[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7237) Crash abandoning freed/unused operation

 On Sun, 8 Apr 2012 00:49:28 GMT, h.b.furuseth@usit.uio.no wrote:
> './run -b ldif test045-syncreplication-proxied' crashed
> in connection_abandon() with LDAP_MEMORY_DEBUG:
> It dereferenced o_hdr which is NULL in the uninitialized or
> freed op 'o'.  (op 'o' is full of 0xFF bytes, which I
> assume is the poiosin from liblber/memory.c.)

 Reproduced with bdb.  It's a freed op sitting in the
 c->c_ops list when entering connection_abandon().
 (Checked my modifying the "poison" in liblber and
 inspecting the list before the be_abandon loop.)
 Not reproduced under valgrind so far.