fix some oss-fuzz (#1224)

* fix oss-fuzz 18138. * fix oss-fuzz 20079. * fix oss-fuzz 20209. * fix oss-fuzz 20210. * fix oss-fuzz 20262. * rollback. * rollback. * fix oss-fuzz 20079. * fix oss-fuzz 20179. * fix oss-fuzz 20195. * fix oss-fuzz 20206. * fix oss-fuzz 20207. * fix oss-fuzz 20265. * fix oss-fuzz 20285. * fix oss-fuzz 20868. * fix oss-fuzz 20908. * fix oss-fuzz 20909. * fix oss-fuzz 20914. * fix oss-fuzz 20922. * fix oss-fuzz 20928. * remove warnigs. * fix oss-fuzz 20961. * fix oss-fuzz 21005. * remove clang warnings. * fix oss-fuzz 21043. * fix oss-fuzz 21047. * fix oss-fuzz 21050. * fix oss-fuzz 21219.
2020-03-24 16:23:04 +08:00
parent 8ff326a2a3
commit 930cb9ada8
7 changed files with 17 additions and 17 deletions
--- a/qemu/target-arm/translate.c
+++ b/qemu/target-arm/translate.c
@@ -6144,7 +6144,7 @@ static int disas_neon_data_insn(DisasContext *s, uint32_t insn)
                        val = 0;
                        for (n = 0; n < 4; n++) {
                            if (imm & (1 << (n + (pass & 1) * 4)))
-                                val |= 0xff << (n * 8);
+                                val |= 0xffU << (n * 8);
                        }
                        tcg_gen_movi_i32(tcg_ctx, tmp, val);
                    } else {
@@ -11127,7 +11127,7 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) // qq
        /* jump to the offset */
        val = (uint32_t)s->pc + 2;
        offset = ((int32_t)((uint32_t)insn << 24)) >> 24;
-        val += offset << 1;
+        val += (int32_t)((uint32_t)offset << 1);
        gen_jmp(s, val);
        break;

@@ -11140,7 +11140,7 @@ static void disas_thumb_insn(CPUARMState *env, DisasContext *s) // qq
        /* unconditional branch */
        val = (uint32_t)s->pc;
        offset = ((int32_t)((uint32_t)insn << 21)) >> 21;
-        val += (offset << 1) + 2;
+        val += (int32_t)((uint32_t)offset << 1) + 2;
        gen_jmp(s, val);
        break;