Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Occasionally cupsd tries to double free a remote printer (introduced by polling from another CUPS server).
It might be system dependent (occurred on
CUPS.org User: h.blischke
I suspect the following:
The server which died has a class abl_fu_A3 defined and got a printer with the same name by bwowsing from another CUPS server.
For a backtrace I need a time slot with no production load, which will be available on tuesday to wednesday night, if still required.
CUPS.org User: dwb
This sounds like the problem we hit: if a server deletes a printer and recreates it as a class, all other servers doing browse-poll to that server crash.
Problem appears to be in process_browse_data in dirsvc.c. If an entry comes in with the class bit set, it checks to see if there is already a class of that name but doesn't check if there is a printer of that name. So it creates another entry with same name which ends up pointing to the same mime type entry as the first printer. Then when the first (printer) entry times out and is deleted the mime type entry is deleted out from under the second entry.
I fixed it in cups 1.3.4 with the following patch:
--- cups-1.3.4/scheduler/dirsvc.c 2007-10-01 19:11:47.000000000 -0400
(I was about to enter an STR for this but you beat me to it...)
--- scheduler/dirsvc.c (revision 7191)