diff --git a/src/agent/coverage/src/allowlist.rs b/src/agent/coverage/src/allowlist.rs
index 2c67130375..11996f3b68 100644
--- a/src/agent/coverage/src/allowlist.rs
+++ b/src/agent/coverage/src/allowlist.rs
@@ -74,12 +74,13 @@ impl AllowList {
         self.allow.is_match(path) && !self.deny.is_match(path)
     }
 
-    /// Build a new `Allowlist` that adds the allow and deny rules of `other` to `self`.
-    pub fn extend(&self, other: &Self) -> Self {
+    /// Modifies the AllowList by adding the allow and deny rules of `other` to `self`.
+    pub fn extend_in_place(&mut self, other: &Self) {
         let allow = add_regexsets(&self.allow, &other.allow);
         let deny = add_regexsets(&self.deny, &other.deny);
 
-        AllowList::new(allow, deny)
+        self.allow = allow;
+        self.deny = deny;
     }
 }
 
diff --git a/src/agent/coverage/src/allowlist/tests.rs b/src/agent/coverage/src/allowlist/tests.rs
index 8d22d93962..236a4518fe 100644
--- a/src/agent/coverage/src/allowlist/tests.rs
+++ b/src/agent/coverage/src/allowlist/tests.rs
@@ -121,7 +121,7 @@ fn test_allow_glob_extension() -> Result<()> {
 fn test_allowlist_extend() -> Result<()> {
     let baseline_text = "! bad/*
 other/*";
-    let baseline = AllowList::parse(baseline_text)?;
+    let mut baseline = AllowList::parse(baseline_text)?;
 
     assert!(!baseline.is_allowed("bad/a"));
     assert!(!baseline.is_allowed("bad/b"));
@@ -144,20 +144,20 @@ bad/*
     assert!(!provided.is_allowed("other/a"));
     assert!(!provided.is_allowed("other/b"));
 
-    let extended = baseline.extend(&provided);
+    baseline.extend_in_place(&provided);
 
     // Deny rules from `baseline` should not be overridden by `provided`, but
     // allow rules should be.
     //
     // A provided allowlist can deny patterns that are baseline-allowed, but
     // cannot allow patterns that are baseline-denied.
-    assert!(!extended.is_allowed("bad/a"));
-    assert!(!extended.is_allowed("bad/b"));
-    assert!(extended.is_allowed("good/a"));
-    assert!(extended.is_allowed("good/b"));
-    assert!(extended.is_allowed("good/bad/c"));
-    assert!(!extended.is_allowed("other/a"));
-    assert!(!extended.is_allowed("other/b"));
+    assert!(!baseline.is_allowed("bad/a"));
+    assert!(!baseline.is_allowed("bad/b"));
+    assert!(baseline.is_allowed("good/a"));
+    assert!(baseline.is_allowed("good/b"));
+    assert!(baseline.is_allowed("good/bad/c"));
+    assert!(!baseline.is_allowed("other/a"));
+    assert!(!baseline.is_allowed("other/b"));
 
     Ok(())
 }
diff --git a/src/agent/onefuzz-task/src/tasks/coverage/generic.rs b/src/agent/onefuzz-task/src/tasks/coverage/generic.rs
index 53a45e9948..704188293b 100644
--- a/src/agent/onefuzz-task/src/tasks/coverage/generic.rs
+++ b/src/agent/onefuzz-task/src/tasks/coverage/generic.rs
@@ -199,7 +199,9 @@ impl CoverageTask {
             // process startup functions. Setting software breakpoints in these functions breaks
             // interceptor init, and causes test case execution to diverge.
             let interceptor_denylist = AllowList::parse(WINDOWS_INTERCEPTOR_DENYLIST)?;
-            allowlist.source_files.extend(&interceptor_denylist);
+            allowlist
+                .source_files
+                .extend_in_place(&interceptor_denylist);
         }
 
         Ok(allowlist)