{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T02:40:33Z","timestamp":1767840033942,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,7,11]],"date-time":"2021-07-11T00:00:00Z","timestamp":1625961600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1736209, 61972224, 61772308"],"award-info":[{"award-number":["U1736209, 61972224, 61772308"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"BNRist Network and Software Security Research Program","award":["BNR2019TD01004, BNR2019RC01009"],"award-info":[{"award-number":["BNR2019TD01004, BNR2019RC01009"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,7,11]]},"DOI":"10.1145\/3460319.3464842","type":"proceedings-article","created":{"date-parts":[[2021,7,8]],"date-time":"2021-07-08T22:18:43Z","timestamp":1625782723000},"page":"580-592","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["iDEV: exploring and exploiting semantic deviations in ARM instruction processing"],"prefix":"10.1145","author":[{"given":"Shisong","family":"Qin","sequence":"first","affiliation":[{"name":"Tsinghua University, China"}]},{"given":"Chao","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University, China"}]},{"given":"Kaixiang","family":"Chen","sequence":"additional","affiliation":[{"name":"Tsinghua University, China"}]},{"given":"Zheming","family":"Li","sequence":"additional","affiliation":[{"name":"Tsinghua University, China"}]}],"member":"320","published-online":{"date-parts":[[2021,7,11]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2021. Dyninst. https:\/\/github.com\/dyninst\/dyninst  2021. Dyninst. https:\/\/github.com\/dyninst\/dyninst"},{"key":"e_1_3_2_1_2_1","unstructured":"2021. LLVM. https:\/\/llvm.org\/  2021. LLVM. https:\/\/llvm.org\/"},{"key":"e_1_3_2_1_3_1","unstructured":"2021. QEMU. https:\/\/www.qemu.org\/  2021. QEMU. https:\/\/www.qemu.org\/"},{"key":"e_1_3_2_1_4_1","unstructured":"2021. Valgrind. http:\/\/valgrind.org\/  2021. Valgrind. http:\/\/valgrind.org\/"},{"key":"e_1_3_2_1_5_1","unstructured":"Nguyen Anh Quynh. 2020. Capstone. https:\/\/github.com\/aquynh\/capstone  Nguyen Anh Quynh. 2020. Capstone. https:\/\/github.com\/aquynh\/capstone"},{"key":"e_1_3_2_1_6_1","volume-title":"Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL\/TLS Implementations. In 2014 IEEE Symposium on Security and Privacy. 114\u2013129","author":"Brubaker Chad","year":"2014","unstructured":"Chad Brubaker , Suman Jana , Baishakhi Ray , Sarfraz Khurshid , and Vitaly Shmatikov . 2014 . Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL\/TLS Implementations. In 2014 IEEE Symposium on Security and Privacy. 114\u2013129 . https:\/\/doi.org\/10.1109\/SP.2014.15 Chad Brubaker, Suman Jana, Baishakhi Ray, Sarfraz Khurshid, and Vitaly Shmatikov. 2014. Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL\/TLS Implementations. In 2014 IEEE Symposium on Security and Privacy. 114\u2013129. https:\/\/doi.org\/10.1109\/SP.2014.15"},{"key":"e_1_3_2_1_7_1","volume-title":"Infiltrating critical infrastructures with next-generation attacks","author":"Brunner Martin","unstructured":"Martin Brunner , Hans Hofinger , Christoph Krau\u00df , Christopher Roblee , P Schoo , and S Todt . 2010. Infiltrating critical infrastructures with next-generation attacks . Fraunhofer Institute for Secure Information Technology (SIT) , Munich . Martin Brunner, Hans Hofinger, Christoph Krau\u00df, Christopher Roblee, P Schoo, and S Todt. 2010. Infiltrating critical infrastructures with next-generation attacks. Fraunhofer Institute for Secure Information Technology (SIT), Munich."},{"key":"e_1_3_2_1_8_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck , Marina Minkin , Ofir Weisse , Daniel Genkin , Baris Kasikci , Frank Piessens , Mark Silberstein , Thomas F. Wenisch , Yuval Yarom , and Raoul Strackx . 2018 . Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution . In 27th USENIX Security Symposium (USENIX Security 18) . USENIX Association, Baltimore, MD. 991\u2013 1008. isbn:978-1-939133-04-5 https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/bulck Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD. 991\u2013 1008. isbn:978-1-939133-04-5 https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/bulck"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363219"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00127"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2908080.2908095"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23339"},{"key":"e_1_3_2_1_13_1","first-page":"129","article-title":"Inside the pentium-fdiv bug","volume":"20","author":"Coe Tim","year":"1995","unstructured":"Tim Coe . 1995 . Inside the pentium-fdiv bug . DR DOBBS JOURNAL , 20 , 4 (1995), 129 . Tim Coe. 1995. Inside the pentium-fdiv bug. DR DOBBS JOURNAL, 20, 4 (1995), 129.","journal-title":"DR DOBBS JOURNAL"},{"key":"e_1_3_2_1_14_1","unstructured":"Robert R Collins. 1997. The intel pentium f00f bug description and workarounds. Doctor Dobb\u2019s Journal.  Robert R Collins. 1997. The intel pentium f00f bug description and workarounds. Doctor Dobb\u2019s Journal."},{"key":"e_1_3_2_1_15_1","volume-title":"ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition","author":"ARM Corporation","unstructured":"ARM Corporation . 2018. ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition . ARM Corporation . ARM Corporation. 2018. ARM Architecture Reference Manual ARMv7-A and ARMv7-R edition. ARM Corporation."},{"key":"e_1_3_2_1_16_1","volume-title":"ARM Architecture Reference Manual ARMv8, for ARMv8-A architecture profile","author":"ARM Corporation","unstructured":"ARM Corporation . 2018. ARM Architecture Reference Manual ARMv8, for ARMv8-A architecture profile . ARM Corporation . ARM Corporation. 2018. ARM Architecture Reference Manual ARMv8, for ARMv8-A architecture profile. ARM Corporation."},{"key":"e_1_3_2_1_17_1","unstructured":"Intel Corporation. [n.d.]. Pin - A Dynamic Binary Instrumentation Tool. https:\/\/software.intel.com\/en-us\/articles\/pin-a-dynamic-binary-instrumentation-tool  Intel Corporation. [n.d.]. Pin - A Dynamic Binary Instrumentation Tool. https:\/\/software.intel.com\/en-us\/articles\/pin-a-dynamic-binary-instrumentation-tool"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00003"},{"key":"e_1_3_2_1_19_1","unstructured":"Christopher Domas. 2017. Breaking the x86 ISA. Black Hat.  Christopher Domas. 2017. Breaking the x86 ISA. Black Hat."},{"key":"e_1_3_2_1_20_1","unstructured":"Christopher Domas. 2018. Hardware Backdoors in x86 CPUs. Black Hat.  Christopher Domas. 2018. Hardware Backdoors in x86 CPUs. Black Hat."},{"key":"e_1_3_2_1_21_1","unstructured":"Brendan Gregg. 2018. KPTI\/KAISER meltdown initial performance regressions.  Brendan Gregg. 2018. KPTI\/KAISER meltdown initial performance regressions."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-62105-0_11"},{"key":"e_1_3_2_1_23_1","volume-title":"2018 USENIX Annual Technical Conference (USENIX ATC 18)","author":"Hua Zhichao","year":"2018","unstructured":"Zhichao Hua , Dong Du , Yubin Xia , Haibo Chen , and Binyu Zang . 2018 . EPTI: Efficient Defence against Meltdown Attack for Unpatched VMs . In 2018 USENIX Annual Technical Conference (USENIX ATC 18) . USENIX Association, Boston, MA. 255\u2013266. isbn:ISBN 978-1-939133-01-4 https:\/\/www.usenix.org\/conference\/atc18\/presentation\/hua Zhichao Hua, Dong Du, Yubin Xia, Haibo Chen, and Binyu Zang. 2018. EPTI: Efficient Defence against Meltdown Attack for Unpatched VMs. In 2018 USENIX Annual Technical Conference (USENIX ATC 18). USENIX Association, Boston, MA. 255\u2013266. isbn:ISBN 978-1-939133-01-4 https:\/\/www.usenix.org\/conference\/atc18\/presentation\/hua"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2018.8330199"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2017.8115648"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330553"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594334"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2946444"},{"key":"e_1_3_2_1_30_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp , Michael Schwarz , Daniel Gruss , Thomas Prescher , Werner Haas , Anders Fogh , Jann Horn , Stefan Mangard , Paul Kocher , Daniel Genkin , Yuval Yarom , and Mike Hamburg . 2018 . Meltdown: Reading Kernel Memory from User Space . In 27th USENIX Security Symposium (USENIX Security 18) . USENIX Association, Baltimore, MD. 973\u2013990. isbn:978-1-939133-04-5 https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/lipp Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD. 973\u2013990. isbn:978-1-939133-04-5 https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/lipp"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.43"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572303"},{"key":"e_1_3_2_1_33_1","first-page":"100","article-title":"Differential Testing for Software","volume":"10","author":"McKeeman William M.","year":"1998","unstructured":"William M. McKeeman . 1998 . Differential Testing for Software . Digit. Tech. J. , 10 , 1 (1998), 100 \u2013 107 . http:\/\/www.hpl.hp.com\/hpjournal\/dtj\/vol10num1\/vol10num1art9.pdf William M. McKeeman. 1998. Differential Testing for Software. Digit. Tech. J., 10, 1 (1998), 100\u2013107. http:\/\/www.hpl.hp.com\/hpjournal\/dtj\/vol10num1\/vol10num1art9.pdf","journal-title":"Digit. Tech. J."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00034"},{"key":"e_1_3_2_1_35_1","unstructured":"NSA. 2021. Ghidra. https:\/\/github.com\/NationalSecurityAgency\/ghidra  NSA. 2021. Ghidra. https:\/\/github.com\/NationalSecurityAgency\/ghidra"},{"key":"e_1_3_2_1_36_1","unstructured":"Trail of Bits. 2021. McSema. https:\/\/github.com\/lifting-bits\/mcsema  Trail of Bits. 2021. McSema. https:\/\/github.com\/lifting-bits\/mcsema"},{"key":"e_1_3_2_1_37_1","unstructured":"Trail of Bits. 2021. mishegos. https:\/\/github.com\/trailofbits\/mishegos  Trail of Bits. 2021. mishegos. https:\/\/github.com\/trailofbits\/mishegos"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/1831708.1831741"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.27"},{"key":"e_1_3_2_1_40_1","unstructured":"Hex Rays. 2021. IDA Pro. https:\/\/www.hex-rays.com\/products\/ida\/  Hex Rays. 2021. IDA Pro. https:\/\/www.hex-rays.com\/products\/ida\/"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_1"},{"key":"e_1_3_2_1_42_1","unstructured":"CEA IT Security. 2021. Miasm. https:\/\/github.com\/cea-sec\/miasm  CEA IT Security. 2021. Miasm. https:\/\/github.com\/cea-sec\/miasm"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.46"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884879"},{"key":"e_1_3_2_1_45_1","unstructured":"GNU Binary Utilities. 2021. Objdump. https:\/\/www.gnu.org\/software\/binutils\/  GNU Binary Utilities. 2021. Objdump. https:\/\/www.gnu.org\/software\/binutils\/"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00087"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2017.2763947"},{"key":"e_1_3_2_1_48_1","volume-title":"Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F. Wenisch, and Yuval Yarom.","author":"Weisse Ofir","year":"2018","unstructured":"Ofir Weisse , Jo Van Bulck , Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F. Wenisch, and Yuval Yarom. 2018 . Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Technical report. Ofir Weisse, Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F. Wenisch, and Yuval Yarom. 2018. Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Technical report."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1993498.1993532"},{"key":"e_1_3_2_1_50_1","volume-title":"23rd USENIX Security Symposium (USENIX Security 14)","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner . 2014 . FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack . In 23rd USENIX Security Symposium (USENIX Security 14) . USENIX Association, San Diego, CA. 719\u2013732. isbn:978-1-93 1971-15-7 https:\/\/www.usenix.org\/conference\/usenixsecurity14\/technical-sessions\/presentation\/yarom Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association, San Diego, CA. 719\u2013732. isbn:978-1-931971-15-7 https:\/\/www.usenix.org\/conference\/usenixsecurity14\/technical-sessions\/presentation\/yarom"}],"event":{"name":"ISSTA '21: 30th ACM SIGSOFT International Symposium on Software Testing and Analysis","location":"Virtual Denmark","acronym":"ISSTA '21","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460319.3464842","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460319.3464842","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:24:36Z","timestamp":1750195476000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460319.3464842"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,11]]},"references-count":50,"alternative-id":["10.1145\/3460319.3464842","10.1145\/3460319"],"URL":"https:\/\/doi.org\/10.1145\/3460319.3464842","relation":{},"subject":[],"published":{"date-parts":[[2021,7,11]]},"assertion":[{"value":"2021-07-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}