[libFuzzer] implement more correct way of computing feature index for…

… Inline8bitCounters

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@309647 91177308-0d34-0410-b5e6-96231b3b80d8

lib/Fuzzer/FuzzerTracePC.h

@@ -164,7 +164,8 @@ class TracePC {
   uintptr_t InitialStack, LowestStack;  // Assume stack grows down.
 };
 
-template <class Callback> // void Callback(size_t Idx, uint8_t Value);
+template <class Callback>
+// void Callback(size_t FirstFeature, size_t Idx, uint8_t Value);
 ATTRIBUTE_NO_SANITIZE_ALL
 void ForEachNonZeroByte(const uint8_t *Begin, const uint8_t *End,
                         size_t FirstFeature, Callback Handle8bitCounter) {
@@ -175,19 +176,19 @@ void ForEachNonZeroByte(const uint8_t *Begin, const uint8_t *End,
   // Iterate by 1 byte until either the alignment boundary or the end.
   for (; reinterpret_cast<uintptr_t>(P) & StepMask && P < End; P++)
     if (uint8_t V = *P)
-      Handle8bitCounter(FirstFeature + P - Begin, V);
+      Handle8bitCounter(FirstFeature, P - Begin, V);
 
   // Iterate by Step bytes at a time.
   for (; P < End; P += Step)
     if (LargeType Bundle = *reinterpret_cast<const LargeType *>(P))
       for (size_t I = 0; I < Step; I++, Bundle >>= 8)
         if (uint8_t V = Bundle & 0xff)
-          Handle8bitCounter(FirstFeature + P - Begin + I, V);
+          Handle8bitCounter(FirstFeature, P - Begin + I, V);
 
   // Iterate by 1 byte until the end.
   for (; P < End; P++)
     if (uint8_t V = *P)
-      Handle8bitCounter(FirstFeature + P - Begin, V);
+      Handle8bitCounter(FirstFeature, P - Begin, V);
 }
 
 template <class Callback>  // bool Callback(size_t Feature)
@@ -196,7 +197,8 @@ __attribute__((noinline))
 void TracePC::CollectFeatures(Callback HandleFeature) const {
   uint8_t *Counters = this->Counters();
   size_t N = GetNumPCs();
-  auto Handle8bitCounter = [&](size_t Idx, uint8_t Counter) {
+  auto Handle8bitCounter = [&](size_t FirstFeature,
+                               size_t Idx, uint8_t Counter) {
     assert(Counter);
     unsigned Bit = 0;
     /**/ if (Counter >= 128) Bit = 7;
@@ -206,19 +208,22 @@ void TracePC::CollectFeatures(Callback HandleFeature) const {
     else if (Counter >= 4) Bit = 3;
     else if (Counter >= 3) Bit = 2;
     else if (Counter >= 2) Bit = 1;
-    HandleFeature(Idx * 8 + Bit);
+    HandleFeature(FirstFeature + Idx * 8 + Bit);
   };
 
   size_t FirstFeature = 0;
+
   if (!NumInline8bitCounters) {
     ForEachNonZeroByte(Counters, Counters + N, FirstFeature, Handle8bitCounter);
     FirstFeature += N * 8;
   }
 
-  for (size_t i = 0; i < NumModulesWithInline8bitCounters; i++) {
-    ForEachNonZeroByte(ModuleCounters[i].Start, ModuleCounters[i].Stop,
-                       FirstFeature, Handle8bitCounter);
-    FirstFeature += 8 * (ModuleCounters[i].Stop - ModuleCounters[i].Start);
+  if (NumInline8bitCounters) {
+    for (size_t i = 0; i < NumModulesWithInline8bitCounters; i++) {
+      ForEachNonZeroByte(ModuleCounters[i].Start, ModuleCounters[i].Stop,
+                         FirstFeature, Handle8bitCounter);
+      FirstFeature += 8 * (ModuleCounters[i].Stop - ModuleCounters[i].Start);
+    }
   }
 
   ForEachNonZeroByte(ExtraCountersBegin(), ExtraCountersEnd(), FirstFeature,

lib/Fuzzer/test/FuzzerUnittest.cpp

@@ -741,7 +741,9 @@ TEST(Fuzzer, ForEachNonZeroByte) {
   };
   typedef std::vector<std::pair<size_t, uint8_t> > Vec;
   Vec Res, Expected;
-  auto CB = [&](size_t Idx, uint8_t V) { Res.push_back({Idx, V}); };
+  auto CB = [&](size_t FirstFeature, size_t Idx, uint8_t V) {
+    Res.push_back({FirstFeature + Idx, V});
+  };
   ForEachNonZeroByte(Ar, Ar + N, 100, CB);
   Expected = {{108, 1}, {109, 2}, {118, 3}, {120, 4},
               {135, 5}, {137, 6}, {146, 7}, {163, 8}};