Recently, the news of large-scale CPU security breach broke out panicked.It is reported that there are serious security vulnerabilities in CPU and other CPUs in Intel, these vulnerabilities will cause kernel memory data leaks, data such as authentication and password leak through vulnerabilities Possible.
Among them, Intel was the most affected, Meltdown the most serious loopholes in the Intel CPU attack only successful; ARM and AMD, although also affected by Specter loopholes, but to a lesser extent, AMD almost immune.
The big bursts of this CPU burst have a far-reaching impact, and all the major OSs have been mobilized to launch the corresponding patches to fill the security holes. However, can the CPU bugs be repaired by software? What will the repair cost?
Now there is news that the performance of Intel CPU patch even after the decline of 5% to 30%. This performance loss is a must?
In fact, this is not the first time the CPU burst a bug, the industry is not the first time dealing with the Bug CPU This problem is how to deal with the CPU before the burst Buke? Let us review it.
Pentium FDIV Bug
This major CPU bug mainly affects the Intel CPU, so let's talk about the bug that broke out on the Intel CPU. The Pentium FDIV bug was discovered in 1994 and existed in earlier Pentium processors.
This bug affects the CPU's floating-point unit (FPU), which causes errors in some operations, such as calculating the result of a division, which, according to Intel, is a bug that ordinary users rarely see, Ordinary users even encounter every 27,000 years.
Nevertheless, the Pentium FDIV Bug is still an out-and-out flaw, and Intel did not initially attach importance to the Bug, only decided to replace some of the CPU has been proved for the affected users.
However, this has aroused user dissatisfaction, after all, related products are sold for a year, the impact of the scope is not small.Under the pressure of users and competitors (IBM and other companies also contributed to the fueled), Intel in December 1994 Announced the recall of the affected CPU, some of the flawed CPU has also been made official key ring.
Obviously, Pentium FDIV Bug can not be repaired by the software method, in order to solve the problem, Intel recalled the cost up to as high as 475 million US dollars, combined with the inflation rate, which is roughly equivalent to the current 788 million US dollars.
Pentium F00F bug
This is a CPU bug found in 1997 that affects P5 microarchitecture CPUs such as the Pentium MMX and Pentium OverDrive processors.
This bug can cause the computer to crash and the like, requiring a reboot to continue using the computer, which is also a far-reaching bug that many of today's hardware design flaws use the F00F name.
Intel has fixed the Pentium F00F bug by updating the processor's stepping and B2 stepping has solved the problem, but for previously erroneous CPUs, it can also be fixed by operating system updates, so this is a software- CPU bugs
Broadwell MCE Bug
This is a problem that appeared in Intel Broadwell that is the fifth generation of Core i series CPU.Many users found that Broadwell processor from time to time there will be a blue screen of death, the system error is MCE (Machine Check Exception, machine anomaly check). There is a SpeedStep energy-saving technology, turn off SpeedStep, the problem will not occur.
wrong
Of course, even if you can turn off SpeedStep to avoid bugs, users will not be able to avoid bugs, and some devices, such as laptops and tablets, will turn off their energy-saving technologies, causing more heat and energy consumption and even affecting their normal use.
Intel has fixed this issue with a microcode update, which updates the BIOS to fix Broadwell MCE bugs and is therefore a CPU bug that can be resolved with software updates.
Intel ME vulnerability
This was a CPU bug that was widely reported in the near future, and Intel built a low-power subsystem, the Management Engine, or ME, into the CPU in 2008. The ME helps professionals to manage computers remotely and is well received by business users.
However, the ME system broke the problem, it was originally designed for remote maintenance, but because of the existence of loopholes but hackers may be able to control the computer through the ME back door.
Intel's post-2008 CPU with a 'microsystem' ME, ME bursts into a hole that can lead to hacking
Intel ME loopholes caused widespread concern, after all, the high authority ME eye-catching, and the loopholes in existence for nearly a decade, the impact of deep, involving a wide range of natural self-evident.
Intel quickly announced the appropriate repair method, release the appropriate code, the user can update the motherboard BIOS, operating system and the corresponding software drivers to fix ME-related vulnerabilities. Software can be fixed to this CPU vulnerability, can be considered Unfortunately, unfortunately, big bar.
Meltdown and Specter vulnerabilities
This is the big buzz over the past few days. According to the news, there are big loopholes that can lead to data leakage in the modern CPU represented by Intel processors.
The two major types of vulnerabilities are named Meltdown and Specter, and the Meltdown vulnerability causes some code to override arbitrary access to arbitrary memory addresses and strike sensitive data, primarily affecting Intel CPUs. The Specter vulnerability mechanism, however, But the effect is similar, while affecting almost all processors, Intel, ARM and AMD are not spared.
However, it is harder to exploit Specter vulnerabilities than Meltdown vulnerabilities, and the risk of vulnerabilities is lower.
The recent Meltdown and Specter CPU bursts are very serious
How to fix the loopholes in this burst, in fact, the industry has a countermeasure.This loophole can not be microcode repair, the need for OS-level updates, but if you fix Meltdown loopholes, it will result in loss of performance, the Intel processor hit PTI patches, the performance will be 5% to 30% of the decline, some specific applications even 50% reduction in performance.
And AMD is not affected by Meltdown vulnerabilities, if it is to repair the specter loopholes, it will not cause any performance loss. ARM is mainly affected by Specter loopholes, a small part affected by Meltdown loopholes, Android has released a fix patch, but the performance impact also unknown.
AMD affected less, the table one, two is the use of Specter method, the third is to use Meltdown method
There is no doubt that Intel is the biggest victim of this vulnerability and has been affected by Meltdown and Specter vulnerabilities, even with the software to patch the vulnerability, the performance will be discounted to perfect repair these CPU Bug, or follow-up products to solve the problem It's
Phenom TLC Bug
Having said so many CPU bugs related to Intel, let's talk about AMD.
AMD's first generation of Phenom processor was given the task of meeting Intel Core processors, the first time using a three-level cache design, once the A meal have high hopes.
Unfortunately, however, the first debut of the B2 Phenom TLB bug exists. TLB is used to connect the memory and the CPU cache bridge, in the Phenom processor Bug, TLB will lead to the CPU to read the page table error , Crash, etc. After the Bug, AMD provides software solutions to solve the problem.
AMD through the system patches and BIOS method to avoid this hardware bug, but will result in performance degradation
AMD released a new BIOS that also provides a patch for the Win system, either way, with the effect of blocking some page tables and even the CPU cache, which of course avoids bugs but also causes performance degradation. It can be said that this software repair program is only an expedient measure, in fact, not perfect.
Since then, AMD introduced a B3 step Phenom processor, modified from the hardware, to completely solve the problem, step by step change the CPU from 9X00 renamed 9X50, we can see the repair is important.
Ryzen segfault Bug
This is a bug that exists in AMD Ryerson Ryzen processors AMD last year with the Ryzen processor blockbuster, finally able to return to the high-performance processor market.
However, there is a bug in the Ryzen processor at B1, which is a segfault error when compiled in parallel on a Linux system. One of the big selling points of the Ryzen CPU is its powerful multi-threading capability at a fraction of the cost- However, parallel compiler will make mistakes, or make a lot of users feel fell into the pit.
If you encounter a segfault problem, you can change after the sale of CPU
AMD to solve this problem is to sell, you can go RMA after-sales process, apply for a new repair of the problem has been Ryzen processor, the software update does not completely solve the problem.
to sum up
Mentioned above is the impact of a large number of CPU out of the incident, do not look at the normal use of the CPU will not be bad, in fact, CPU out of the Bug is a normal thing, the reason why manufacturers are CPU update step, to a large extent It is also to fix bugs. But most of the CPU bugs on the daily use of the impact is relatively minor, we have not aware of it.
CPU out of the Bug is very common, encountered a serious Bug, the key is to see how manufacturers solve .If you can use the software to fill the pit, then the best of course; encountered some software is also difficult to repair the pit, and finally need For sale as an ordinary consumer, keep the software updated at all times, and pay attention to manufacturers' announcements so that the negative impact of CPU bugs can be minimized.
