Browse Source

wallet: Fix a potential memory leak when loading state changes

The leak exists if we `tal_free` the result array onto another parent,
but the `ctx` we allocated on is still valid. This leads to a
temporary gap in the ownership tree which is then reported as the
following error:

```text
- Node /tmp/ltests-ufn3ox3p/test_htlc_out_timeout_1/lightning-1/ has memory leaks: [
   {
       "backtrace": [
           "ccan/ccan/tal/tal.c:442 (tal_alloc_)",
           "ccan/ccan/tal/tal.c:471 (tal_alloc_arr_)",
           "ccan/ccan/tal/tal.c:799 (tal_dup_)",
           "ccan/ccan/tal/str/str.c:18 (tal_strdup_)",
           "wallet/wallet.c:1652 (wallet_state_change_get)",
           "lightningd/peer_control.c:869 (json_]add_channel)",
           "lightningd/peer_control.c:1319 (json_add_peer)",
           "lightningd/peer_control.c:1348 (json_listpeers)",
           "lightningd/jsonrpc.c:643 (command_exec)",
           "lightningd/jsonrpc.c:753 (rpc_command_hook_callback)",
           "lightningd/plugin_hook.c:288 (plugin_hook_call_)",
           "lightningd/jsonrpc.c:808 (plugin_hook_call_rpc_command)",
           "lightningd/jsonrpc.c:888 (parse_request)",
           "lightningd/jsonrpc.c:979 (read_json)",
           "ccan/ccan/io/io.c:59 (next_plan)",
           "ccan/ccan/io/io.c:435 (io_do_always)",
           "ccan/ccan/io/poll.c:300 (handle_always)",
           "ccan/ccan/io/poll.c:377 (io_loop)",
           "lightningd/io_loop_with_timers.c:24 (io_loop_with_timers)",
           "lightningd/lightningd.c:1016 (main)"
       ],
       "label": "wallet/wallet.c:1652:char[]",
       "parents": [
           "common/json_stream.c:29:struct json_stream",
           "ccan/ccan/io/io.c:91:struct io_conn",
           "lightningd/lightningd.c:116:struct lightningd"
       ],
       "value": "0x556b0856ab68"
   },
```

Changelog-None
master
Christian Decker 4 years ago
parent
commit
87d3818c63
  1. 2
      wallet/wallet.c

2
wallet/wallet.c

@ -1649,7 +1649,7 @@ struct state_change_entry *wallet_state_change_get(struct wallet *w,
tmp.old_state = db_column_int(stmt, 1); tmp.old_state = db_column_int(stmt, 1);
tmp.new_state = db_column_int(stmt, 2); tmp.new_state = db_column_int(stmt, 2);
tmp.cause = db_column_int(stmt, 3); tmp.cause = db_column_int(stmt, 3);
tmp.message = tal_strdup(ctx, (const char *)db_column_text(stmt, 4)); tmp.message = tal_strdup(res, (const char *)db_column_text(stmt, 4));
tal_arr_expand(&res, tmp); tal_arr_expand(&res, tmp);
} }
tal_free(stmt); tal_free(stmt);

Loading…
Cancel
Save