From 64e65d35b309faaff1c07f4c95cc7a818930cd29 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 8 Apr 2022 15:27:50 +0200 Subject: [PATCH] connectivity: don't clear "concheck.resolve_cancellable" early in systemd_resolved_resolve_cb() This can lead to a crash. The code might continue to call system_resolver_resolve(), then it has no more cancellable. That means, if the task gets cancelled, then the callback will still return and result in a crash. There is no need to cancel or clear the cancellable during normal operation. It will be cleaned up at the end. This leads to an assertion error (or possibly crash): ... #6 0x00005584ff461e67 in system_resolver_resolve_cb (source_object=, res=0x5585016b9190, user_data=user_data@entry=0x558501667800) at src/core/nm-connectivity.c:798 #7 0x00007f348a02419a in g_task_return_now (task=0x5585016b9190) at ../gio/gtask.c:1219 #8 0x00007f348a0241dd in complete_in_idle_cb (task=task@entry=0x5585016b9190) at ../gio/gtask.c:1233 #9 0x00007f3489e263eb in g_idle_dispatch (source=0x7f3464001070, callback=0x7f348a0241d0 , user_data=0x5585016b9190) at ../glib/gmain.c:5897 ... Fixes: 57d226d3f08d ('connectivity: resolve hostname ourselves to avoid blocking libcurl') (cherry picked from commit 62b1f9766ae99e3c2211e5843bea0dfcc54c9b75) --- src/core/nm-connectivity.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/core/nm-connectivity.c b/src/core/nm-connectivity.c index 8852cb3e96..b23a48bcd6 100644 --- a/src/core/nm-connectivity.c +++ b/src/core/nm-connectivity.c @@ -884,8 +884,6 @@ systemd_resolved_resolve_cb(GObject *object, GAsyncResult *res, gpointer user_da cb_data = user_data; - g_clear_object(&cb_data->concheck.resolve_cancellable); - if (!result) { /* Never mind. Fallback to the system resolver. */ _LOG2D("can't resolve a name via systemd-resolved: %s", error->message);