H. Hartzer wrote: > bsd# dd if=/dev/null of=1 bs=1m seek=8000000; (ulimit -t 1; cmp 1 1) > 0+0 records in > 0+0 records out > 0 bytes transferred in 0.000 secs (0 bytes/sec) > Killed > bsd# > > It took a while to get to Killed. > > There's no message in dmesg. > > Does it definitely crash for you, or just unresponsive?
Hi Henrich, The way I trigger it is different. With the sparse file created and in the current directory, I execute a grep - the bug seems to be triggered after initiating a ^C to the grep. CPU will climb to max, any open SSH sessions time out and the console is unresponsive to any input. I suppose I didn't wait long enough but the one time I was able to trigger ddb it noted a kernel: double fault trap so I assume the system is halted at that point. It required a poweroff of the VM to recover. Either way, a non-root user should not be able to do this! I forgot to mention: I was testing this on amd64 VMware ESXi. I'm curious what would happen on other architectures like SPARC. Regards Lloyd
