ktrace -p nonexistent process causes a panic

[manu%netbsd.org@localhost (Emmanuel Dreyfus)]

Hello

I can reliabily crash latest netbsd-5 kernel with an unprivilegied
ktrace -p on an unexisting process:

$ ktrace -p 666
panic: kernel diagnostic assertion "fp->f_count == 0" failed: file
"/usr/src-5/sys/kern/kern_descrip.c", line 1115
fatal breakpoint trap in supervisor mode
trap type 1 code 0 eip c03a821c cs 9 eflags 246 cr2 bbb52b80 ilevel 0
Stopped in pid 547.1 (ktrace) at        netbsd:breakpoint+0x4:  popl
%ebp
db> bt
breakpoint(c045b6cb,cb802c28,c0470cc0,c02d07f2,cb7a0460,cb465ecc,cb802c0
c,c02da20f,cb465f38,3) at netbsd:breakpoint+0x4
panic(c0465598,c0429e91,c0449ee2,c044a0f4,45b,3,cb802c5c,c02d00df,c0429e
91,c044a0f4) at netbsd:panic+0x1a6
__kernassert(c0429e91,c044a0f4,45b,c0449ee2,cb7b3500,3,cb802cdc,c02dbfdb
,cb553184,cb553184) at netbsd:__kernassert+0x39
ffree(cb553184,cb553184,3,cb7a0460,cb7a0460,cb7a03a0,cb7e7c40,80495a2,0,
0) at netbsd:ffree+0x6f
sys_ktrace(cb7b3500,cb802d00,cb802d28,bbb52b80,bbb52000,cb7b5d44,1,80495
a2,1000000,13be) at netbsd:sys_ktrace+0x12b
syscall(cb802d48,1f,1f,1f,1f,8049564,80495a3,bfbfec18,1000000,1) at
netbsd:syscall+0xc7

This is annoying since it can be very easily tirggered by mistake: an
unrpivilegied user doing a typo can bring down the system.

Known problem? PR already filled? If not, is it reproductible on other
systems than mine?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu%netbsd.org@localhost