Crash a RISC machine from user-mode code:
Andrew Taylor
andrewt at cs.su.oz
Fri Aug 17 12:05:05 AEST 1990
In article <40885 at mips.mips.COM> rogerk at mips.COM (Roger B.A. Klorese) writes:
>> OK. Here is a quick summary of the HOW TO CRASH A RISC machine from
>> a USER-MODE program test. Reports have arrived that all of these machines
>> can be crashed using CRASHME.C:
>> IBM RT, MIPS, DECSTATION 5000, SPARC.
>
>Prove it. My Mips RS2030 RISCstation cruised through it, repeatedly, and
>kept running fine. Caught every bogus instruction...
Either you have upgraded from RISC/os 4.5 or you weren't trying hard enough.
Both our R2000 and R3000 based machines can be "crashed" by the execute random
data program. A panic is caused by an illegal floating-point instruction
in the delay slot of an illegal branch (instruction codes 0x07CB0D69,
0x46A7CC7D will do). The fp instruction traps and goes into a routine which
sees the branch and wants to know where it will go. The routine called to
calculate this realises the branch is illegal but does the wrong thing
and calls panic. Trivial to fix.
The original poster asserted that the program causes no problems on a SUN-3.
It does cause problems on our Sun-3/50 runing SunOS 4.1. It can produce a
cpu-bound process which can not be killed. The only way we've found to remove
it is reboot.
Various people have posted that machine X or operating system Y can't be
crashed. What they really mean is they tried a few random instructions
and they didn't cause problems. From our experience trying a bit harder
could produce a different result. Seems like implementors could usefully
use this program for crude testing.
Andrew Taylor
More information about the Comp.lang.c
mailing list