FATAL SIGNAL on daemon.c in 24.02 and 24.05 #7486

btweenthebars · 2024-07-23T03:15:06Z

Issue and Steps to Reproduce

I keep seeing these errors on the log and console but it doesn't crash my node.

There are 2 variations:

lightning_channeld: FATAL SIGNAL 11 (version v24.05-modded)
0x5ed1c6727571 send_backtrace
common/daemon.c:33
0x5ed1c67275f6 crashdump
common/daemon.c:75
0x73fe53d16adf ???
???:0
0x5ed1c6719538 peer_reconnect
channeld/channeld.c:5205
0x5ed1c6719dab init_channel
channeld/channeld.c:5959
0x5ed1c6719f04 main
channeld/channeld.c:6005
0x73fe53cffc87 ???
???:0
0x73fe53cffd4b ???
???:0
0x5ed1c670e6f4 ???
???:0
0xffffffffffffffff ???
???:0

and

lightning_channeld: FATAL SIGNAL (version v24.05-modded)
0x5ed1c6727571 send_backtrace
common/daemon.c:33
0x5ed1c67322cc status_failed
common/status.c:221
0x5ed1c6732482 status_backtrace_exit
common/subdaemon.c:18
0x5ed1c67275fc crashdump
common/daemon.c:78
0x73fe53d16adf ???
???:0
0x5ed1c6719538 peer_reconnect
channeld/channeld.c:5205
0x5ed1c6719dab init_channel
channeld/channeld.c:5959
0x5ed1c6719f04 main
channeld/channeld.c:6005
0x73fe53cffc87 ???
???:0
0x73fe53cffd4b ???
???:0
0x5ed1c670e6f4 ???
???:0
0xffffffffffffffff ???
???:0

It's been going on since 24.02. I didn't have that in 23.11

`getinfo` output

"version": "v24.05-modded",
"blockheight": 853495,
"network": "bitcoin",
"fees_collected_msat": 111111,
"lightning-dir": "/cln/bitcoin",
"our_features": {
"init": "080000000000000000000000000008a0080a8a59a1",
"node": "080000000000000000000000000088a0080a8a59a1",
"channel": "",
"invoice": "02000002024100"
}

The text was updated successfully, but these errors were encountered:

cdecker · 2024-07-30T13:14:04Z

Sounds like we are dereferencing the initr pointer here:

lightning/channeld/channeld.c

Lines 5205 to 5209 in 11586ab

    
           if (match_type(initr->desired_channel_type, 
        
           	       ninitr->current_channel_type) 
        
               || match_type(initr->desired_channel_type, 
        
           		  ninitr->upgradable_channel_type)) 
        
           	type = initr->desired_channel_type;

How cound that be NULL? It looks as if either the send_tlvs or recv_tlvs is set to NULL. Git blame says @rustyrussell last edited the code here, so he might know how to address this best.

rustyrussell · 2024-09-07T03:33:14Z

Good catch!

send_tlvs can indeed be NULL, with older peers.

send_tlvs is NULL if no special features are supported, and peer sets `next_to_send` anyway: ``` 0x5ed1c6719538 peer_reconnect channeld/channeld.c:5205 0x5ed1c6719dab init_channel channeld/channeld.c:5959 0x5ed1c6719f04 main channeld/channeld.c:6005 ``` Backport: v24.08 Fixes: ElementsProject#7486 Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

rustyrussell self-assigned this Sep 4, 2024

rustyrussell added this to the v24.11 milestone Sep 4, 2024

rustyrussell mentioned this issue Sep 7, 2024

channeld: fix crash with pre-TLV peers. #7650

Merged

vincenzopalazzo closed this as completed in #7650 Sep 7, 2024

vincenzopalazzo closed this as completed in 78b9ccf Sep 7, 2024

surfac3 mentioned this issue Sep 8, 2024

Core lightning crashes with FATAL SIGNAL 11 #7645

Closed

ShahanaFarooqui modified the milestones: v24.11, v24.08.1 Sep 12, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FATAL SIGNAL on daemon.c in 24.02 and 24.05 #7486

FATAL SIGNAL on daemon.c in 24.02 and 24.05 #7486

btweenthebars commented Jul 23, 2024

cdecker commented Jul 30, 2024

rustyrussell commented Sep 7, 2024

FATAL SIGNAL on daemon.c in 24.02 and 24.05 #7486

FATAL SIGNAL on daemon.c in 24.02 and 24.05 #7486

Comments

btweenthebars commented Jul 23, 2024

Issue and Steps to Reproduce

getinfo output

cdecker commented Jul 30, 2024

rustyrussell commented Sep 7, 2024

`getinfo` output