Date: Sat, 03 Mar 2001 16:10:20 -0700 From: Wes Peters <wes@softweyr.com> To: James Howard <howardjp@well.com> Cc: Alfred Perlstein <bright@wintelcom.net>, Dan Phoenix <dphoenix@bravenet.com>, freebsd-hackers@FreeBSD.ORG Subject: Re: easy way to crash freebsd Message-ID: <3AA179DC.131B8112@softweyr.com> References: <Pine.GSO.4.21.0103031304470.11768-100000@z.glue.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
James Howard wrote:
>
> On Sat, 3 Mar 2001, Wes Peters wrote:
>
> > You don't even have to overwrite it some times. Accessing word-size-only
> > registers in memory a byte at a time can cause a bus error and panic...
>
> I have never worked with FreeBSD at this low a level. How does one do
> this and why? :)
Some memory locations are memory-mapped I/O registers, rather than "just
RAM", and have to be read at the correct width for the register. Reading
a 32-bit register with an 8-bit read can cause a bus error; since you're
poking around in kernel memory (/dev/*k*mem) a panic ensues.
This was a sure-fire way to crash RISC Ultrix, and I think SunOS M68K too.
I don't know that this will work on x86, with it's separate I/O address
space, and it doesn't work on SPARC because you can't get to the right
Address Space Identifier (ASI) for anything other than RAM (and maybe
some ROM).
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3AA179DC.131B8112>