From bandy@raid.com  Tue Mar 10 08:39:49 1998
Received: from bj.raid.com (bj.raid.com [208.206.97.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA23230
          for <FreeBSD-gnats-submit@freebsd.org>; Tue, 10 Mar 1998 08:39:42 -0800 (PST)
          (envelope-from bandy@raid.com)
Received: from ralph.raid.com (ralph.raid.com [208.206.97.53])
	by bj.raid.com (8.8.6/8.8.6) with ESMTP id KAA22663
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 10 Mar 1998 10:39:28 -0600 (CST)
Received: (from bandy@localhost)
	by ralph.raid.com (8.8.8/8.8.6) id KAA00381;
	Tue, 10 Mar 1998 10:39:28 -0600 (CST)
Message-Id: <199803101639.KAA00381@ralph.raid.com>
Date: Tue, 10 Mar 1998 10:39:28 -0600 (CST)
From: Tim Bandy <bandy@raid.com>
Reply-To: bandy@raid.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: non-root user can reboot/lock up system
X-Send-Pr-Version: 3.2

>Number:         5969
>Category:       kern
>Synopsis:       non-root user can reboot/lock up system
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 10 08:50:04 PST 1998
>Closed-Date:    Mon Jun 26 05:16:51 PDT 2000
>Last-Modified:  Mon Jun 26 05:19:13 PDT 2000
>Originator:     Tim Bandy
>Release:        FreeBSD 3.0-CURRENT i386
>Organization:
>Environment:
pentium 166MHz 64M

>Description:
I was looking at some code from the ioccc (International Obfuscated C
Code Contest) and locked up my machine.  The code that did it is included
below.  It does not always lock up in the same manner.  It sometimes will
take about 15 seconds or more to lock up, sometimes as quickly as 1.
I've had better luck locking up the system about 30 seconds or so after
it boots, with both X and Xemacs running.
I copied some information off of the console after one such lockup.
  Fatal trap 12
  fault virtual address 0x38

However, at other times, it does not lock up in the same manner and only
tells me "page fault, syncing disks..."

>How-To-Repeat:

Here's the nasty beast.

int i;main(){for(;i["]<i;++i){--i;}"];read('-'-'-',i+++"hell\
o, world!\n",'/'/'/'));}read(j,i,p){write(j/p+p,i---j,i/i);}

>Fix:
	
	

>Release-Note:
>Audit-Trail:

From: Max Euston <meuston@jmrodgers.com>
To: "'bandy@raid.com'" <bandy@raid.com>,
        "FreeBSD-gnats-submit@freebsd.org"
	 <FreeBSD-gnats-submit@freebsd.org>
Cc:  Subject: RE: kern/5969: non-root user can reboot/lock up system
Date: Tue, 10 Mar 1998 14:59:59 -0500

 Tim,
 	This works "correctly" on -STABLE.  What options are you giving 'cc'?  Can you send me the output ('.s' file) from a 'cc -S'?
 
 Max
 
 -----
 Max Euston <meuston@jmrodgers.com>
 Sysadm, Programmer, etc...
 
 
 On Tuesday, March 10, 1998 11:39 AM, Tim Bandy [SMTP:bandy@raid.com] wrote:
 > 
 > >Number:         5969
 > >Category:       kern
 > >Synopsis:       non-root user can reboot/lock up system
 > >Confidential:   no
 > >Severity:       serious
 > >Priority:       medium
 > >Responsible:    freebsd-bugs
 > >State:          open
 > >Quarter:
 > >Keywords:
 > >Date-Required:
 > >Class:          sw-bug
 > >Submitter-Id:   current-users
 > >Arrival-Date:   Tue Mar 10 08:50:04 PST 1998
 > >Last-Modified:
 > >Originator:     Tim Bandy
 > >Organization:
 > >Release:        FreeBSD 3.0-CURRENT i386
 > >Environment:
 > pentium 166MHz 64M
 > 
 > >Description:
 > I was looking at some code from the ioccc (International Obfuscated C
 > Code Contest) and locked up my machine.  The code that did it is included
 > below.  It does not always lock up in the same manner.  It sometimes will
 > take about 15 seconds or more to lock up, sometimes as quickly as 1.
 > I've had better luck locking up the system about 30 seconds or so after
 > it boots, with both X and Xemacs running.
 > I copied some information off of the console after one such lockup.
 >   Fatal trap 12
 >   fault virtual address 0x38
 > 
 > However, at other times, it does not lock up in the same manner and only
 > tells me "page fault, syncing disks..."
 > 
 > >How-To-Repeat:
 > 
 > Here's the nasty beast.
 > 
 > int i;main(){for(;i["]<i;++i){--i;}"];read('-'-'-',i+++"hell\
 > o, world!\n",'/'/'/'));}read(j,i,p){write(j/p+p,i---j,i/i);}
 > 
 > >Fix:
 > 	
 > 	
 > 
 > >Audit-Trail:
 > >Unformatted:
 > 
 > To Unsubscribe: send mail to majordomo@FreeBSD.org
 > with "unsubscribe freebsd-bugs" in the body of the message
 > 
State-Changed-From-To: open->feedback 
State-Changed-By: nbm 
State-Changed-When: Mon Jun 26 05:13:28 PDT 2000 
State-Changed-Why:  


http://www.freebsd.org/cgi/query-pr.cgi?pr=5969 
State-Changed-From-To: feedback->closed 
State-Changed-By: nbm 
State-Changed-When: Mon Jun 26 05:16:51 PDT 2000 
State-Changed-Why:  
I, and at least one other contributor, are unable to reproduce this, on 
multiple versions. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=5969 
>Unformatted:
