AMD doesn't check bounds in the plog() function, so we may call the procedure 7 and exploit this vulnerability.