Fix reference cycle between controller and data store in Matter.framework.

Also adds some leak detection to unit tests in CI that would have caught this.

Author: bzbarsky-apple

.github/workflows/darwin.yaml

@@ -83,6 +83,9 @@ jobs:
                           -enableUndefinedBehaviorSanitizer YES
                     - flavor: tsan
                       arguments: -enableThreadSanitizer YES
+                    # "leaks" does not seem to be very compatible with asan or tsan
+                    - flavor: leaks
+                      defines: ENABLE_LEAK_DETECTION=1
         steps:
             - name: Checkout
               uses: actions/checkout@v4

src/darwin/Framework/CHIP/MTRDeviceControllerDataStore.mm

@@ -106,7 +106,8 @@ static bool IsValidCATNumber(id _Nullable value)
 @implementation MTRDeviceControllerDataStore {
     id<MTRDeviceControllerStorageDelegate> _storageDelegate;
     dispatch_queue_t _storageDelegateQueue;
-    MTRDeviceController * _controller;
+    // Controller owns us, so we have to make sure to not keep it alive.
+    __weak MTRDeviceController * _controller;
     // Array of nodes with resumption info, oldest-stored first.
     NSMutableArray<NSNumber *> * _nodesWithResumptionInfo;
 }
@@ -126,7 +127,9 @@ - (nullable instancetype)initWithController:(MTRDeviceController *)controller
     __block id resumptionNodeList;
     dispatch_sync(_storageDelegateQueue, ^{
         @autoreleasepool {
-            resumptionNodeList = [_storageDelegate controller:_controller
+            // NOTE: controller, not our weak ref, since we know it's still
+            // valid under this sync dispatch.
+            resumptionNodeList = [_storageDelegate controller:controller
                                                   valueForKey:sResumptionNodeListKey
                                                 securityLevel:MTRStorageSecurityLevelSecure
                                                   sharingType:MTRStorageSharingTypeNotShared];
@@ -154,9 +157,15 @@ - (nullable instancetype)initWithController:(MTRDeviceController *)controller
 - (void)fetchAttributeDataForAllDevices:(MTRDeviceControllerDataStoreClusterDataHandler)clusterDataHandler
 {
     __block NSDictionary<NSString *, id> * dataStoreSecureLocalValues = nil;
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return;
+    }
+
     dispatch_sync(_storageDelegateQueue, ^{
         if ([self->_storageDelegate respondsToSelector:@selector(valuesForController:securityLevel:sharingType:)]) {
-            dataStoreSecureLocalValues = [self->_storageDelegate valuesForController:self->_controller securityLevel:MTRStorageSecurityLevelSecure sharingType:MTRStorageSharingTypeNotShared];
+            dataStoreSecureLocalValues = [self->_storageDelegate valuesForController:controller securityLevel:MTRStorageSecurityLevelSecure sharingType:MTRStorageSharingTypeNotShared];
         }
     });
 
@@ -177,32 +186,38 @@ - (nullable MTRCASESessionResumptionInfo *)findResumptionInfoByResumptionID:(NSD
 
 - (void)storeResumptionInfo:(MTRCASESessionResumptionInfo *)resumptionInfo
 {
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return;
+    }
+
     auto * oldInfo = [self findResumptionInfoByNodeID:resumptionInfo.nodeID];
     dispatch_sync(_storageDelegateQueue, ^{
         if (oldInfo != nil) {
             // Remove old resumption id key.  No need to do that for the
             // node id, because we are about to overwrite it.
-            [_storageDelegate controller:_controller
+            [_storageDelegate controller:controller
                        removeValueForKey:ResumptionByResumptionIDKey(oldInfo.resumptionID)
                            securityLevel:MTRStorageSecurityLevelSecure
                              sharingType:MTRStorageSharingTypeNotShared];
             [_nodesWithResumptionInfo removeObject:resumptionInfo.nodeID];
         }
 
-        [_storageDelegate controller:_controller
+        [_storageDelegate controller:controller
                           storeValue:resumptionInfo
                               forKey:ResumptionByNodeIDKey(resumptionInfo.nodeID)
                        securityLevel:MTRStorageSecurityLevelSecure
                          sharingType:MTRStorageSharingTypeNotShared];
-        [_storageDelegate controller:_controller
+        [_storageDelegate controller:controller
                           storeValue:resumptionInfo
                               forKey:ResumptionByResumptionIDKey(resumptionInfo.resumptionID)
                        securityLevel:MTRStorageSecurityLevelSecure
                          sharingType:MTRStorageSharingTypeNotShared];
 
         // Update our resumption info node list.
         [_nodesWithResumptionInfo addObject:resumptionInfo.nodeID];
-        [_storageDelegate controller:_controller
+        [_storageDelegate controller:controller
                           storeValue:[_nodesWithResumptionInfo copy]
                               forKey:sResumptionNodeListKey
                        securityLevel:MTRStorageSecurityLevelSecure
@@ -212,17 +227,23 @@ - (void)storeResumptionInfo:(MTRCASESessionResumptionInfo *)resumptionInfo
 
 - (void)clearAllResumptionInfo
 {
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return;
+    }
+
     // Can we do less dispatch?  We would need to have a version of
     // _findResumptionInfoWithKey that assumes we are already on the right queue.
     for (NSNumber * nodeID in _nodesWithResumptionInfo) {
         auto * oldInfo = [self findResumptionInfoByNodeID:nodeID];
         if (oldInfo != nil) {
             dispatch_sync(_storageDelegateQueue, ^{
-                [_storageDelegate controller:_controller
+                [_storageDelegate controller:controller
                            removeValueForKey:ResumptionByResumptionIDKey(oldInfo.resumptionID)
                                securityLevel:MTRStorageSecurityLevelSecure
                                  sharingType:MTRStorageSharingTypeNotShared];
-                [_storageDelegate controller:_controller
+                [_storageDelegate controller:controller
                            removeValueForKey:ResumptionByNodeIDKey(oldInfo.nodeID)
                                securityLevel:MTRStorageSecurityLevelSecure
                                  sharingType:MTRStorageSharingTypeNotShared];
@@ -235,9 +256,15 @@ - (void)clearAllResumptionInfo
 
 - (CHIP_ERROR)storeLastLocallyUsedNOC:(MTRCertificateTLVBytes)noc
 {
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return CHIP_ERROR_PERSISTED_STORAGE_FAILED;
+    }
+
     __block BOOL ok;
     dispatch_sync(_storageDelegateQueue, ^{
-        ok = [_storageDelegate controller:_controller
+        ok = [_storageDelegate controller:controller
                                storeValue:noc
                                    forKey:sLastLocallyUsedNOCKey
                             securityLevel:MTRStorageSecurityLevelSecure
@@ -248,10 +275,16 @@ - (CHIP_ERROR)storeLastLocallyUsedNOC:(MTRCertificateTLVBytes)noc
 
 - (MTRCertificateTLVBytes _Nullable)fetchLastLocallyUsedNOC
 {
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return nil;
+    }
+
     __block id data;
     dispatch_sync(_storageDelegateQueue, ^{
         @autoreleasepool {
-            data = [_storageDelegate controller:_controller
+            data = [_storageDelegate controller:controller
                                     valueForKey:sLastLocallyUsedNOCKey
                                   securityLevel:MTRStorageSecurityLevelSecure
                                     sharingType:MTRStorageSharingTypeNotShared];
@@ -271,6 +304,12 @@ - (MTRCertificateTLVBytes _Nullable)fetchLastLocallyUsedNOC
 
 - (nullable MTRCASESessionResumptionInfo *)_findResumptionInfoWithKey:(nullable NSString *)key
 {
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return nil;
+    }
+
     // key could be nil if [NSString stringWithFormat] returns nil for some reason.
     if (key == nil) {
         return nil;
@@ -279,7 +318,7 @@ - (nullable MTRCASESessionResumptionInfo *)_findResumptionInfoWithKey:(nullable
     __block id resumptionInfo;
     dispatch_sync(_storageDelegateQueue, ^{
         @autoreleasepool {
-            resumptionInfo = [_storageDelegate controller:_controller
+            resumptionInfo = [_storageDelegate controller:controller
                                               valueForKey:key
                                             securityLevel:MTRStorageSecurityLevelSecure
                                               sharingType:MTRStorageSharingTypeNotShared];
@@ -318,9 +357,15 @@ - (nullable MTRCASESessionResumptionInfo *)_findResumptionInfoWithKey:(nullable
 
 - (id)_fetchAttributeCacheValueForKey:(NSString *)key expectedClass:(Class)expectedClass;
 {
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return nil;
+    }
+
     id data;
     @autoreleasepool {
-        data = [_storageDelegate controller:_controller
+        data = [_storageDelegate controller:controller
                                 valueForKey:key
                               securityLevel:MTRStorageSecurityLevelSecure
                                 sharingType:MTRStorageSharingTypeNotShared];
@@ -338,7 +383,13 @@ - (id)_fetchAttributeCacheValueForKey:(NSString *)key expectedClass:(Class)expec
 
 - (BOOL)_storeAttributeCacheValue:(id)value forKey:(NSString *)key
 {
-    return [_storageDelegate controller:_controller
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return NO;
+    }
+
+    return [_storageDelegate controller:controller
                              storeValue:value
                                  forKey:key
                           securityLevel:MTRStorageSecurityLevelSecure
@@ -347,15 +398,27 @@ - (BOOL)_storeAttributeCacheValue:(id)value forKey:(NSString *)key
 
 - (BOOL)_bulkStoreAttributeCacheValues:(NSDictionary<NSString *, id<NSSecureCoding>> *)values
 {
-    return [_storageDelegate controller:_controller
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return NO;
+    }
+
+    return [_storageDelegate controller:controller
                             storeValues:values
                           securityLevel:MTRStorageSecurityLevelSecure
                             sharingType:MTRStorageSharingTypeNotShared];
 }
 
 - (BOOL)_removeAttributeCacheValueForKey:(NSString *)key
 {
-    return [_storageDelegate controller:_controller
+    MTRDeviceController * controller = _controller;
+    if (controller == nil) {
+        // Not expected; no way to call delegate without controller.
+        return NO;
+    }
+
+    return [_storageDelegate controller:controller
                       removeValueForKey:key
                           securityLevel:MTRStorageSecurityLevelSecure
                             sharingType:MTRStorageSharingTypeNotShared];

src/darwin/Framework/CHIPTests/MTRAsyncCallbackQueueTests.m

@@ -16,10 +16,9 @@
 
 #import <Matter/Matter.h>
 
-// system dependencies
-#import <XCTest/XCTest.h>
+#import "MTRTestCase.h"
 
-@interface MTRAsyncCallbackQueueTests : XCTestCase
+@interface MTRAsyncCallbackQueueTests : MTRTestCase
 
 @end
 

src/darwin/Framework/CHIPTests/MTRAsyncWorkQueueTests.m

@@ -15,11 +15,12 @@
  */
 
 #import <Matter/Matter.h>
-#import <XCTest/XCTest.h>
+
+#import "MTRTestCase.h"
 
 #import "MTRAsyncWorkQueue.h"
 
-@interface MTRAsyncWorkQueueTests : XCTestCase
+@interface MTRAsyncWorkQueueTests : MTRTestCase
 @end
 
 @implementation MTRAsyncWorkQueueTests {

src/darwin/Framework/CHIPTests/MTRBackwardsCompatTests.m

@@ -19,15 +19,13 @@
 #import <Matter/Matter.h>
 
 #import "MTRErrorTestUtils.h"
+#import "MTRTestCase.h"
 #import "MTRTestKeys.h"
 #import "MTRTestResetCommissioneeHelper.h"
 #import "MTRTestStorage.h"
 
 #import <math.h> // For INFINITY
 
-// system dependencies
-#import <XCTest/XCTest.h>
-
 // Fixture: chip-all-clusters-app --KVS "$(mktemp -t chip-test-kvs)" --interface-id -1
 
 static const uint16_t kPairingTimeoutInSeconds = 10;
@@ -88,7 +86,7 @@ - (void)onCommissioningComplete:(NSError *)error
 
 @end
 
-@interface MTRBackwardsCompatTests : XCTestCase
+@interface MTRBackwardsCompatTests : MTRTestCase
 @end
 
 @implementation MTRBackwardsCompatTests

src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m

@@ -16,9 +16,10 @@
  */
 
 #import <Matter/Matter.h>
-#import <XCTest/XCTest.h>
 
-@interface MTRCertificateInfoTests : XCTestCase
+#import "MTRTestCase.h"
+
+@interface MTRCertificateInfoTests : MTRTestCase
 
 @end
 

src/darwin/Framework/CHIPTests/MTRCertificateTests.m

@@ -16,12 +16,10 @@
 
 #import <Matter/Matter.h>
 
-// system dependencies
-#import <XCTest/XCTest.h>
-
+#import "MTRTestCase.h"
 #import "MTRTestKeys.h"
 
-@interface MTRCertificateTests : XCTestCase
+@interface MTRCertificateTests : MTRTestCase
 
 @end
 

src/darwin/Framework/CHIPTests/MTRCertificateValidityTests.m

@@ -19,13 +19,11 @@
 #import <Matter/Matter.h>
 
 #import "MTRErrorTestUtils.h"
+#import "MTRTestCase.h"
 #import "MTRTestKeys.h"
 #import "MTRTestResetCommissioneeHelper.h"
 #import "MTRTestStorage.h"
 
-// system dependencies
-#import <XCTest/XCTest.h>
-
 static const uint16_t kPairingTimeoutInSeconds = 10;
 static const uint16_t kTimeoutInSeconds = 3;
 static const uint64_t kDeviceId = 0x12341234;
@@ -193,7 +191,7 @@ - (nullable instancetype)initWithRootKey:(MTRTestKeys *)key fabricID:(NSNumber *
 
 @end
 
-@interface MTRCertificateValidityTests : XCTestCase
+@interface MTRCertificateValidityTests : MTRTestCase
 @end
 
 static BOOL sNeedsStackShutdown = YES;
@@ -210,6 +208,8 @@ + (void)tearDown
         // we did not run test999_TearDown.
         [self shutdownStack];
     }
+
+    [super tearDown];
 }
 
 - (void)setUp

src/darwin/Framework/CHIPTests/MTRCommissionableBrowserTests.m

@@ -17,9 +17,7 @@
 
 #import <Matter/Matter.h>
 
-// system dependencies
-#import <XCTest/XCTest.h>
-
+#import "MTRTestCase.h"
 #import "MTRTestKeys.h"
 #import "MTRTestStorage.h"
 
@@ -115,7 +113,7 @@ - (void)controller:(MTRDeviceController *)controller didRemoveCommissionableDevi
 }
 @end
 
-@interface MTRCommissionableBrowserTests : XCTestCase
+@interface MTRCommissionableBrowserTests : MTRTestCase
 @end
 
 @implementation MTRCommissionableBrowserTests