Add coverage report filtering option (#663)

elopez · anishnaik · web-flow · commit 40654baf9db9 · 2025-08-21T13:51:57.000-04:00
This option takes a list of globs and removes those files from coverage reports. Example: `["lib/**/*", "test/**/*"]` Closes: #644 Co-authored-by: Anish Naik <anish.naik@trailofbits.com>
diff --git a/fuzzing/config/config.go b/fuzzing/config/config.go
@@ -70,6 +70,10 @@ type FuzzingConfig struct {
 	// CoverageFormats indicate which reports to generate: "lcov" and "html" are supported.
 	CoverageFormats []string `json:"coverageFormats"`
 
+	// CoverageExclusions defines file/directory patterns to exclude from coverage reports.
+	// Supports glob patterns like "lib/**", "test/helpers/**", "*.generated.sol"
+	CoverageExclusions []string `json:"coverageExclusions"`
+
 	// RevertReporterEnabled determines whether revert metrics should be collected and reported.
 	RevertReporterEnabled bool `json:"revertReporterEnabled"`
 
diff --git a/fuzzing/config/config_defaults.go b/fuzzing/config/config_defaults.go
@@ -53,6 +53,7 @@ func GetDefaultProjectConfig(platform string) (*ProjectConfig, error) {
 			CorpusDirectory:         "",
 			CoverageEnabled:         true,
 			CoverageFormats:         []string{"html", "lcov"},
+			CoverageExclusions:      []string{},
 			SenderAddresses: []string{
 				"0x10000",
 				"0x20000",
diff --git a/fuzzing/coverage/source_analysis.go b/fuzzing/coverage/source_analysis.go
@@ -4,8 +4,11 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"os"
+	"path/filepath"
 	"sort"
 
+	"github.com/bmatcuk/doublestar/v4"
 	"github.com/crytic/medusa-geth/core/vm"
 	"github.com/crytic/medusa/compilation/types"
 	"github.com/crytic/medusa/logging"
@@ -58,6 +61,52 @@ func (s *SourceAnalysis) CoveredLineCount() int {
 	return count
 }
 
+// shouldExcludeFile checks if a file path matches any of the exclusion patterns
+func shouldExcludeFile(filePath string, exclusionPatterns []string) bool {
+	for _, pattern := range exclusionPatterns {
+		if matched, err := doublestar.Match(pattern, filePath); err == nil && matched {
+			return true
+		}
+	}
+	return false
+}
+
+// filterExcludedFiles removes files matching exclusion patterns from the source analysis.
+// Pattern matching is performed on relative paths (relative to current working directory)
+// to match the behavior of the coverage report display.
+func (s *SourceAnalysis) filterExcludedFiles(exclusionPatterns []string) {
+	if len(exclusionPatterns) == 0 {
+		return
+	}
+
+	// Get current working directory to convert absolute paths to relative paths
+	// This ensures pattern matching works on the same relative paths shown in reports
+	cwd, err := os.Getwd()
+	if err != nil {
+		// If we can't get the working directory, skip filtering to avoid issues
+		return
+	}
+
+	// Create a new map without excluded files
+	filteredFiles := make(map[string]*SourceFileAnalysis)
+
+	for filePath, fileAnalysis := range s.Files {
+		// Convert to relative path for pattern matching (same logic as in report template)
+		relativePath := filePath
+		if relPath, err := filepath.Rel(cwd, filePath); err == nil {
+			relativePath = relPath
+		}
+
+		// Keep the file if it doesn't match any exclusion pattern
+		if !shouldExcludeFile(relativePath, exclusionPatterns) {
+			filteredFiles[filePath] = fileAnalysis
+		}
+	}
+
+	// Replace the original files map with filtered results
+	s.Files = filteredFiles
+}
+
 // GenerateLCOVReport generates an LCOV report from the source analysis.
 // The spec of the format is here https://github.com/linux-test-project/lcov/blob/07a1127c2b4390abf4a516e9763fb28a956a9ce4/man/geninfo.1#L989
 func (s *SourceAnalysis) GenerateLCOVReport() string {
@@ -214,10 +263,10 @@ func GetUniquePCsCount(compilations []types.Compilation, coverageMaps *CoverageM
 	return uniquePCs, nil
 }
 
-// AnalyzeSourceCoverage takes a list of compilations and a set of coverage maps, and performs source analysis
-// to determine source coverage information.
+// AnalyzeSourceCoverage takes a list of compilations, coverage maps, and exclusion patterns, then performs source analysis
+// to determine source coverage information. Files matching the exclusion patterns will be filtered out from the results.
 // Returns a SourceAnalysis object, or an error if one occurs.
-func AnalyzeSourceCoverage(compilations []types.Compilation, coverageMaps *CoverageMaps, logger *logging.Logger) (*SourceAnalysis, error) {
+func AnalyzeSourceCoverage(compilations []types.Compilation, coverageMaps *CoverageMaps, exclusionPatterns []string, logger *logging.Logger) (*SourceAnalysis, error) {
 	// Create a new source analysis object
 	sourceAnalysis := &SourceAnalysis{
 		Files: make(map[string]*SourceFileAnalysis),
@@ -323,6 +372,10 @@ func AnalyzeSourceCoverage(compilations []types.Compilation, coverageMaps *Cover
 			}
 		}
 	}
+
+	// Apply exclusion filtering if patterns are provided
+	sourceAnalysis.filterExcludedFiles(exclusionPatterns)
+
 	return sourceAnalysis, nil
 }
 
diff --git a/fuzzing/fuzzer.go b/fuzzing/fuzzer.go
@@ -1022,7 +1022,7 @@ func (f *Fuzzer) Start() error {
 		if f.config.Fuzzing.CorpusDirectory != "" {
 			coverageReportDir = filepath.Join(f.config.Fuzzing.CorpusDirectory, "coverage")
 		}
-		sourceAnalysis, err := coverage.AnalyzeSourceCoverage(f.compilations, f.corpus.CoverageMaps(), f.logger)
+		sourceAnalysis, err := coverage.AnalyzeSourceCoverage(f.compilations, f.corpus.CoverageMaps(), f.config.Fuzzing.CoverageExclusions, f.logger)
 
 		if err != nil {
 			f.logger.Error("Failed to analyze source coverage", err)
diff --git a/go.mod b/go.mod
@@ -6,6 +6,7 @@ toolchain go1.23.3
 
 require (
 	github.com/Masterminds/semver v1.5.0
+	github.com/bmatcuk/doublestar/v4 v4.9.1
 	github.com/crytic/medusa-geth v0.0.0-20250423141023-d818338d6925
 	github.com/fxamacker/cbor v1.5.1
 	github.com/google/uuid v1.6.0
diff --git a/go.sum b/go.sum
@@ -12,6 +12,8 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/bits-and-blooms/bitset v1.22.0 h1:Tquv9S8+SGaS3EhyA+up3FXzmkhxPGjQQCkcs2uw7w4=
 github.com/bits-and-blooms/bitset v1.22.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
+github.com/bmatcuk/doublestar/v4 v4.9.1 h1:X8jg9rRZmJd4yRy7ZeNDRnM+T3ZfHv15JiBJ/avrEXE=
+github.com/bmatcuk/doublestar/v4 v4.9.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc=
 github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=

Original file line number	Diff line number	Diff line change
`@@ -1022,7 +1022,7 @@ func (f *Fuzzer) Start() error {`
`1022`	`1022`	`if f.config.Fuzzing.CorpusDirectory != "" {`
`1023`	`1023`	`coverageReportDir = filepath.Join(f.config.Fuzzing.CorpusDirectory, "coverage")`
`1024`	`1024`	`}`
`1025`		`- sourceAnalysis, err := coverage.AnalyzeSourceCoverage(f.compilations, f.corpus.CoverageMaps(), f.logger)`
	`1025`	`+ sourceAnalysis, err := coverage.AnalyzeSourceCoverage(f.compilations, f.corpus.CoverageMaps(), f.config.Fuzzing.CoverageExclusions, f.logger)`
`1026`	`1026`
`1027`	`1027`	`if err != nil {`
`1028`	`1028`	`f.logger.Error("Failed to analyze source coverage", err)`