From b5f9441689d953ceb46acb2e4e3cf8580fe92031 Mon Sep 17 00:00:00 2001
From: Chen Huitao <h980501427@163.com>
Date: Mon, 13 Apr 2020 16:34:07 +0800
Subject: [PATCH] fix some oss-fuzz bugs (#1233)

* fix oss-fuzz 18138.

* fix oss-fuzz 20079.

* fix oss-fuzz 20209.

* fix oss-fuzz 20210.

* fix oss-fuzz 20262.

* rollback.

* rollback.

* fix oss-fuzz 20079.

* fix oss-fuzz 20179.

* fix oss-fuzz 20195.

* fix oss-fuzz 20206.

* fix oss-fuzz 20207.

* fix oss-fuzz 20265.

* fix oss-fuzz 20285.

* fix oss-fuzz 20868.

* fix oss-fuzz 20908.

* fix oss-fuzz 20909.

* fix oss-fuzz 20914.

* fix oss-fuzz 20922.

* fix oss-fuzz 20928.

* remove warnigs.

* fix oss-fuzz 20961.

* fix oss-fuzz 21005.

* remove clang warnings.

* fix oss-fuzz 21043.

* fix oss-fuzz 21047.

* fix oss-fuzz 21050.

* fix oss-fuzz 21219.

* fix oss-fuzz 21380.

* fix oss-fuzz 21455.

* fix oss-fuzz 21458.

* fix oss-fuzz 21650.

* fix oss-fuzz 21651.
---
 qemu/target-arm/neon_helper.c | 4 ++--
 qemu/target-i386/ops_sse.h    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/qemu/target-arm/neon_helper.c b/qemu/target-arm/neon_helper.c
index 308fd713..dc8fb3fd 100644
--- a/qemu/target-arm/neon_helper.c
+++ b/qemu/target-arm/neon_helper.c
@@ -698,7 +698,7 @@ NEON_VOP(rshl_s16, neon_s16, 2)
  * intermediate 64 bit accumulator.  */
 uint32_t HELPER(neon_rshl_s32)(uint32_t valop, uint32_t shiftop)
 {
-    int32_t dest;
+    uint32_t dest;
     int32_t val = (int32_t)valop;
     int8_t shift = (int8_t)shiftop;
     if ((shift >= 32) || (shift <= -32)) {
@@ -707,7 +707,7 @@ uint32_t HELPER(neon_rshl_s32)(uint32_t valop, uint32_t shiftop)
         int64_t big_dest = ((int64_t)val + (1ULL << (-1 - shift)));
         dest = big_dest >> -shift;
     } else {
-        dest = val << shift;
+        dest = (uint32_t)val << shift;
     }
     return dest;
 }
diff --git a/qemu/target-i386/ops_sse.h b/qemu/target-i386/ops_sse.h
index 3d49fcc7..916f83e9 100644
--- a/qemu/target-i386/ops_sse.h
+++ b/qemu/target-i386/ops_sse.h
@@ -1499,7 +1499,7 @@ SSE_HELPER_W(helper_pmulhrsw, FMULHRSW)
 
 #define FSIGNB(d, s) (s <= INT8_MAX  ? s ? d : 0 : -(int8_t)d)
 #define FSIGNW(d, s) (s <= INT16_MAX ? s ? d : 0 : -(int16_t)d)
-#define FSIGNL(d, s) (s <= INT32_MAX ? s ? d : 0 : -(int32_t)d)
+#define FSIGNL(d, s) (s <= INT32_MAX ? s ? d && d != 0x80000000 : 0 : -(int32_t)d)
 SSE_HELPER_B(helper_psignb, FSIGNB)
 SSE_HELPER_W(helper_psignw, FSIGNW)
 SSE_HELPER_L(helper_psignd, FSIGNL)