Here is a 1 line C program that will trigger the bug (from comp.sys.intel) The bug will only occur on pure pentium systems (no 486, Cyrix, PPro or pentium MMX will show the bug). Also the bug will occure no matter what OS is running since no special permissions are required to execute the instruction. >long main=0xc8c70ff0; > >instead > >oddly, this compiles fine using > >gcc -Wall -pedantic -ansi flaming-death.c -o flaming-death MD On Tue, 11 Nov 1997, ERIC SCHLAEPFER wrote: > Hi, > > What the program does is call some sort of assembly program contained in the x > array. I tried running it on my 486 at work and Windows NT caught the fault. I > have het to try it at home on my Pentium. (By the way, my Pentium at home has > that infamous mul/div math bug. There is a program to test for this on the > Gernsback Web site.) > > Also, I took the instructions in the array and made them into a .COM executable, > which is what NT caught on my 486. > > Here is what my disassembler produced: > > 0BBA:0100 F0 LOCK > 0BBA:0101 0F DB 0F > 0BBA:0102 C7C8xxxx MOV AX,2090 > > The xxxx is replaced by what happens to be in memory at the time of execution. > > The LOCK instruction seems to trigger Windows NT. > > As for the C program itself, it is considered a bad programming practice to > insert an assembly program like that. Usually people use the Asm block on the > Microsoft and Borland compilers, or the assembly pragma using the Watcom > compiler. > > Later, > > Eric > > ______________________________ Reply Separator _________________________________ > Subject: (OT FWD) Another Pentium BUG ? > Author: Ricardo Seixas at INTERNET > Date: 11/10/97 5:10 PM > > > I've received this message from a Linux list, since I don't own a > Pentium > I'm unable to test this. > Forgive me to put this OT on the list, my intention is not to start > another > endless OT tread. > > Ricardo Seixas. > > ---------------------------------------------------------------------------- > ------- > > >> > >> There is a SERIOUS bug in all pentium CPUs. The following > >> code will crash any machine running on a pentium CPU, MMX or no > >> MMX, any speed, regardless of OS (crash as in instant seize, hard > >> reboot the only cure): > >> > >> char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 }; > >> > >> main () > >> { > >> void (*f)() = x; > >> f(); > >> } > >> > >> This require no special permissions to run, it works fine with > >> average-joe-userspace permissions. I have verified this, it works. > >> Demand a new CPU from Intel. > >> > > >Curious, I compiled that under Linux OS. Linux freezed. Dead. > >Without *any* warning. > > >My machine is a Genuine Intel 166 MHZ Pentium MMX. > > >Then I rebooted Windows NT. Compiled it with my compiler system (lcc-win32). > >Windows NT freezed. DEAD. Without *any* warning. > > >Then, I ported the code to my old faithful 486-DX33 with linux. Compiled it. > >When it run it traps with 'illegal instruction' > > >This means that anybody can crash anytime any OS that runs under a Pentium > CPU. > >As the poster said, no special permissions are needed, the pentium runs under > >ring 3 permissions!!!! > > >This means that no secure system can ever be built that uses the pentium > CPU. No > >protected system. The OS receives NO TRAP!!! > > >This is absolutely incredible. > > >Bugs are impossible to avoid. Not even with huge corporations like Intel. > >I will *not* start screaming at Intel now. Myself, I have done more bugs > >than Intel ever will. As somene said before: > > >Those that are free of sin, throw the first stone... > > >For any user of pentium cpus in a multiuser system this means that > >anybody that can execute a program can freeze the system dead. I repeat: > >NO ROOT PERMISSIONS ARE NEEDED. >