[libFuzzer] fix an UB (invalid shift) spotted by ubsan. The code worked fine by luck, because the way shifts actually work on clang+x86

llvm-svn: 289607
author: Kostya Serebryany <kcc@google.com> 2016-12-13 22:49:14 +0000
committer: Kostya Serebryany <kcc@google.com> 2016-12-13 22:49:14 +0000
commit: f6f82c2cc8a3dc8584cf19e521da93a8d17ba9eb (patch)
tree: b8280c2783c9c73ad88743ad3b0aa60a893bbbb7 /llvm
parent: f775dbb5f48d45da560f9a8bae54facff0a4d5f7 (diff)
download: bcm5719-llvm-f6f82c2cc8a3dc8584cf19e521da93a8d17ba9eb.tar.gz
bcm5719-llvm-f6f82c2cc8a3dc8584cf19e521da93a8d17ba9eb.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/llvm/lib/Fuzzer/FuzzerTracePC.h b/llvm/lib/Fuzzer/FuzzerTracePC.h
index df037390c2a..e3f6f10a36f 100644
--- a/llvm/lib/Fuzzer/FuzzerTracePC.h
+++ b/llvm/lib/Fuzzer/FuzzerTracePC.h
@@ -126,7 +126,7 @@ size_t TracePC::CollectFeatures(Callback CB) {
     uint64_t Bundle = *reinterpret_cast<uint64_t*>(&Counters[Idx]);
     if (!Bundle) continue;
     for (size_t i = Idx; i < Idx + Step; i++) {
-      uint8_t Counter = (Bundle >> (i * 8)) & 0xff;
+      uint8_t Counter = (Bundle >> ((i - Idx) * 8)) & 0xff;
       if (!Counter) continue;
       Counters[i] = 0;
       unsigned Bit = 0;
author	Kostya Serebryany <kcc@google.com>	2016-12-13 22:49:14 +0000
committer	Kostya Serebryany <kcc@google.com>	2016-12-13 22:49:14 +0000
commit	f6f82c2cc8a3dc8584cf19e521da93a8d17ba9eb (patch)
tree	b8280c2783c9c73ad88743ad3b0aa60a893bbbb7 /llvm
parent	f775dbb5f48d45da560f9a8bae54facff0a4d5f7 (diff)
download	bcm5719-llvm-f6f82c2cc8a3dc8584cf19e521da93a8d17ba9eb.tar.gz bcm5719-llvm-f6f82c2cc8a3dc8584cf19e521da93a8d17ba9eb.zip