netbsd-bugs: kern/31309: panic when freeing 0-ptr in lptclose

Subject: kern/31309: panic when freeing 0-ptr in lptclose
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Frank Kardel <kardel@pip.acrys.com>
List: netbsd-bugs
Date: 09/13/2005 20:27:03

>Number:         31309
>Category:       kern
>Synopsis:       panic when freeing 0-ptr in lptclose
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Sep 13 20:27:00 +0000 2005
>Originator:     Frank Kardel
>Release:        NetBSD 3.99.8
>Organization:
	
>Environment:
	
	
System: NetBSD pip.kardel.name 3.99.8 NetBSD 3.99.8 (PIP.MP) #1: Sun Sep 11 12:41:34 MEST 2005 kardel@pip.kardel.name:/fs/IC35L180AVV207-1-n/IC35L120AVV207-0-e/src/NetBSD/netbsd/sys/arch/i386/compile/obj.i386/PIP.MP i386
Architecture: i386
Machine: i386
>Description:
	in -current 20050910 and somewhat before cupsd triggers a panic when closing
	lpt0. Additional diagnostic code shows that open does not produce
	a 0-ptr, but lptclose() will sometimes attempt to free a 0-ptr (close on
	uninitialized structure?).
>How-To-Repeat:
	Configure an lpt based printer in cups. Boot and sometimes the panic
	occurs. This happens on a fast machines (Athlon XP 2800+ and Athlon 64 X2 4400+).
>Fix:
	Workaround - don't call free when a 0-ptr would be freed.

>Unformatted: