Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!ukc!axion!tsa!domo From: domo@tsa.co.uk (Dominic Dunlop) Newsgroups: comp.lang.c Subject: Re: Crash a RISC machine from user-mode code: Summary: CISC 68020 doesn't crash and burn, but smokes quite badly Message-ID: <1990Aug10.101110.13698@tsa.co.uk> Date: 10 Aug 90 10:11:10 GMT References: <1826@mountn.dec.com> Reply-To: domo@tsa.co.uk (Dominic Dunlop) Organization: The Standard Answer Ltd. Lines: 67 In article <1826@mountn.dec.com> akhiani@ricks.enet.dec.com (Homayoon Akhiani) writes: > This is what I got through EMAIL:(Very intresting) > > From: DECWRL::"zaphod.mps.ohio-state.edu!usc!samsung!mitech!gjc@tut.cis.ohio-state.edu" "MAIL-11 Daemon" 31-JUL-1990 00:03:39.91 > To: info-vax@kl.sri.com > Subj: how to crash a RISC machine from user-mode code: !!! > > I am posting [crashme.c] to info-vax because lots of people on this list > would have SUN-4's or other RISC machines to try it on, and we VAX > users could use a good chuckle from time to time. > ... > On the few SUN-4's I've tried: this allows a user-mode program to > crash the system.... [Other respondents have reported the shooting down of other RISCs, and (somewhat) less catastrophic results on a few CISCs.] Well. On my ``A/UX tsa 1.1 SVR2 mc68020'' (Mac IIx running A/UX 1.1) crashme does not actually crash the system. (I used the standard C compiler, which has an AT&T/Unisoft/Apple pedigree (if that's the right word).) However... $ crashme 4096 0 64 crashem 4096 0 64 Badboy at 4199624. 0x4014C8 0 Got signal 4 illegal instruction Barfed 1 Got signal 4 illegal instruction Barfed 2 Got signal 11 segmentation violation Barfed 3 Got signal 11 segmentation violation Barfed 4 Got signal 11 segmentation violation Barfed 5 Got signal 4 illegal instruction Barfed 6 Got signal 4 illegal instruction Barfed 7 Got signal 11 segmentation violation Barfed 8 Got signal 4 illegal instruction Barfed ... A short time after this, the program gets stuck in a silent loop. Some time later, my system sprouts a rash of "Warning: swap space is low"s, the disk threatens to shake itself to bits, other processes start aborting, and response becomes snail-like. But crashme eventually responds if sent a quit signal, and, after more feverish disk activity, the system recovers. I don't know precisely what's going on, but presume it's something a purpose-built malevolent user-mode program could do on any system (whether CISC or RISC) without user time and memory space quotas... -- Dominic Dunlop