|
The Pentium F00F bug, shorthand for F0 0F C7 C8, the hexadecimal encoding of one offending instruction, more formally, the ''invalid operand with locked CMPXCHG8B instruction bug'', is a design flaw in the majority of Intel Pentium, Pentium MMX, and Pentium OverDrive processors (all in the P5 microarchitecture).〔〕 〔The opening to this specification update reads:〕 ==Description== In the x86 architecture, the byte sequence F0 0F C7 C8 represents the instruction lock cmpxchg8b eax (locked compare and exchange of 8 bytes in register eax), though the operand could be a register other than ''eax''. The F0 0F C7 C8 instruction does not require any special privileges.This instruction encoding is invalid. The ''cmpxchg8b'' instruction compares the value in the ''edx'' and ''eax'' registers with an 8-byte value in a memory location. In this case, however, a register is used as the destination operand, which is not allowed. Under normal circumstances, this instruction would simply result in an exception; however, when used with the ''lock'' prefix (normally used to prevent two processors from interfering with the same memory location), the CPU erroneously uses locked bus cycles to read "exception handler descriptor." Locked reads without locked writes are not allowed bus operations; hence, after performing these bus cycles, all CPU activity stops, and the CPU must be reset to recover. Due to the proliferation of Intel microprocessors, the existence of this open privilege instruction was considered a serious issue at the time. Operating system vendors responded by implementing workarounds that detected the condition and prevented the crash. Information about the bug first appeared on the Internet on or around 8 November 1997. 〔The opening entry of the thread, by Hovers, reads: Thread initiator O. Hovers was, at that time, a student of physics at the Eindhoven University of Technology.〕 Since the F00F bug has become common knowledge, the term is sometimes used to describe similar hardware design flaws such as the Cyrix coma bug. No permanent hardware damage results from executing the F00F instruction on a vulnerable system. Depending on the file system, operating system, and other circumstances, it is possible for data loss to occur if the disk buffers have not been flushed, if drives were interrupted during a write operation, or if some other non-atomic operation was interrupted. The myB2 stepping solved this issue for Intel's Pentium processors.〔 No Intel processors since the introduction of the Pentium Pro have been affected by the bug. Although technically not an example of either, the F00F instruction is often considered a killer poke, or a Halt and Catch Fire (HCF) instruction. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Pentium F00F bug」の詳細全文を読む スポンサード リンク
|