MdePkg/Library/BaseSafeIntLib/SafeIntLib.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
https://bugzilla.tianocore.org/show_bug.cgi?id=2525
SafeUint64Mult() looks for 64-bit overflows and performs
several 32-bit multiples with 64-bit results to check for
all possible overflow conditions. IA32 builds using VS20xx
with optimizations enabled are producing a reference to
the _allmull intrinsic.
The fix is to use MultU64x64() instead of '*' for
these operations. These are safe because the inputs
are guaranteed to have the upper 32-bits clear, which
means MultU64x64() can never overflow with those inputs.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
---
MdePkg/Library/BaseSafeIntLib/SafeIntLib.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c
index 0f6be6e064..eec8ac1ffd 100644
--- a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c
+++ b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c
@@ -3380,14 +3380,14 @@ SafeUint64Mult (
//
// a * d must be less than 2^32 or there would be bits set in the high 64-bits
//
- ProductAD = (((UINT64)DwordA) *(UINT64)DwordD);
+ ProductAD = MultU64x64 ((UINT64)DwordA, (UINT64)DwordD);
if ((ProductAD & 0xffffffff00000000) == 0) {
DwordB = (UINT32)Multiplicand;
//
// b * c must be less than 2^32 or there would be bits set in the high 64-bits
//
- ProductBC = (((UINT64)DwordB) *(UINT64)DwordC);
+ ProductBC = MultU64x64 ((UINT64)DwordB, (UINT64)DwordC);
if ((ProductBC & 0xffffffff00000000) == 0) {
//
// now sum them all up checking for overflow.
@@ -3397,7 +3397,7 @@ SafeUint64Mult (
//
// b * d
//
- ProductBD = (((UINT64)DwordB) *(UINT64)DwordD);
+ ProductBD = MultU64x64 ((UINT64)DwordB, (UINT64)DwordD);
if (!RETURN_ERROR (SafeUint64Add (UnsignedResult, ProductBD, &UnsignedResult))) {
*Result = UnsignedResult;
--
2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#54309): https://edk2.groups.io/g/devel/message/54309
Mute This Topic: https://groups.io/mt/71226620/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Reviewed-by: Liming Gao <liming.gao@intel.com> > -----Original Message----- > From: Kinney, Michael D <michael.d.kinney@intel.com> > Sent: Thursday, February 13, 2020 6:45 AM > To: devel@edk2.groups.io > Cc: Gao, Liming <liming.gao@intel.com>; Sean Brogan <sean.brogan@microsoft.com>; Bret Barkelew <Bret.Barkelew@microsoft.com> > Subject: [Patch] MdePkg/BaseSafeIntLib: Fix VS20xx IA32 link failures > > https://bugzilla.tianocore.org/show_bug.cgi?id=2525 > > SafeUint64Mult() looks for 64-bit overflows and performs > several 32-bit multiples with 64-bit results to check for > all possible overflow conditions. IA32 builds using VS20xx > with optimizations enabled are producing a reference to > the _allmull intrinsic. > > The fix is to use MultU64x64() instead of '*' for > these operations. These are safe because the inputs > are guaranteed to have the upper 32-bits clear, which > means MultU64x64() can never overflow with those inputs. > > Cc: Liming Gao <liming.gao@intel.com> > Cc: Sean Brogan <sean.brogan@microsoft.com> > Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> > Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> > --- > MdePkg/Library/BaseSafeIntLib/SafeIntLib.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c > index 0f6be6e064..eec8ac1ffd 100644 > --- a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c > +++ b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c > @@ -3380,14 +3380,14 @@ SafeUint64Mult ( > // > // a * d must be less than 2^32 or there would be bits set in the high 64-bits > // > - ProductAD = (((UINT64)DwordA) *(UINT64)DwordD); > + ProductAD = MultU64x64 ((UINT64)DwordA, (UINT64)DwordD); > if ((ProductAD & 0xffffffff00000000) == 0) { > DwordB = (UINT32)Multiplicand; > > // > // b * c must be less than 2^32 or there would be bits set in the high 64-bits > // > - ProductBC = (((UINT64)DwordB) *(UINT64)DwordC); > + ProductBC = MultU64x64 ((UINT64)DwordB, (UINT64)DwordC); > if ((ProductBC & 0xffffffff00000000) == 0) { > // > // now sum them all up checking for overflow. > @@ -3397,7 +3397,7 @@ SafeUint64Mult ( > // > // b * d > // > - ProductBD = (((UINT64)DwordB) *(UINT64)DwordD); > + ProductBD = MultU64x64 ((UINT64)DwordB, (UINT64)DwordD); > > if (!RETURN_ERROR (SafeUint64Add (UnsignedResult, ProductBD, &UnsignedResult))) { > *Result = UnsignedResult; > -- > 2.21.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#54315): https://edk2.groups.io/g/devel/message/54315 Mute This Topic: https://groups.io/mt/71226620/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com> - Bret ________________________________ From: Michael D Kinney <michael.d.kinney@intel.com> Sent: Wednesday, February 12, 2020 2:45:11 PM To: devel@edk2.groups.io <devel@edk2.groups.io> Cc: Liming Gao <liming.gao@intel.com>; Sean Brogan <sean.brogan@microsoft.com>; Bret Barkelew <Bret.Barkelew@microsoft.com> Subject: [EXTERNAL] [Patch] MdePkg/BaseSafeIntLib: Fix VS20xx IA32 link failures https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2525&data=02%7C01%7CBret.Barkelew%40microsoft.com%7C42f4119d0b1e4cb0fa0e08d7b00d3970%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637171443157049083&sdata=whRKJqlUj7Hq%2F%2BGtPO2ofn97iKwfKXV93RmYCair5l0%3D&reserved=0 SafeUint64Mult() looks for 64-bit overflows and performs several 32-bit multiples with 64-bit results to check for all possible overflow conditions. IA32 builds using VS20xx with optimizations enabled are producing a reference to the _allmull intrinsic. The fix is to use MultU64x64() instead of '*' for these operations. These are safe because the inputs are guaranteed to have the upper 32-bits clear, which means MultU64x64() can never overflow with those inputs. Cc: Liming Gao <liming.gao@intel.com> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> --- MdePkg/Library/BaseSafeIntLib/SafeIntLib.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c index 0f6be6e064..eec8ac1ffd 100644 --- a/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c +++ b/MdePkg/Library/BaseSafeIntLib/SafeIntLib.c @@ -3380,14 +3380,14 @@ SafeUint64Mult ( // // a * d must be less than 2^32 or there would be bits set in the high 64-bits // - ProductAD = (((UINT64)DwordA) *(UINT64)DwordD); + ProductAD = MultU64x64 ((UINT64)DwordA, (UINT64)DwordD); if ((ProductAD & 0xffffffff00000000) == 0) { DwordB = (UINT32)Multiplicand; // // b * c must be less than 2^32 or there would be bits set in the high 64-bits // - ProductBC = (((UINT64)DwordB) *(UINT64)DwordC); + ProductBC = MultU64x64 ((UINT64)DwordB, (UINT64)DwordC); if ((ProductBC & 0xffffffff00000000) == 0) { // // now sum them all up checking for overflow. @@ -3397,7 +3397,7 @@ SafeUint64Mult ( // // b * d // - ProductBD = (((UINT64)DwordB) *(UINT64)DwordD); + ProductBD = MultU64x64 ((UINT64)DwordB, (UINT64)DwordD); if (!RETURN_ERROR (SafeUint64Add (UnsignedResult, ProductBD, &UnsignedResult))) { *Result = UnsignedResult; -- 2.21.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#54310): https://edk2.groups.io/g/devel/message/54310 Mute This Topic: https://groups.io/mt/71226639/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.