On 13.08.2024 17:16, Andrew Cooper wrote: > On 13/08/2024 2:19 pm, Andrew Cooper wrote: >> On 13/08/2024 1:43 pm, Jan Beulich wrote: >>> The conversion of the shifts to multiplications by the commits tagged >>> below still wasn't quite right: The multiplications (of signed values) >>> can overflow, too. As of 298556c7b5f8 ("x86emul: correct 32-bit address >>> handling for AVX2 gathers") signed multiplication wasn't necessary >>> anymore, though: The necessary sign-extension (if any) will happen as >>> well when using intermediate variables of unsigned long types, and >>> excess address bits are chopped off by truncate_ea(). >>> >>> Fixes: b6a907f8c83d ("x86emul: replace UB shifts") >>> Fixes: 21de9680eb59 ("x86emul: replace further UB shifts") >>> Oss-fuzz: 71138 > > It's too late on this one, but it occurs to me that we probably want > > Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71138 > > rather than an abstract Oss-fuzz number. The bugtracker entry becomes > public after 90d or when ClusterFuzz thinks we've fixed the bug, and the > full link will be more useful to anyone interested.
I can try to remember doing so going forward. Let me adjust the one that's still pending right away. Jan