDir = foundryRoot;
+    const outputDir = options.outputDir || path.join(projectDir, '.recon');
+    if (verbose) {
+        console.log(`[VERBOSE] Foundry root: ${foundryRoot}`);
+        console.log(`[VERBOSE] Output dir: ${outputDir}`);
+    }
+    console.log(`📁 Project: ${projectDir}`);
+    console.log(`📂 Output:  ${outputDir}`);
+    const startTime = Date.now();
+    // Find build info
+    const buildInfoPath = findBuildInfo(projectDir);
+    if (!buildInfoPath) {
+        throw new Error(`No build-info found in ${projectDir}/out/build-info/. Run "forge build" first to generate build artifacts.`);
+    }
+    console.log(`📂 Found build-info: ${path.basename(buildInfoPath)}`);
+    // Load AST
+    const astData = loadBuildInfo(buildInfoPath);
+    const reader = new solc_typed_ast_1.ASTReader();
+    const skipPatterns = ['forge-std/', 'lib/forge-std/'];
+    const filteredSources = {};
+    for (const [key, content] of Object.entries(astData.sources)) {
+        const shouldSkip = skipPatterns.some(p => key.includes(p));
+        if (shouldSkip)
+            continue;
+        const ast = content.ast || content.legacyAST;
+        if (ast && (ast.nodeType === 'SourceUnit' || ast.name === 'SourceUnit')) {
+            filteredSources[key] = content;
+        }
+    }
+    const sourceUnits = reader.read({ sources: filteredSources });
+    // Get all source contracts
+    const srcContracts = getAllSourceContracts(sourceUnits, astData);
+    console.log(`\n🎯 Found ${srcContracts.length} contracts under src/`);
+    // Create output directory
+    if (!fs.existsSync(outputDir)) {
+        fs.mkdirSync(outputDir, { recursive: true });
+    }
+    // Step 1: Build CFGs
+    console.log(`\n${'─'.repeat(60)}`);
+    console.log(`📊 Step 1/3: Generating Control Flow Graphs...`);
+    console.log(`${'─'.repeat(60)}`);
+    let totalFunctions = 0;
+    let totalPaths = 0;
+    let totalEdges = 0;
+    const results = [];
+    for (const { contract } of srcContracts) {
+        try {
+            const callTrees = buildCallTreesForContract(contract);
+            if (callTrees.length === 0)
+                continue;
+            const { module, sexpr } = (0, cfg_1.buildAndEmitCFG)(contract, callTrees);
+            const summary = (0, cfg_1.getCoverageSummary)(module);
+            const outFile = path.join(outputDir, `${contract.name}.cfg.sexp`);
+            fs.writeFileSync(outFile, sexpr);
+            totalFunctions += module.functions.length;
+            totalPaths += summary.totalPaths;
+            totalEdges += summary.totalEdges;
+            results.push({ name: contract.name, funcs: module.functions.length, paths: summary.totalPaths });
+        }
+        catch (e) {
+            console.log(`   ⚠️  Skipped ${contract.name}: ${e.message}`);
+        }
+    }
+    console.log(`   ✅ ${results.length} contracts, ${totalFunctions} functions, ${totalPaths} paths`);
+    // Write aggregate manifest
+    const aggregateManifest = {
+        generated: new Date().toISOString(),
+        totalContracts: results.length,
+        totalFunctions,
+        totalPaths,
+        totalEdges,
+        contracts: results.map(r => ({ name: r.name, functions: r.funcs, paths: r.paths }))
+    };
+    fs.writeFileSync(path.join(outputDir, 'manifest.json'), JSON.stringify(aggregateManifest, null, 2));
+    // Step 2: Generate Branch Mappings
+    console.log(`\n${'─'.repeat(60)}`);
+    console.log(`🗺️  Step 2/3: Generating Branch Mappings...`);
+    console.log(`${'─'.repeat(60)}`);
+    const { loadBuildInfoSourceMaps, generateBranchMapping } = await Promise.resolve().then(() => __importStar(require('./cfg/sourcemap')));
+    const sourceMaps = loadBuildInfoSourceMaps(buildInfoPath);
+    const contractsToProcess = Array.from(sourceMaps.keys()).filter(name => {
+        const mapData = sourceMaps.get(name);
+        return mapData && mapData.sourceFile.startsWith('src/');
+    });
+    // Build source contents for line number calculation
+    const sourceContents = new Map();
+    const sourceList = astData.sourceList || Object.keys(astData.sources || {});
+    for (let i = 0; i < sourceList.length; i++) {
+        const sourcePath = sourceList[i];
+        const fullPath = path.join(projectDir, sourcePath);
+        if (fs.existsSync(fullPath)) {
+            sourceContents.set(i, fs.readFileSync(fullPath, 'utf-8'));
+        }
+    }
+    const allBranches = [];
+    let totalBranches = 0;
+    for (const contractName of contractsToProcess) {
+        const mapData = sourceMaps.get(contractName);
+        if (!mapData)
+            continue;
+        const ast = (_b = (_a = astData.sources) === null || _a === void 0 ? void 0 : _a[mapData.sourceFile]) === null || _b === void 0 ? void 0 : _b.ast;
+        const branchMapping = generateBranchMapping(contractName, mapData.bytecode, mapData.sourceMap, mapData.sourceFile, ast, undefined, sourceContents);
+        allBranches.push(branchMapping);
+        totalBranches += branchMapping.branches.length;
+    }
+    const branchManifest = {
+        generated: new Date().toISOString(),
+        totalContracts: contractsToProcess.length,
+        totalBranches,
+        contracts: allBranches
+    };
+    fs.writeFileSync(path.join(outputDir, 'branches.json'), JSON.stringify(branchManifest, null, 2));
+    console.log(`   ✅ ${contractsToProcess.length} contracts, ${totalBranches} branches`);
+    // Step 3: Generate Edge Mappings and Unified Coverage Map
+    console.log(`\n${'─'.repeat(60)}`);
+    console.log(`🔗 Step 3/3: Generating Coverage Map...`);
+    console.log(`${'─'.repeat(60)}`);
+    let edgeMappingsData = null;
+    const cfgFiles = fs.readdirSync(outputDir).filter(f => f.endsWith('.cfg.sexp'));
+    const contractNames = cfgFiles.map(f => f.replace('.cfg.sexp', ''));
+    if (contractNames.length > 0) {
+        try {
+            const { generateEdgeMappings } = await Promise.resolve().then(() => __importStar(require('./cfg/edge-mapper')));
+            const result = await generateEdgeMappings(outputDir, contractNames);
+            console.log(`   📍 ${result.totalContracts} contracts, ${result.totalEdges} edges`);
+            const edgeMappingsPath = path.join(outputDir, 'edge-mappings.json');
+            if (fs.existsSync(edgeMappingsPath)) {
+                edgeMappingsData = JSON.parse(fs.readFileSync(edgeMappingsPath, 'utf-8'));
+            }
+        }
+        catch (e) {
+            console.log(`   ⚠️  Edge mapping failed: ${e.message}`);
+        }
+    }
+    // Generate unified coverage map
+    try {
+        const { createUnifiedFromMemory, writeUnifiedCoverageMap } = await Promise.resolve().then(() => __importStar(require('./cfg/unified-coverage')));
+        const unifiedManifest = createUnifiedFromMemory(branchManifest, edgeMappingsData);
+        writeUnifiedCoverageMap(outputDir, unifiedManifest);
+        console.log(`   📈 coverage-map.json: ${unifiedManifest.totalBranches} branches, ${unifiedManifest.totalEdges} edges`);
+    }
+    catch (e) {
+        console.log(`   ⚠️  Unified coverage map failed: ${e.message}`);
+    }
+    // Final summary
+    const elapsed = ((Date.now() - startTime) / 1000).toFixed(2);
+    console.log(`\n${'═'.repeat(60)}`);
+    console.log(`✅ Done in ${elapsed}s`);
+    console.log(`${'═'.repeat(60)}`);
+    console.log(`\n📁 Output: ${outputDir}/`);
+    console.log(`   ├── coverage-map.json   ← Fuzzer reads this`);
+    console.log(`   ├── *.cfg.sexp          CFG for solver`);
+    console.log(`   └── manifest.json       Stats`);
+    console.log(`\n💡 Usage: recon <project> --cfgDirectedEnable=true`);
+}
+// CLI entry point when run directly
+if (require.main === module) {
+    const projectDir = findFoundryProject();
+    if (!projectDir) {
+        console.error(`❌ No Foundry project found (no foundry.toml)`);
+        console.error(`   Run this command from within a Foundry project directory.`);
+        process.exit(1);
+    }
+    runSourcemap(projectDir).catch(err => {
+        console.error('Error:', err.message || err);
+        process.exit(1);
+    });
+}

package/dist/types.d.ts

@@ -64,3 +64,8 @@ export type CallTree = {
     isRecursive?: boolean;
     recursiveTargetNodeId?: number;
 };
+export type CallTreeData = {
+    contract: string;
+    function: FunctionDefinition;
+    callTree: CallTree;
+};

package/dist/wakeGenerator.js

@@ -390,7 +390,7 @@ class WakeGenerator {
             }
             const hasCreationCode = typeof c.creation_code === 'string' && c.creation_code.trim().length > 0;
             if (!hasCreationCode) {
-                this.logDebug('Skipping contract without creation code (likely abstract)', { contract: c.name, module: c.module });
+                this.logDebug('Skipping contract without creation code (abstract)', { contract: c.name, module: c.module });
                 continue;
             }
             if (!this.isContractAllowed(c.name)) {
@@ -481,6 +481,7 @@ class WakeGenerator {
             if (!explicitlyIncluded && isInterface) {
                 return false;
             }
+            // Always filter abstract contracts (no creation code), even if explicitly included
             const hasCreationCode = typeof c.creation_code === 'string' && c.creation_code.trim().length > 0;
             if (!hasCreationCode) {
                 return false;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "recon-generate",
-  "version": "0.0.17",
+  "version": "0.0.19",
   "description": "CLI to scaffold Recon fuzzing suite inside Foundry projects",
   "main": "dist/index.js",
   "bin": {
@@ -23,6 +23,7 @@
     "abi-to-mock": "^1.0.4",
     "case": "^1.6.3",
     "commander": "^14.0.2",
+    "ethers": "^6.16.0",
     "handlebars": "^4.7.8",
     "solc-typed-ast": "^19.1.0",
     "src-location": "^1.1.0",