From 11149ef5a11a591fee29d636fec4bbfb63469bcd Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 13 Feb 2020 16:01:04 +1030 Subject: [PATCH] lightningd, openingd: remove active code inside assert(). We don't compile with NDEBUG defined, but if we did, this code would vanish. I did a quick audit, inspired by @ZmnSCPxj. I actually hacked up something to compile with NDEBUG (many unused vars resulted, and of course unit tests are allowed to rely on assert()), and after this the testsuite still passes. Signed-off-by: Rusty Russell --- lightningd/notification.c | 5 +++-- openingd/openingd.c | 8 +++++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/lightningd/notification.c b/lightningd/notification.c index 450ce0a06..d2f8ca49d 100644 --- a/lightningd/notification.c +++ b/lightningd/notification.c @@ -191,8 +191,9 @@ static void forward_event_notification_serialize(struct json_stream *stream, cur->channel_out = *scid_out; if (amount_out) { cur->msat_out = *amount_out; - assert(amount_msat_sub(&cur->fee, - in->msat, *amount_out)); + if (!amount_msat_sub(&cur->fee, + in->msat, *amount_out)) + abort(); } else { cur->msat_out = AMOUNT_MSAT(0); cur->fee = AMOUNT_MSAT(0); diff --git a/openingd/openingd.c b/openingd/openingd.c index b7fb61b97..c392b25d3 100644 --- a/openingd/openingd.c +++ b/openingd/openingd.c @@ -852,7 +852,13 @@ static u8 *funder_channel_complete(struct state *state) /* We recalculate the local_msat from cached values; should * succeed because we checked it earlier */ - assert(amount_sat_sub_msat(&local_msat, state->funding, state->push_msat)); + if (!amount_sat_sub_msat(&local_msat, state->funding, state->push_msat)) + status_failed(STATUS_FAIL_INTERNAL_ERROR, + "push_msat %s > funding %s?", + type_to_string(tmpctx, struct amount_msat, + &state->push_msat), + type_to_string(tmpctx, struct amount_sat, + &state->funding)); if (!funder_finalize_channel_setup(state, local_msat, &sig, &tx)) return NULL;