Comment 11 for bug 1557248

Due to the nature of this bug (referencing previously freed memory leading to an undefined behavior), a reliable testing procedure is difficult to create. This bug was originally found by looking for a cause of syncrepl failures. The reproducibility of these failures was about 50%, enough to make syncrepl unusable, but syncrepl would persistently fail or persistently work correctly, sometimes for long stretches of testing iterations. While trying to set a test environment using virtual machines, I was unable to reproduce the syncrepl failures at all.

Because of that, in my original bug report to OpenLDAP project, I did not describe steps to reproduce the problem, but instead provided a debugging patch that reliably demonstrated the use-after-free issue. This patch replaced the offending free with an assignment of a special value to the variable that was to be freed. The value of that variable was then examined in places where it was accessed. However, while this approach demonstrates the bug well, it requires a rebuild of the code, and cannot be used to test the fixed package.

I would like to add that I went the "debug-it-yourself" route precisely because the symptoms were too unpredictable and too "mysterious" to hope for the usual bug report to succeed (by "usual bug report" I mean complaining about symptoms, listing steps to reproduce, etc).

To sum up, I can list steps I took during my testing, but these will be of limited use when reproducibility is concerned. I can also provide the debug patch with explanations. Please advise on what would be the best course of action.