Intel BLSI CF computation bug
Host environment
- Operating system: Ubuntu 23.10
- OS/kernel version: Linux d52e4fde9539 6.5.0-14-generic #14~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Mon Nov 20 18:15:30 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
- Architecture: x86_64
- QEMU flavor: qemu-x86_64
- QEMU version: qemu-x86_64 version 8.2.1
- QEMU command line:
./qemu-x86_64 ./example.bin
Emulated/Virtualized environment
- Operating system: None
- OS/kernel version: None
- Architecture: x86_64
Description of problem
CF flag computation of BLSI instruction is wrong. It seems #1370 (closed) was not completely fixed.
Steps to reproduce
- Compile
example.c
using this command:gcc -o example.bin example.c
. My gcc version is 12.3.0, but other versions may work.
int main() {
__asm__ (
"movq $0x1, %r8\n"
"mov $0xedbf530a, %r9\n"
"push $0x1\n"
"popf\n"
"blsi %r9d, %r8d\n"
"pushf\n"
"pop %rax\n"
"pop %rbp\n"
"ret\n"
);
return 0;
}
- Run
./example.bin
. Then check the return code usingecho $?
. It should be 3.
$ ./example.bin
$ echo $?
3
- Run
./qemu-x86_64 ./example.bin
. Then check the return code usingecho $?
. It should be 2.
$ ./qemu-x86_64 ./example.bin
$ echo $?
2
The return code of ./example.bin
contains the value of the RFLAGS
register after executing the BLSI
instruction.