blob: 9995091b2d21d1dbc0c12b3e5936ce1e7692d8ed (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
semantic: 0.987
device: 0.743
graphic: 0.735
vnc: 0.612
socket: 0.607
boot: 0.585
debug: 0.428
permissions: 0.370
network: 0.366
files: 0.340
PID: 0.289
other: 0.269
performance: 0.268
KVM: 0.163
semantic: 0.987
debug: 0.389
other: 0.035
files: 0.027
performance: 0.021
device: 0.009
PID: 0.008
KVM: 0.004
network: 0.004
permissions: 0.003
socket: 0.003
boot: 0.003
graphic: 0.002
vnc: 0.001
x86 BLSMSK semantic bug
Description of problem
The result of instruction BLSMSK is different with from the CPU. The value of CF is different.
Steps to reproduce
Compile this code
void main() {
asm("mov rax, 0x65b2e276ad27c67");
asm("mov rbx, 0x62f34955226b2b5d");
asm("blsmsk eax, ebx");
}
Execute and compare the result with the CPU.
CPU
CF = 0
QEMU
CF = 1
Additional information
This bug is discovered by research conducted by KAIST SoftSec.
|