|
Just read about it on the German c't magazine web page (Hardware-Fuzzing: Hintertüren und Fehler in CPUs aufspüren | heise Security[^]):
The sandsifter audits x86 processors for hidden instructions and hardware bugs, by systematically generating machine code to search through a processor's instruction set, and monitoring execution for anomalies. Sandsifter has uncovered secret processor instructions from every major vendor; ubiquitous software bugs in disassemblers, assemblers, and emulators; flaws in enterprise hypervisors; and both benign and security-critical hardware bugs in x86 chips.
Also interesting how he reduces the possible number of instructions from 1.3x1036 to about 100,000,000 by storing them across page boundaries for execution where the second page is marked as not executable. He then shifts the max. 15 byte long instruction left until no fault is generated.
|
|
|
|
|
ADD
MUL
SUB
PUSH
POP
.
.
.
Then a million hidden instructions ?
Quote: Typically, several million undocumented instructions on your processor will be found
Starting to think people post kid pics in their profiles because that was the last time they were cute - Jeremy Falcon.
|
|
|
|
|
Including the possible literal or register operands with different widths and displacements.
|
|
|
|
|
xoreaxeaxeax wrote: Lastly, a so-called ‘halt and catch fire’ instruction was discovered on an as-yet unnamed x86 processor. This instruction, executed in ring 3 from an unprivileged process, appears to lock the processor entirely That could be bad..
|
|
|
|
|
In deed. According to the choosen name it is even possible that the CPU is damaged.
|
|
|
|
|
HCF is normally just satirical and refers to a hard crash not actual hardware destruction.
In computer engineering, Halt and Catch Fire, known by the assembly mnemonic HCF, is an idiom referring to a computer machine code instruction that causes the computer's central processing unit (CPU) to cease meaningful operation, typically requiring a restart of the computer. It originally referred to a fictitious instruction in IBM System/360 computers, but later computer developers who saw the joke created real versions of this instruction for some machines. In the case of real instructions the implication of this expression is that, whereas in most cases in which a CPU executes an unintended instruction (a bug in the code) the computer may still be able to recover, but in the case of an HCF instruction there is, by definition, no way for the system to recover without a restart.
The expression "catch fire" in this context is normally facetious, rather than literal, referring to a total loss of CPU functionality during the current session. The imaginative idea is that the CPU chip would be switching some circuits so fast that it would cause them to overheat and burn.
Although in the jargon file[^] ESR claims there was a chip that could overload and burn its bus if given a specific bit of invalid input.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Hmm. There were some versions of the 8085 microprocessor that had an HCF instruction. It would sit there and increment the value on the address lines until reset or powered off.
I also remember the PDP-11 had one, something like this: mov -@(pc),-@(pc) (syntax probably isn't right). It moved the contents located at the program counter (the current instruction) to the preceding word, and then jumped there. The end result was a similar effect to the HCF on the 8085, except the address lines would decrement and the machine was actually running. Of course since the PDP-11 had memory-mapped I/O, things would get interesting pretty quickly...
Software Zen: delete this;
|
|
|
|
|
What's the CPU in the new Galaxy Note?
Now is it bad enough that you let somebody else kick your butts without you trying to do it to each other? Now if we're all talking about the same man, and I think we are... it appears he's got a rather growing collection of our bikes.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
See disruption as pleasantly surprising. (13)
Good luck!
Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
Serendipitous (anagram of see disruption)
98.4% of statistics are made up on the spot.
|
|
|
|
|
Well done! (and I'm rather proud of the recursion in the clue).
Thursday is all yours.
Cheers,
Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
Peter_in_2780 wrote: Thursday is all yours.
That reminds me of a tune from Cabaret!
98.4% of statistics are made up on the spot.
|
|
|
|
|
Cool we have a new one, oh and another ah thank you Bob!
|
|
|
|
|
glennPattonWork wrote:
Cool we have a new one, oh and another ah thank you Bob!
If you look here[^] you can see Maunder announcing it.
Michael Martin
Australia
"I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible."
- Mr.Prakash One Fine Saturday. 24/04/2004
|
|
|
|
|
Well, that's usual, I always am a couple of days behind!
|
|
|
|
|
So which secrets am I still missing ?
|
|
|
|
|
Much as I hate emojis, "[mastadon]" is the coolest bit of emoji markup I've ever seen!
98.4% of statistics are made up on the spot.
|
|
|
|
|
|
Dan Neely wrote: :fark: :faark: :faaark: :faaaark: :faaaark: :faaaaaark: :faaaaaaark: Guess not yet.
It's spelt faarrrkkkk!!!!!
Michael Martin
Australia
"I controlled my laughter and simple said "No,I am very busy,so I can't write any code for you". The moment they heard this all the smiling face turned into a sad looking face and one of them farted. So I had to leave the place as soon as possible."
- Mr.Prakash One Fine Saturday. 24/04/2004
|
|
|
|
|
Has Anyone Seen Mike Hunt wrote: It's spelt faarrrkkkk!!!!!
:faarrrkkkk!!!!!:
Nope, still not seeing your face reduced to an ~20 pixel gif.
OTOH if Maunder's still managed to miss every opportunity to have a beer with you he might just not have a reference image to work off of.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, weighing all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
you, !
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
You actually had sunshine in Wales?!
(I'm more likely to believe that you saw elephants. )
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
No often, no ... and it would appear that today will be another wet and grey one.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
OriginalGriff wrote: wet and grey one
Are you still talking about elephants?
|
|
|
|
|
Wales is full of elephants - you just can't see them because they're so well camouflaged against the sky.
98.4% of statistics are made up on the spot.
|
|
|
|