Hello I can reliabily crash latest netbsd-5 kernel with an unprivilegied ktrace -p on an unexisting process:
$ ktrace -p 666 panic: kernel diagnostic assertion "fp->f_count == 0" failed: file "/usr/src-5/sys/kern/kern_descrip.c", line 1115 fatal breakpoint trap in supervisor mode trap type 1 code 0 eip c03a821c cs 9 eflags 246 cr2 bbb52b80 ilevel 0 Stopped in pid 547.1 (ktrace) at netbsd:breakpoint+0x4: popl %ebp db> bt breakpoint(c045b6cb,cb802c28,c0470cc0,c02d07f2,cb7a0460,cb465ecc,cb802c0 c,c02da20f,cb465f38,3) at netbsd:breakpoint+0x4 panic(c0465598,c0429e91,c0449ee2,c044a0f4,45b,3,cb802c5c,c02d00df,c0429e 91,c044a0f4) at netbsd:panic+0x1a6 __kernassert(c0429e91,c044a0f4,45b,c0449ee2,cb7b3500,3,cb802cdc,c02dbfdb ,cb553184,cb553184) at netbsd:__kernassert+0x39 ffree(cb553184,cb553184,3,cb7a0460,cb7a0460,cb7a03a0,cb7e7c40,80495a2,0, 0) at netbsd:ffree+0x6f sys_ktrace(cb7b3500,cb802d00,cb802d28,bbb52b80,bbb52000,cb7b5d44,1,80495 a2,1000000,13be) at netbsd:sys_ktrace+0x12b syscall(cb802d48,1f,1f,1f,1f,8049564,80495a3,bfbfec18,1000000,1) at netbsd:syscall+0xc7 This is annoying since it can be very easily tirggered by mistake: an unrpivilegied user doing a typo can bring down the system. Known problem? PR already filled? If not, is it reproductible on other systems than mine? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz m...@netbsd.org
