Add option to clear basic block history after each flush in DrCovModule (#3529)

saruman9 · web-flow · commit cd402f77f2fe · 2025-11-20T14:23:30.000+01:00
* feat(qemu): clean block ids history in DrCovModule after flush

* refactor(qemu): rename clean_ids method for DrCovModule
diff --git a/crates/libafl_qemu/src/modules/drcov.rs b/crates/libafl_qemu/src/modules/drcov.rs
@@ -30,7 +30,7 @@ use crate::{
 /// Trace of `block_id`s met at runtime
 static DRCOV_IDS: Mutex<Option<Vec<u64>>> = Mutex::new(None);
 
-///Map of `pc` -> `block_id`
+/// Map of `pc` -> `block_id`
 static DRCOV_MAP: Mutex<Option<HashMap<GuestAddr, u64>>> = Mutex::new(None);
 
 /// Map of `pc` -> `block_len`
@@ -60,6 +60,7 @@ pub struct DrCovModuleBuilder<F> {
     module_mapping: Option<RangeMap<u64, (u16, String)>>,
     path: Option<PathBuf>,
     full_trace: bool,
+    clean_on_flush: bool,
 }
 
 impl<F> DrCovModuleBuilder<F>
@@ -72,6 +73,7 @@ where
             self.path.unwrap(),
             self.module_mapping,
             self.full_trace,
+            self.clean_on_flush,
         )
     }
 
@@ -81,6 +83,7 @@ where
             module_mapping: self.module_mapping,
             path: self.path,
             full_trace: self.full_trace,
+            clean_on_flush: self.clean_on_flush,
         }
     }
 
@@ -91,6 +94,7 @@ where
             module_mapping: Some(module_mapping),
             path: self.path,
             full_trace: self.full_trace,
+            clean_on_flush: self.clean_on_flush,
         }
     }
 
@@ -101,6 +105,7 @@ where
             module_mapping: self.module_mapping,
             path: Some(path.into()),
             full_trace: self.full_trace,
+            clean_on_flush: self.clean_on_flush,
         }
     }
 
@@ -111,6 +116,19 @@ where
             module_mapping: self.module_mapping,
             path: self.path,
             full_trace,
+            clean_on_flush: self.clean_on_flush,
+        }
+    }
+
+    /// Clean trace history of `block_id`s met at runtime every time after flushing to a file.
+    #[must_use]
+    pub fn clean_on_flush(self, clean_on_flush: bool) -> Self {
+        Self {
+            filter: self.filter,
+            module_mapping: self.module_mapping,
+            path: self.path,
+            full_trace: true,
+            clean_on_flush,
         }
     }
 }
@@ -121,6 +139,7 @@ pub struct DrCovModule<F> {
     module_mapping: Option<RangeMap<u64, (u16, String)>>,
     path: PathBuf,
     full_trace: bool,
+    clean_on_flush: bool,
     drcov_len: usize,
 }
 
@@ -379,6 +398,7 @@ impl DrCovModule<NopAddressFilter> {
             filter: Some(NopAddressFilter),
             module_mapping: None,
             full_trace: false,
+            clean_on_flush: false,
             path: None,
         }
     }
@@ -391,6 +411,7 @@ impl<F> DrCovModule<F> {
         path: P,
         module_mapping: Option<RangeMap<u64, (u16, String)>>,
         full_trace: bool,
+        clean_on_flush: bool,
     ) -> Self {
         if full_trace {
             *DRCOV_IDS.lock().unwrap() = Some(vec![]);
@@ -404,6 +425,7 @@ impl<F> DrCovModule<F> {
             module_mapping,
             path: path.into(),
             full_trace,
+            clean_on_flush,
             drcov_len: 0,
         }
     }
@@ -466,7 +488,11 @@ impl<F> DrCovModule<F> {
                         .expect("Failed to write coverage file");
                 }
             }
-            self.drcov_len = DRCOV_IDS.lock().unwrap().as_ref().unwrap().len();
+            if self.clean_on_flush {
+                *DRCOV_IDS.lock().unwrap() = Some(vec![]);
+            } else {
+                self.drcov_len = DRCOV_IDS.lock().unwrap().as_ref().unwrap().len();
+            }
         } else {
             if DRCOV_MAP.lock().unwrap().as_ref().unwrap().len() > self.drcov_len {
                 let mut drcov_vec = Vec::<DrCovBasicBlock>::new();

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ use crate::{`
`30`	`30`	/// Trace of `block_id`s met at runtime
`31`	`31`	`static DRCOV_IDS: Mutex<Option<Vec<u64>>> = Mutex::new(None);`
`32`	`32`
`33`		-///Map of `pc` -> `block_id`
	`33`	+/// Map of `pc` -> `block_id`
`34`	`34`	`static DRCOV_MAP: Mutex<Option<HashMap<GuestAddr, u64>>> = Mutex::new(None);`
`35`	`35`
`36`	`36`	/// Map of `pc` -> `block_len`
`@@ -60,6 +60,7 @@ pub struct DrCovModuleBuilder<F> {`
`60`	`60`	`module_mapping: Option<RangeMap<u64, (u16, String)>>,`
`61`	`61`	`path: Option<PathBuf>,`
`62`	`62`	`full_trace: bool,`
	`63`	`+ clean_on_flush: bool,`
`63`	`64`	`}`
`64`	`65`
`65`	`66`	`impl<F> DrCovModuleBuilder<F>`
`@@ -72,6 +73,7 @@ where`
`72`	`73`	`self.path.unwrap(),`
`73`	`74`	`self.module_mapping,`
`74`	`75`	`self.full_trace,`
	`76`	`+ self.clean_on_flush,`
`75`	`77`	`)`
`76`	`78`	`}`
`77`	`79`
`@@ -81,6 +83,7 @@ where`
`81`	`83`	`module_mapping: self.module_mapping,`
`82`	`84`	`path: self.path,`
`83`	`85`	`full_trace: self.full_trace,`
	`86`	`+ clean_on_flush: self.clean_on_flush,`
`84`	`87`	`}`
`85`	`88`	`}`
`86`	`89`
`@@ -91,6 +94,7 @@ where`
`91`	`94`	`module_mapping: Some(module_mapping),`
`92`	`95`	`path: self.path,`
`93`	`96`	`full_trace: self.full_trace,`
	`97`	`+ clean_on_flush: self.clean_on_flush,`
`94`	`98`	`}`
`95`	`99`	`}`
`96`	`100`
`@@ -101,6 +105,7 @@ where`
`101`	`105`	`module_mapping: self.module_mapping,`
`102`	`106`	`path: Some(path.into()),`
`103`	`107`	`full_trace: self.full_trace,`
	`108`	`+ clean_on_flush: self.clean_on_flush,`
`104`	`109`	`}`
`105`	`110`	`}`
`106`	`111`
`@@ -111,6 +116,19 @@ where`
`111`	`116`	`module_mapping: self.module_mapping,`
`112`	`117`	`path: self.path,`
`113`	`118`	`full_trace,`
	`119`	`+ clean_on_flush: self.clean_on_flush,`
	`120`	`+ }`
	`121`	`+ }`
	`122`	`+`
	`123`	+ /// Clean trace history of `block_id`s met at runtime every time after flushing to a file.
	`124`	`+ #[must_use]`
	`125`	`+ pub fn clean_on_flush(self, clean_on_flush: bool) -> Self {`
	`126`	`+ Self {`
	`127`	`+ filter: self.filter,`
	`128`	`+ module_mapping: self.module_mapping,`
	`129`	`+ path: self.path,`
	`130`	`+ full_trace: true,`
	`131`	`+ clean_on_flush,`
`114`	`132`	`}`
`115`	`133`	`}`
`116`	`134`	`}`
`@@ -121,6 +139,7 @@ pub struct DrCovModule<F> {`
`121`	`139`	`module_mapping: Option<RangeMap<u64, (u16, String)>>,`
`122`	`140`	`path: PathBuf,`
`123`	`141`	`full_trace: bool,`
	`142`	`+ clean_on_flush: bool,`
`124`	`143`	`drcov_len: usize,`
`125`	`144`	`}`
`126`	`145`
`@@ -379,6 +398,7 @@ impl DrCovModule<NopAddressFilter> {`
`379`	`398`	`filter: Some(NopAddressFilter),`
`380`	`399`	`module_mapping: None,`
`381`	`400`	`full_trace: false,`
	`401`	`+ clean_on_flush: false,`
`382`	`402`	`path: None,`
`383`	`403`	`}`
`384`	`404`	`}`
`@@ -391,6 +411,7 @@ impl<F> DrCovModule<F> {`
`391`	`411`	`path: P,`
`392`	`412`	`module_mapping: Option<RangeMap<u64, (u16, String)>>,`
`393`	`413`	`full_trace: bool,`
	`414`	`+ clean_on_flush: bool,`
`394`	`415`	`) -> Self {`
`395`	`416`	`if full_trace {`
`396`	`417`	`*DRCOV_IDS.lock().unwrap() = Some(vec![]);`
`@@ -404,6 +425,7 @@ impl<F> DrCovModule<F> {`
`404`	`425`	`module_mapping,`
`405`	`426`	`path: path.into(),`
`406`	`427`	`full_trace,`
	`428`	`+ clean_on_flush,`
`407`	`429`	`drcov_len: 0,`
`408`	`430`	`}`
`409`	`431`	`}`
`@@ -466,7 +488,11 @@ impl<F> DrCovModule<F> {`
`466`	`488`	`.expect("Failed to write coverage file");`
`467`	`489`	`}`
`468`	`490`	`}`
`469`		`- self.drcov_len = DRCOV_IDS.lock().unwrap().as_ref().unwrap().len();`
	`491`	`+ if self.clean_on_flush {`
	`492`	`+ *DRCOV_IDS.lock().unwrap() = Some(vec![]);`
	`493`	`+ } else {`
	`494`	`+ self.drcov_len = DRCOV_IDS.lock().unwrap().as_ref().unwrap().len();`
	`495`	`+ }`
`470`	`496`	`} else {`
`471`	`497`	`if DRCOV_MAP.lock().unwrap().as_ref().unwrap().len() > self.drcov_len {`
`472`	`498`	`let mut drcov_vec = Vec::<DrCovBasicBlock>::new();`