diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-07-03 19:39:53 +0200 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-07-03 19:39:53 +0200 |
| commit | dee4dcba78baf712cab403d47d9db319ab7f95d6 (patch) | |
| tree | 418478faf06786701a56268672f73d6b0b4eb239 /results/classifier/semantic-bugs/instruction/1376 | |
| parent | 4d9e26c0333abd39bdbd039dcdb30ed429c475ba (diff) | |
| download | qemu-analysis-dee4dcba78baf712cab403d47d9db319ab7f95d6.tar.gz qemu-analysis-dee4dcba78baf712cab403d47d9db319ab7f95d6.zip | |
restructure results
Diffstat (limited to 'results/classifier/semantic-bugs/instruction/1376')
| -rw-r--r-- | results/classifier/semantic-bugs/instruction/1376 | 28 |
1 files changed, 0 insertions, 28 deletions
diff --git a/results/classifier/semantic-bugs/instruction/1376 b/results/classifier/semantic-bugs/instruction/1376 deleted file mode 100644 index 3f75ca7c9..000000000 --- a/results/classifier/semantic-bugs/instruction/1376 +++ /dev/null @@ -1,28 +0,0 @@ -instruction: 0.954 -assembly: 0.897 -device: 0.854 -graphic: 0.701 -vnc: 0.674 -socket: 0.609 -network: 0.505 -boot: 0.489 -semantic: 0.444 -KVM: 0.243 -other: 0.223 -mistranslation: 0.191 - -x86 LSL and LAR fault -Description of problem: -From the description of LSL and LAR instructions in manual, `If the segment descriptor cannot be accessed or is an invalid type for the instruction, the ZF flag is cleared and no value is loaded in the destination operand.`. When it happens at the CPU, it seems they do nothing (nop). However, in QEMU, it crashes. -Steps to reproduce: -1. Compile this code -``` -void main() { - asm("mov rax, 0xa02e698e741f5a6a"); - asm("mov rbx, 0x20959ddd7a0aef"); - asm("lsl ax, bx"); -} -``` -2. Execute. QEMU crashes but CPU does not. This problem happens with LAR, too. -Additional information: -This bug is discovered by research conducted by KAIST SoftSec. |