From 54fa7cce62bfb8ea4330350824e1bcdc0ce14b48 Mon Sep 17 00:00:00 2001
From: Alwin Berger <alwin.berger@tu-dortmund.de>
Date: Tue, 21 May 2024 18:47:12 +0200
Subject: [PATCH] add edge filter

---
 fuzzers/FRET/Cargo.toml    | 2 +-
 fuzzers/FRET/src/fuzzer.rs | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/fuzzers/FRET/Cargo.toml b/fuzzers/FRET/Cargo.toml
index bd58cb2e76..b848c68db8 100644
--- a/fuzzers/FRET/Cargo.toml
+++ b/fuzzers/FRET/Cargo.toml
@@ -34,7 +34,7 @@ sched_afl = []
 sched_stg = []
 # overall_configs
 config_genetic = ["gensize_100","feed_genetic","sched_genetic"]
-config_afl = ["feed_afl","sched_afl"]
+config_afl = ["feed_afl","sched_afl","observe_hitcounts"]
 config_frafl = ["feed_afl","sched_afl","feed_longest"]
 config_stg = ["feed_stg","sched_stg"]
 
diff --git a/fuzzers/FRET/src/fuzzer.rs b/fuzzers/FRET/src/fuzzer.rs
index 9e47279172..52dadd5b30 100644
--- a/fuzzers/FRET/src/fuzzer.rs
+++ b/fuzzers/FRET/src/fuzzer.rs
@@ -376,8 +376,9 @@ pub fn fuzz() {
     #[cfg(feature = "observe_systemstate")]
     let mut api_ranges = get_all_fn_symbol_ranges(&elf, api_range);
 
-    #[cfg(feature = "observe_systemstate")]
     let mut isr_ranges : HashMap<String,std::ops::Range<GuestAddr>> = systemstate::helpers::ISR_SYMBOLS.iter().filter_map(|x| (api_ranges.get(&x.to_string()).map(|y| (x.to_string(),y.clone())))).collect();
+    let denylist=isr_ranges.values().map(|x| x.clone()).collect();
+    let denylist = QemuInstrumentationFilter::DenyList(denylist); // do not count isr jumps, which are useless
     #[cfg(feature = "observe_systemstate")]
     let mut isr_addreses : HashMap<GuestAddr, String> = systemstate::helpers::ISR_SYMBOLS.iter().filter_map(|x| (api_ranges.remove(&x.to_string()).map(|y| (y.start,x.to_string())))).collect();
 
@@ -595,7 +596,7 @@ pub fn fuzz() {
         #[cfg(feature = "observe_systemstate")]
         let qhelpers = (QemuSystemStateHelper::new(api_addreses,api_ranges,isr_addreses,isr_ranges,curr_tcb_pointer,task_queue_addr,task_delay_addr,task_delay_overflow_addr,scheduler_lock,scheduler_running, critical_section,input_counter_ptr,app_range.clone()), qhelpers);
         #[cfg(feature = "observe_edges")]
-        let qhelpers = (QemuEdgeCoverageHelper::default(), qhelpers);
+        let qhelpers = (QemuEdgeCoverageHelper::new(denylist), qhelpers);
         let qhelpers = (QemuStateRestoreHelper::new(), qhelpers);
 
         let mut hooks = QemuHooks::new(emu.clone(),qhelpers);