fix some oss-fuzz (#1184)
* fix oss-fuzz 10419. * fix oss-fuzz 10427. * fix oss-fuzz 10421. * fix oss-fuzz 10422. * fix oss-fuzz 10425. * fix oss-fuzz 10426. * fix oss-fuzz 10426. * fix oss-fuzz 10422. * fix oss-fuzz 10426. * fix oss-fuzz 10456. * fix oss-fuzz 10428. * fix oss-fuzz 10429. * fix oss-fuzz 10431. * fix oss-fuzz 10435. * fix oss-fuzz 10430. * fix oss-fuzz 10436. * remove unused var. * fix oss-fuzz 10449. * fix oss-fuzz 10452. * fix oss-fuzz 11792. * fix oss-fuzz 10457. * fix oss-fuzz 11737. * fix oss-fuzz 10458. * fix oss-fuzz 10565. * fix oss-fuzz 11651. * fix oss-fuzz 10497. * fix oss-fuzz 10515. * fix oss-fuzz 10586. * fix oss-fuzz 10597. * fiz oss-fuzz 11721. * fix oss-fuzz 10718. * fix oss-fuzz 15610. * fix oss-fuzz 10512. * fix oss-fuzz 10545. * fix oss-fuzz 10598. * fix oss-fuzz 11112. * fix oss-fuzz 11589. * fix oss-fuzz 10674. * git fix oss-fuzz 19610. * fix oss-fuzz 19848. * fix oss-fuzz 19851. * fix oss-fuzz 19852. * fix oss-fuzz 10878. * fix oss-fuzz 11655. * fix oss-fuzz 19849. * fix oss-fuzz 11765. * fix oss-fuzz 10337. * fix oss-fuzz 10575. * fix oss-fuzz 19877. * fix oss-fuzz 19895. * fix oss-fuzz 19896. * fix oss-fuzz 19897. * remove verbose fprintf output.
This commit is contained in:
Chen Huitao
committed by
Nguyen Anh Quynh
Nguyen Anh Quynh
parent
8621bca537
commit
7e4ac9e86e
@@ -317,7 +317,7 @@ static inline uint32_t syn_fp_access_trap(int cv, int cond, bool is_thumb)
|
||||
|
||||
static inline uint32_t syn_insn_abort(int same_el, int ea, int s1ptw, int fsc)
|
||||
{
|
||||
return (EC_INSNABORT << ARM_EL_EC_SHIFT) | (same_el << ARM_EL_EC_SHIFT)
|
||||
return (((unsigned int)EC_INSNABORT) << ARM_EL_EC_SHIFT) | (same_el << ARM_EL_EC_SHIFT)
|
||||
| (ea << 9) | (s1ptw << 7) | fsc;
|
||||
}
|
||||
|
||||
|
||||
@@ -1767,7 +1767,7 @@ uint64_t HELPER(neon_abdl_s64)(uint32_t a, uint32_t b)
|
||||
#define DO_MULL(dest, x, y, type1, type2) do { \
|
||||
type1 tmp_x = x; \
|
||||
type1 tmp_y = y; \
|
||||
dest = (type2)((type2)tmp_x * (type2)tmp_y); \
|
||||
dest = (type2)((int64_t)tmp_x * (int64_t)tmp_y); \
|
||||
} while(0)
|
||||
|
||||
uint64_t HELPER(neon_mull_u8)(uint32_t a, uint32_t b)
|
||||
|
||||
@@ -1859,7 +1859,7 @@ static void disas_ld_lit(DisasContext *s, uint32_t insn)
|
||||
{
|
||||
TCGContext *tcg_ctx = s->uc->tcg_ctx;
|
||||
int rt = extract32(insn, 0, 5);
|
||||
int64_t imm = sextract32(insn, 5, 19) << 2;
|
||||
int64_t imm = (int32_t)(((uint32_t)sextract32(insn, 5, 19)) << 2);
|
||||
bool is_vector = extract32(insn, 26, 1);
|
||||
int opc = extract32(insn, 30, 2);
|
||||
bool is_signed = false;
|
||||
@@ -2684,14 +2684,14 @@ static void disas_pc_rel_adr(DisasContext *s, uint32_t insn)
|
||||
|
||||
page = extract32(insn, 31, 1);
|
||||
/* SignExtend(immhi:immlo) -> offset */
|
||||
offset = ((int64_t)sextract32(insn, 5, 19) << 2) | extract32(insn, 29, 2);
|
||||
offset = (int64_t)((uint64_t)sextract32(insn, 5, 19) << 2) | extract32(insn, 29, 2);
|
||||
rd = extract32(insn, 0, 5);
|
||||
base = s->pc - 4;
|
||||
|
||||
if (page) {
|
||||
/* ADRP (page based) */
|
||||
base &= ~0xfff;
|
||||
offset <<= 12;
|
||||
offset = ((uint64_t)offset) << 12;
|
||||
}
|
||||
|
||||
tcg_gen_movi_i64(tcg_ctx, cpu_reg(s, rd), base + offset);
|
||||
|
||||
@@ -132,7 +132,7 @@ static void load_reg_var(DisasContext *s, TCGv_i32 var, int reg)
|
||||
addr = (long)s->pc + 4;
|
||||
tcg_gen_movi_i32(tcg_ctx, var, addr);
|
||||
} else {
|
||||
tcg_gen_mov_i32(tcg_ctx, var, tcg_ctx->cpu_R[reg]);
|
||||
tcg_gen_mov_i32(tcg_ctx, var, tcg_ctx->cpu_R[(reg & 0x0f)]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -806,8 +806,10 @@ void arm_gen_test_cc(TCGContext *tcg_ctx, int cc, int label)
|
||||
tcg_temp_free_i32(tcg_ctx, tmp);
|
||||
break;
|
||||
default:
|
||||
fprintf(stderr, "Bad condition code 0x%x\n", cc);
|
||||
abort();
|
||||
/* fprintf(stderr, "Bad condition code 0x%x\n", cc); */
|
||||
tmp = tcg_const_i32(tcg_ctx, EXCP_EXCEPTION_EXIT);
|
||||
gen_helper_exception_internal(tcg_ctx, tcg_ctx->cpu_env, tmp);
|
||||
tcg_temp_free_i32(tcg_ctx, tmp);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -11124,7 +11126,7 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) // qq
|
||||
|
||||
/* jump to the offset */
|
||||
val = (uint32_t)s->pc + 2;
|
||||
offset = ((int32_t)insn << 24) >> 24;
|
||||
offset = ((int32_t)((uint32_t)insn << 24)) >> 24;
|
||||
val += offset << 1;
|
||||
gen_jmp(s, val);
|
||||
break;
|
||||
@@ -11137,7 +11139,7 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) // qq
|
||||
}
|
||||
/* unconditional branch */
|
||||
val = (uint32_t)s->pc;
|
||||
offset = ((int32_t)insn << 21) >> 21;
|
||||
offset = ((int32_t)((uint32_t)insn << 21)) >> 21;
|
||||
val += (offset << 1) + 2;
|
||||
gen_jmp(s, val);
|
||||
break;
|
||||
|
||||
Reference in New Issue
Block a user