Spectre V1 PoC Code

Question

I try to understand the Spectre PoC by Erik August (https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6). In line 76 it says

x = ((j % 6) - 1) & ~0xFFFF;

So I know & is a bitwise AND and ~ returns a bitwise complement. If j%6 is 0 I get why x=FFF.FF0000. But I wonder why x=0 in the other cases. Why isn't it e.g. 0xFFFF0001?

Thanks for your help!

Answer 1

~0xFFFF gives you 0xFFFF_0000

The result of ((j % 6) - 1) could be -1 (0xFFFF_FFFF) or 0-4

For 0 to 4, if you AND it with 0xFFFF_0000, that will be 0.

example:

0xFFFF_0000
0x0000_0001 
----AND----
0x0000_0000