Eric any update on this bug?

Using Eric's program from the original bug (see comment 6) I was able to narrow
it down to just one file /dev/watchdog triggering the crash (and also a link in
/dev/char/10:130). 

Steps to reproduce:
1. Compile Eric's program from the original bug (comment #6) or use filecap
tool from libcap-ng-utils package.
2. Run it on /dev/watchdog:
  # ./bz591831 /dev/watchdog
  # filecap /dev/watchdog
3. Wait 20-30 seconds for the crash to occur 

Additional info:
Always reprducible on my system.
$ uname -a
Linux ****** 2.6.32-28.el6.x86_64 #1 SMP Thu May 20 14:03:38 EDT 2010 x86_64
x86_64 x86_64 GNU/Linux

This is expected behavior!  /dev/watchdog is backed by a hardware timer (if your system has it) which starts when the file is opened and panics if there is no write to the watchdog file in a short period of time.  The idea is that you an write a program in userspace that write to /dev/watchdog every second or two and the system will panic if userspace becomes unresponsive.

We might be able to report this against libcap-ng-utils and ask that its operation be changed from

open()
fgetxattr()
close()

to just use getxattr() without the open/close.

There is certainly no kernel bug here.  If you open /dev/watchdog and don't do anything else the system is supposed to panic.

I'm going to go ahead and reassign to libcap-ng-utils.   steve can decide if he wants to make changes or just say '"don't do that"   or what.....

Found an easy fix for this problem. We can just use the stat mode that is handed to the file checker to make sure we are dealing with a regular file.

Built libcap-ng-0.6.4-3.el6 to resolve this problem.

Red Hat Enterprise Linux 6.0 is now available and should resolve
the problem described in this bug report. This report is therefore being closed
with a resolution of CURRENTRELEASE. You may reopen this bug report if the
solution does not work for you.