From d65e974e67e47222cdebd9d0b6becd6642547ce2 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Mar 2021 22:21:58 +0100 Subject: [PATCH] core: don't accidentally unref a varlink connection twice Let's make sure that our close handler unrefs a connection again that we are already unreffing a few stack frames up by invalidating the pointer first, and dropping the ref counter only after that. Replaces: 39ad3f1c092b5dffcbb4b1d12eb9ca407f010a3c Fixes: #18025 --- src/core/core-varlink.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/core/core-varlink.c b/src/core/core-varlink.c index b3df8cd893..b7afb87d50 100644 --- a/src/core/core-varlink.c +++ b/src/core/core-varlink.c @@ -475,8 +475,11 @@ int manager_varlink_init(Manager *m) { void manager_varlink_done(Manager *m) { assert(m); - /* Send the final message if we still have a subscribe request open. */ - m->managed_oom_varlink_request = varlink_close_unref(m->managed_oom_varlink_request); + /* Explicitly close the varlink connection to oomd. Note we first take the varlink connection out of + * the manager, and only then disconnect it — in two steps – so that we don't end up accidentally + * unreffing it twice. After all, closing the connection might cause the disconnect handler we + * installed (vl_disconnect() above) to be called, where we will unref it too. */ + varlink_close_unref(TAKE_PTR(m->managed_oom_varlink_request)); m->varlink_server = varlink_server_unref(m->varlink_server); }