From sep42@nerdinthebox.com  Thu Nov 13 09:54:36 2003
Return-Path: <sep42@nerdinthebox.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8D38B16A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 13 Nov 2003 09:54:36 -0800 (PST)
Received: from ntest.nerdinthebox.com (d66-183-61-66.bchsia.telus.net [66.183.61.66])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 698B243F3F
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 13 Nov 2003 09:54:33 -0800 (PST)
	(envelope-from sep42@nerdinthebox.com)
Received: from ntest.nerdinthebox.com (localhost [127.0.0.1])
	by ntest.nerdinthebox.com (8.12.10/8.12.8) with ESMTP id hAD9afCL001284
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 13 Nov 2003 01:36:41 -0800 (PST)
	(envelope-from sep42@nerdinthebox.com)
Received: (from root@localhost)
	by ntest.nerdinthebox.com (8.12.10/8.12.8/Submit) id hAD9afjc001283;
	Thu, 13 Nov 2003 01:36:41 -0800 (PST)
	(envelope-from sep42)
Message-Id: <200311130936.hAD9afjc001283@ntest.nerdinthebox.com>
Date: Thu, 13 Nov 2003 01:36:41 -0800 (PST)
From: Charlie & <root@nerdinthebox.com>
Reply-To: Charlie & <root@nerdinthebox.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: modified fire_saver can halt kernel
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         59257
>Category:       bin
>Synopsis:       modified fire_saver can halt kernel
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Nov 13 10:00:36 PST 2003
>Closed-Date:    Thu Nov 13 11:30:20 PST 2003
>Last-Modified:  Thu Nov 13 11:30:20 PST 2003
>Originator:     Charlie &
>Release:        FreeBSD 4.9-STABLE i386
>Organization:
>Environment:
>Description:
	While fooling around with fire_saver.c I've found that changing the Y_SIZE during the iteration in the /* fade the flames out */ you can effectively crash the system
This is quite undesireable, since a total system halt, without a single warning is not so good. It's not good to crash OS with software.

>How-To-Repeat:
	Change the following lines
        /* fade the flames out
        for (y = 0; y < Y_SIZE; y++) {
to
        /* fade the flames out
        for (y = 0; y < Y_SIZE+10; y++) {

kldunload fire_saver; kldload fire_saver

>Fix:
	Don't increase Y_SIZE.


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: kris 
State-Changed-When: Thu Nov 13 11:29:21 PST 2003 
State-Changed-Why:  
It's easily possible to crash the kernel if you load code that contains a bug. 
Presumably your change was not a good thing to do (without e.g. other changes), 
so don't do it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=59257 
>Unformatted:
 >System: FreeBSD ntest.nnnnn.com 4.9-STABLE FreeBSD 4.9-STABLE #0: Wed Nov 12 19:00:06 PST 2003 root@ntest.nnnnnn.com:/usr/obj/usr/src/sys/NTEST i386
 
 	<machine, os, target, libraries (multiple lines)>
