Bug 384842

Summary: Reporting for VEX IR semantic bugs
Product: [Developer tools] valgrind Reporter: Soomin Kim <soomink>
Component: vexAssignee: Julian Seward <jseward>
Status: REPORTED ---    
Severity: normal CC: soomink
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: unspecified   
OS: Unspecified   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Soomin Kim 2017-09-19 07:22:25 UTC 
Dear Valgrind team,
 
Here at KAIST, Korea, we are doing a research project on testing
the correctness of binary lifters. The system is named MeanDiff,
which systematically finds semantic bugs by differential testing
the lifted output of thousands generated x86 and x86-64
instructions. We will be presenting a paper on our system
called "Testing Intermediate Representations for Binary Analysis"
at ASE 2017.
 
Valgrind's VEX lifter was included in our experiments and in result we have some
bugs we would like to report. In our attempt of making the bug
reports as concise as possible, we have made issues on your
behalf on our Github page below:
https://github.com/SoftSec-KAIST/MeanDiff/issues
 
Here the different binary lifters, including yours, are labeled
by name. In summary we found 4 unique bugs in VEX lifter.
 
If you have any questions feel free to write us or comment on the
Github issues.
 
Best regards,
Soomin Kim & Markus Faerevaag & Sang Kil Cha