URL: https://github.com/SSSD/sssd/pull/5299 Title: #5299: dp: fix potential race condition in provider's sbus server
alexey-tikhonov commented: """
We can hit a segfault if provider start is somehow delayed.
* dp_init_send * sbus_server_create_and_connect_send * sbus_server_create (*) * dp_init_done (callback for sbus_server_create_and_connect_send) * sbus_server_create_and_connect_recv * sbus_server_set_on_connection (sets clients data and creates dp_cli)
At (*) sbus server is already created and accepts new connections once we get into tevent loop. So it is possible that the client connects to server before sbus_server_set_on_connection is called and thus the client is not properly initialized. However it should not happen in normal start because providers are started before responders and it can happen only if data provider startup is somehow delay.
You can use this diff to reproduce the crash:
--- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -702,6 +702,8 @@ int main(int argc, const char *argv[]) uid_t uid; gid_t gid; + sleep(5); + struct poptOption long_options[] = { POPT_AUTOHELP SSSD_MAIN_OPTS
Does it really help to reproduce the crash?
At this point `sbus_server_create()` wasn't executed yet (nothing was executed yet actually)
Funny thing is, crash indeed happen in my testing... but only couple of times per tens of attempts. """
See the full comment at https://github.com/SSSD/sssd/pull/5299#issuecomment-692810749