Английская Википедия:Halt and Catch Fire (computing)

Материал из Онлайн справочника
Перейти к навигацииПерейти к поиску

Шаблон:Short description Шаблон:Other uses Шаблон:Use dmy dates Шаблон:Use list-defined references

In computer engineering, Halt and Catch Fire, known by the assembly language mnemonic HCF, is an idiom referring to a computer machine code instruction that causes the computer's central processing unit (CPU) to cease meaningful operation, typically requiring a restart of the computer. It originally referred to a fictitious instruction in IBM System/360 computers (introduced in 1964), making a joke about its numerous non-obvious instruction mnemonics.

With the advent of the MC6800 (introduced in 1974), a design flaw was discovered by programmers. Due to incomplete opcode decoding, two illegal opcodes, 0x9D and 0xDD, will cause the program counter on the processor to increment endlessly, which locks the processor until reset. Those codes have been unofficially named HCF. During the design process of the MC6802, engineers originally planned to remove this instruction, but kept it as-is for testing purposes. As a result, HCF was officially recognized as a real instruction.[1][2] Later, HCF became a humorous catch-all term for instructions that may freeze a processor, including intentional instructions for testing purposes, and unintentional illegal instructions. Some are considered hardware defects, and if the system is shared, a malicious user can execute it to launch a denial-of-service attack.

In the case of real instructions, the implication of this expression is that, whereas in most cases in which a CPU executes an unintended instruction (a bug in the code) the computer may still be able to recover, in the case of an HCF instruction there is, by definition, no way for the system to recover without a restart.

The expression catch fire is a facetious exaggeration of the speed with which the CPU chip would be switching some bus circuits, causing them to overheat and burn.[3]

Origins

The Z1 (1938) and Z3 (1941) computers built by Konrad Zuse contained illegal sequences of instructions which damaged the hardware if executed by accident.[4]

Apocryphal stories connect this term with an illegal opcode in IBM System/360. A processor, upon encountering the instruction, would start switching bus lines very fast, potentially leading to overheating.[5][6]

In a computer's assembly language, mnemonics are used that are directly equivalent to machine code instructions. The mnemonics are frequently three letters long, such as ADD, CMP (to compare two numbers), and JMP (jump to a different location in the program). The HCF instruction was originally a fictitious assembly language instruction, said to be under development at IBM for use in their System/360 computers, along with many other amusing three-letter acronyms like XPR (Execute Programmer) and CAI (Corrupt Accounting Information), and similar to other joke mnemonics such as "SDI" for "Self Destruct Immediately"[7] and "CRN" for "Convert to Roman Numerals".[8] A list of such mnemonics, including HCF, shows up as "Overextended Mnemonics" in the April 1980 Creative Computing flip-side parody issue.[9]

In modern CPUs

CPU designers sometimes incorporate one or more undocumented machine code instructions for testing purposes, such as the IBM System/360 DIAGnose instruction.[10]

Motorola 6800

The Motorola 6800 microprocessor was the first for which an undocumented assembly mnemonic HCF became widely known. The operation codes (opcodes—the portions of the machine language instructions that specify an operation to be performed) hexadecimal 9D and DD were reported and given the unofficial mnemonic HCF in a December 1977 article by Gerry Wheeler in BYTE magazine on undocumented opcodes.[11] Wheeler noted that Motorola reported 197 valid operation codes for the M6800 processor, and so inferred that with 256 possible 8 bit combinations, there must be 59 invalid instructions. He described the HCF as a "big surprise", and said of the Catch Fire portion of the moniker, "Well, almost":

Шаблон:Quotation

Another author wrote in 2002:

Шаблон:Quote

The 6800's behavior when encountering HCF was known to Motorola by 1976. When the 6800 encounters the HCF instruction, the processor never finds the end of it, endlessly incrementing its program counter until the CPU is reset.[12] Hence, the address bus effectively becomes a counter, allowing the operation of all address lines to be quickly verified. Once the processor entered this mode, it is not responsive to interrupts, so normal operation can only be restored by a reset (hence the "Drop Dead" and "Halt and Catch Fire" monikers). These references are thus to the unresponsive behavior of the CPU in this state, and not to any form of erratic behavior.Шаблон:Citation needed. Motorola kept the HCF behavior in the 6802 variant of the processor (which released in 1977) as an intentional self-test for the 6802's 128 bytes of onboard RAM.

Other HCF-like instructions were found later on the Motorola 6800 when executing undocumented opcodes FD (cycling twice slower than 9D/DD) or CD/ED (cycling at a human-readable very low frequency on a limited number of high-address lines).[13]

HCF is believed to be the first built-in self-test feature on a Motorola microprocessor.[2]

Intel x86

Шаблон:See also

The Intel 8086 and subsequent processors in the x86 series have an HLT (halt) instruction, opcode F4, which stops instruction execution and placed the processor in a HALT state. An enabled interrupt, a debug exception, the BINIT signal, the INIT signal, or the RESET signal resumes execution, which means the processor can always be restarted.[14] Some of the early Intel DX4 chips have a problem with the HLT instruction and cannot be restarted after this instruction is used, which disables the computer and turns HLT into more of an HCF instruction. The Linux kernel has a "no-hlt" option telling Linux to run an infinite loop instead of using HLT, which allows users of these broken chips to use Linux.[15]

The 80286 has the undocumented opcode 0F 04, causing the CPU to hang when executed. The only way out is a CPU reset.Шаблон:Citation needed[16] In some implementations, the opcode is emulated through BIOS as a halting sequence.[17]

Many computers in the Intel Pentium line can be locked up by executing an invalid instruction (F00F C7C8), which causes the computer to lock up. This became known as the Pentium F00F bug. No compiler creates the instruction, but a malicious programmer can insert it into code to render an afflicted computer inoperable until the machine is power-cycled. Since its discovery, workarounds have been developed to prevent it from locking the computer, and the bug has been eliminated in subsequent Intel processors.[18][19]

During Black Hat USA 2017, Christopher Domas showed that he found a new "Halt and Catch Fire" instruction[20][21] on an undisclosed x86 processor model using his own x86 processor fuzzer called sandsifter.[22]

Other CPUs

The NMOS MOS Technology 6502 has 12 invalid instructions which will freeze the CPU.[23][24]  The WDC version of the CMOS 65C02, as well as the 65C816, has the STP (stop, opcode $DB) instruction.  When executed, STP will stop the processor’s internal clock, causing all processing to cease—also, the processor will be unresponsive to all inputs except RESB (reset).  The only way to clear the effects of an STP instruction is to toggle RESB.

On the Zilog Z80, executing DI (disable interrupts) followed by HALT (wait for an interrupt) results in the CPU staying frozen indefinitely, waiting for an interrupt that cannot happen. However, the non-maskable interrupt signal can be used to break out of this state, making this pair not a true HCF.[25][26] The /NMI signal is on Pin 17 of the original 40 pin DIP package.[27][28] The pair will only result in a HCF condition if either the /NMI pin is connected directly to the +5V rail, making the generation of that signal impossible, or if the interrupt routine that services /NMI ends with a return, placing it back in the HALT state.

The SM83 processorШаблон:Efn[29] core in the Game Boy's LR35902 system on chip has a similar issue, triggered by two consecutive HALTs with interrupts disabled.Шаблон:Efn[30] The core itself contains 11 opcodes that fully lock the CPU when executed.[31]

The Hitachi SC61860, mainly used in Sharp pocket computers in the 1980s and 1990s, has an undocumented HCF instruction with the opcode 7B.[32]

See also

Notes

Шаблон:Notelist

References

Шаблон:Reflist

Шаблон:Error messages

  1. Ошибка цитирования Неверный тег <ref>; для сносок Bryan_2021 не указан текст
  2. 2,0 2,1 Ошибка цитирования Неверный тег <ref>; для сносок Daniels_1985 не указан текст
  3. Ошибка цитирования Неверный тег <ref>; для сносок Jargon_2012 не указан текст
  4. Ошибка цитирования Неверный тег <ref>; для сносок Rojas_1997 не указан текст
  5. Ошибка цитирования Неверный тег <ref>; для сносок Clements_2006 не указан текст
  6. Ошибка цитирования Неверный тег <ref>; для сносок Kohler_2005 не указан текст
  7. Ошибка цитирования Неверный тег <ref>; для сносок Dunlap_2016 не указан текст
  8. Ошибка цитирования Неверный тег <ref>; для сносок Cirsovius_2015 не указан текст
  9. Ошибка цитирования Неверный тег <ref>; для сносок CC_1980 не указан текст
  10. Ошибка цитирования Неверный тег <ref>; для сносок IBM360_2012 не указан текст
  11. Ошибка цитирования Неверный тег <ref>; для сносок Wheeler_1977 не указан текст
  12. Шаблон:Cite journal
  13. Ошибка цитирования Неверный тег <ref>; для сносок Demeulemeester_2019 не указан текст
  14. Ошибка цитирования Неверный тег <ref>; для сносок Jeschke_2014 не указан текст
  15. Ошибка цитирования Неверный тег <ref>; для сносок Gortmaker_2003 не указан текст
  16. Ошибка цитирования Неверный тег <ref>; для сносок Sandpile_2004 не указан текст
  17. Ошибка цитирования Неверный тег <ref>; для сносок Sandpile_2003 не указан текст
  18. Ошибка цитирования Неверный тег <ref>; для сносок Collins_1998 не указан текст
  19. Ошибка цитирования Неверный тег <ref>; для сносок Intel_1999 не указан текст
  20. Ошибка цитирования Неверный тег <ref>; для сносок Domas_2017_1 не указан текст
  21. Ошибка цитирования Неверный тег <ref>; для сносок Domas_2017_2 не указан текст
  22. Ошибка цитирования Неверный тег <ref>; для сносок Domas_2017_3 не указан текст
  23. Ошибка цитирования Неверный тег <ref>; для сносок Steil_2016 не указан текст
  24. Ошибка цитирования Неверный тег <ref>; для сносок Offenga_2016 не указан текст
  25. Ошибка цитирования Неверный тег <ref>; для сносок SMS_2016 не указан текст
  26. Ошибка цитирования Неверный тег <ref>; для сносок Flammenkamp_2016 не указан текст
  27. Ошибка цитирования Неверный тег <ref>; для сносок Z80_2016 не указан текст
  28. Ошибка цитирования Неверный тег <ref>; для сносок Vis_2016 не указан текст
  29. Ошибка цитирования Неверный тег <ref>; для сносок Gameboy_SM83 не указан текст
  30. Ошибка цитирования Неверный тег <ref>; для сносок Gameboy_2018 не указан текст
  31. Ошибка цитирования Неверный тег <ref>; для сносок Gameboy_2021 не указан текст
  32. Ошибка цитирования Неверный тег <ref>; для сносок ESR_2022 не указан текст