Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hsmd crash when signing psbt #5499

Closed
fiatjaf opened this issue Aug 5, 2022 · 7 comments
Closed

hsmd crash when signing psbt #5499

fiatjaf opened this issue Aug 5, 2022 · 7 comments
Assignees
@niftynei
Milestone
v0.12

Comments

@fiatjaf
Copy link
Contributor

fiatjaf commented Aug 5, 2022

Issue and Steps to Reproduce

lightningd crashes with

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
lightning_hsmd: FATAL SIGNAL (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0de831 status_failed
	common/status.c:221
0x5574ca0df222 status_backtrace_exit
	common/subdaemon.c:18
0x5574ca0d887d crashdump
	common/daemon.c:49
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
HSM gave bad sign_withdrawal_reply 
2022-08-05T18:03:06.981Z **BROKEN** lightningd: HSM gave bad sign_withdrawal_reply 
lightningd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x557dde9f4c9c send_backtrace
	common/daemon.c:33
0x557dde9f4d24 crashdump
	common/daemon.c:46
0x7ff771a3e8df ???
	???:0
0x7ff771a8e36c ???
	???:0
0x7ff771a3e837 ???
	???:0
0x7ff771a28534 ???
	???:0
0x557dde9b79ba fatal_vfmt
	lightningd/log.c:851
0x557dde9b7a53 fatal
	lightningd/log.c:859
0x557dde9e9223 json_signpsbt
	wallet/walletrpc.c:768
0x557dde9b1b73 command_exec
	lightningd/jsonrpc.c:630
0x557dde9b305d rpc_command_hook_final
	lightningd/jsonrpc.c:765
0x557dde9d492b plugin_hook_call_
	lightningd/plugin_hook.c:278
0x557dde9b3632 plugin_hook_call_rpc_command
	lightningd/jsonrpc.c:853
0x557dde9b3632 parse_request
	lightningd/jsonrpc.c:957
0x557dde9b38ba read_json
	lightningd/jsonrpc.c:1054
0x557ddea40893 next_plan
	ccan/ccan/io/io.c:59
0x557ddea40d1a do_plan
	ccan/ccan/io/io.c:407
0x557ddea40db3 io_ready
	ccan/ccan/io/io.c:417
0x557ddea42610 io_loop
	ccan/ccan/io/poll.c:453
0x557dde9b1606 io_loop_with_timers
	lightningd/io_loop_with_timers.c:22
0x557dde9b5584 main
	lightningd/lightningd.c:1184
0x7ff771a2928f ???
	???:0
0x7ff771a29349 ???
	???:0
0x557dde998ea4 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
2022-08-05T18:03:07.075Z **BROKEN** lightningd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: common/daemon.c:38 (send_backtrace) 0x557dde9f4ce4
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: common/daemon.c:46 (crashdump) 0x557dde9f4d24
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7ff771a3e8df
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7ff771a8e36c
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7ff771a3e837
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7ff771a28534
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/log.c:851 (fatal_vfmt) 0x557dde9b79ba
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/log.c:859 (fatal) 0x557dde9b7a53
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: wallet/walletrpc.c:768 (json_signpsbt) 0x557dde9e9223
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:630 (command_exec) 0x557dde9b1b73
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:765 (rpc_command_hook_final) 0x557dde9b305d
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/plugin_hook.c:278 (plugin_hook_call_) 0x557dde9d492b
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:853 (plugin_hook_call_rpc_command) 0x557dde9b3632
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:957 (parse_request) 0x557dde9b3632
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:1054 (read_json) 0x557dde9b38ba
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:59 (next_plan) 0x557ddea40893
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:407 (do_plan) 0x557ddea40d1a
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:417 (io_ready) 0x557ddea40db3
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: ccan/ccan/io/poll.c:453 (io_loop) 0x557ddea42610
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/io_loop_with_timers.c:22 (io_loop_with_timers) 0x557dde9b1606
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: lightningd/lightningd.c:1184 (main) 0x557dde9b5584
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7ff771a2928f
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7ff771a29349
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: ../sysdeps/x86_64/start.S:115 ((null)) 0x557dde998ea4
2022-08-05T18:03:07.075Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0xffffffffffffffff
Log dumped in crash.log.20220805180307

What I did was:

  1. Start node on regtest
  2. Generate a block to one of its addresses
  3. Build this psbt (two inputs, the second of which matches the utxo I had in lightningd according to listfunds): cHNidP8BAHsCAAAAAg58E5nVxhCzXVWa/G6NiJFef004SM+xoEsxSLhwSzOtAAAAAAABAAAA1zPMkjE1xjLC1PIL4tqr6Es1Tvf/57OEhrUtKjqND+QAA AAAAAAAAAB4gIAAAAAAAAWABSB/6fHdOptg0U8kKiAAgDjBTEmawAAAAAAAAAA
  4. Call reserveinputs with the psbt
  5. Call signpsbt with the psbt
~> lightning-cli --network regtest getinfo
{
   "id": "021b7a3a371b81f2f94a1998d76e5d28598d942003290f078e34bf335d2d28642a",
   "alias": "VIOLENTARTIST",
   "color": "021b7a",
   "num_peers": 0,
   "num_pending_channels": 0,
   "num_active_channels": 0,
   "num_inactive_channels": 0,
   "address": [],
   "binding": [
      {
         "type": "ipv4",
         "address": "127.0.0.1",
         "port": 9730
      }
   ],
   "version": "v0.11.0.1-231-gddf8fbd-modded",
   "blockheight": 204,
   "network": "regtest",
   "msatoshi_fees_collected": 0,
   "fees_collected_msat": "0msat",
   "lightning-dir": "/home/fiatjaf/.lightning/regtest",
   "our_features": {
      "init": "088000080269a2",
      "node": "888000080269a2",
      "channel": "",
      "invoice": "02000000024100"
   }
}
@niftynei niftynei self-assigned this Aug 8, 2022
@niftynei niftynei added this to the v0.12 milestone Aug 8, 2022
niftynei added a commit to niftynei/lightning that referenced this issue Aug 8, 2022
@niftynei
psbt: dont crash when printing psbt to log
ee38b9f 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
niftynei added a commit to niftynei/lightning that referenced this issue Aug 8, 2022
@niftynei
signpsbt: check that psbt will pass sign checks before signing
14d681e 
Let's not crash if our PSBT is borked (no outputs).

If you attempt to sign a PSBT that's invalid, we'll crash.

Fixes: ElementsProject#5499
@fiatjaf
Copy link
Contributor Author

fiatjaf commented Aug 9, 2022

Partial fix: #5506

@fiatjaf
Copy link
Contributor Author

fiatjaf commented Aug 9, 2022

After applying the fix above, using the following psbt:

cHNidP8BAFICAAAAAfuxXEAeX5exw8ZHu2qGtNunUPLr+E45hzH0D4fOLhapAAAAAAABAAAAAeICAAAAAAAAFgAUgf+nx3TqbYNFPJCogAIA4wUxJmsAAAAAAAEBH+ICAAAAAAAAFgAUgf+nx3TqbYNFPJCogAIA4wUxJmsiAgKN/hmqwQM7MUsLeKm/vRNjvxobISj4W3kAmqNSqo2Uj0gwRQIhALH/pbB1QrK8HiGQl58yBT6GFQk6StWW+FhuYqaFC0yMAiByUeZoRLhq/TFlswG7iwxsZmbkrIxYWsPVpNjpKKE0uoMBAwSDAAAAAAA=

(This time the first input is not finalized, although it has the signature already.)

I get:

lightningd: FATAL SIGNAL 6 (version v0.11.0.1-528-g14d681e)
2022-08-09T01:41:42.909Z **BROKEN** lightningd: HSM gave bad sign_withdrawal_reply
0x559b44d748a0 send_backtrace
	common/daemon.c:33
0x559b44d74928 crashdump
	common/daemon.c:46
0x7fc86ec3e8df ???
	???:0
0x7fc86ec8e36c ???
	???:0
0x7fc86ec3e837 ???
	???:0
0x7fc86ec28534 ???
	???:0
0x559b44e0c3f0 call_error
	ccan/ccan/tal/tal.c:93
0x559b44e0c491 check_bounds
	ccan/ccan/tal/tal.c:165
0x559b44e0c4c2 to_tal_hdr
	ccan/ccan/tal/tal.c:175
0x559b44e0cde5 tal_free
	ccan/ccan/tal/tal.c:479
0x559b44d7a20f common_shutdown
	common/setup.c:59
0x559b44d749c4 daemon_shutdown
	common/daemon.c:158
0x559b44d699a8 master_gone
	hsmd/hsmd.c:710
0x559b44e08c4b destroy_conn
	ccan/ccan/io/poll.c:246
0x559b44e08c6d destroy_conn_close_fd
	ccan/ccan/io/poll.c:252
0x559b44e0c869 notify
	ccan/ccan/tal/tal.c:240
0x559b44e0c940 del_tree
	ccan/ccan/tal/tal.c:402
0x559b44e0c983 del_tree
	ccan/ccan/tal/tal.c:412
0x559b44e0ce2b tal_free
	ccan/ccan/tal/tal.c:486
0x559b44d7b94d clean_tmpctx
	common/utils.c:172
0x559b44d74763 daemon_poll
	common/daemon.c:87
0x559b44e09121 io_loop
	ccan/ccan/io/poll.c:420
0x559b44d6a8d5 main
	hsmd/hsmd.c:741
0x7fc86ec2928f ???
	???:0
0x7fc86ec29349 ???
	???:0
0x559b44d69724 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
lightning_hsmd: FATAL SIGNAL 11 (version v0.11.0.1-528-g14d681e)
0x559b44d748a0 send_backtrace
	common/daemon.c:33
0x559b44d74928 crashdump
	common/daemon.c:46
0x7fc86ec3e8df ???
	???:0
0x559b44d74cc3 daemon_conn_send
	common/daemon_conn.c:161
0x559b44d7a4b1 status_send
	common/status.c:90
0x559b44d7a7c5 status_vfmt
	common/status.c:169
0x559b44d7b3da status_backtrace_print
	common/subdaemon.c:12
0x559b44d748c0 send_backtrace
	common/daemon.c:36
0x559b44d74928 crashdump
	common/daemon.c:46
0x7fc86ec3e8df ???
	???:0
0x7fc86ec8e36c ???
	???:0
0x7fc86ec3e837 ???
	???:0
0x7fc86ec28534 ???
	???:0
0x559b44e0c3f0 call_error
	ccan/ccan/tal/tal.c:93
0x559b44e0c491 check_bounds
	ccan/ccan/tal/tal.c:165
0x559b44e0c4c2 to_tal_hdr
	ccan/ccan/tal/tal.c:175
0x559b44e0cde5 tal_free
	ccan/ccan/tal/tal.c:479
0x559b44d7a20f common_shutdown
	common/setup.c:59
0x559b44d749c4 daemon_shutdown
	common/daemon.c:158
0x559b44d699a8 master_gone
	hsmd/hsmd.c:710
0x559b44e08c4b destroy_conn
	ccan/ccan/io/poll.c:246
0x559b44e08c6d destroy_conn_close_fd
	ccan/ccan/io/poll.c:252
0x559b44e0c869 notify
	ccan/ccan/tal/tal.c:240
0x559b44e0c940 del_tree
	ccan/ccan/tal/tal.c:402
0x559b44e0c983 del_tree
	ccan/ccan/tal/tal.c:412
0x559b44e0ce2b tal_free
	ccan/ccan/tal/tal.c:486
0x559b44d7b94d clean_tmpctx
	common/utils.c:172
0x559b44d74763 daemon_poll
	common/daemon.c:87
0x559b44e09121 io_loop
	ccan/ccan/io/poll.c:420
0x559b44d6a8d5 main
	hsmd/hsmd.c:741
0x7fc86ec2928f ???
	???:0
0x7fc86ec29349 ???
	???:0
0x559b44d69724 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
0x555954370ba1 send_backtrace
	common/daemon.c:33
0x555954370c29 crashdump
	common/daemon.c:46
0x7f4deee3e8df ???
	???:0
0x7f4deee8e36c ???
	???:0
0x7f4deee3e837 ???
	???:0
0x7f4deee28534 ???
	???:0
0x5559543320a2 fatal_vfmt
	lightningd/log.c:854
0x55595433213b fatal
	lightningd/log.c:864
0x555954364dd5 json_signpsbt
	wallet/walletrpc.c:772
0x55595432c1fd command_exec
	lightningd/jsonrpc.c:625
0x55595432d6f5 rpc_command_hook_final
	lightningd/jsonrpc.c:762
0x55595435031c plugin_hook_call_
	lightningd/plugin_hook.c:279
0x55595432dccd plugin_hook_call_rpc_command
	lightningd/jsonrpc.c:850
0x55595432dccd parse_request
	lightningd/jsonrpc.c:954
0x55595432df55 read_json
	lightningd/jsonrpc.c:1051
0x55595442b7d2 next_plan
	ccan/ccan/io/io.c:59
0x55595442bc59 do_plan
	ccan/ccan/io/io.c:407
0x55595442bcf2 io_ready
	ccan/ccan/io/io.c:417
0x55595442d54f io_loop
	ccan/ccan/io/poll.c:453
0x55595432bfc6 io_loop_with_timers
	lightningd/io_loop_with_timers.c:22
0x55595432fc54 main
	lightningd/lightningd.c:1195
0x7f4deee2928f ???
	???:0
0x7f4deee29349 ???
	???:0
0x555954312ea4 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
2022-08-09T01:41:42.938Z **BROKEN** lightningd: FATAL SIGNAL 6 (version v0.11.0.1-528-g14d681e)
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: common/daemon.c:38 (send_backtrace) 0x555954370be9
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: common/daemon.c:46 (crashdump) 0x555954370c29
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f4deee3e8df
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f4deee8e36c
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f4deee3e837
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f4deee28534
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/log.c:854 (fatal_vfmt) 0x5559543320a2
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/log.c:864 (fatal) 0x55595433213b
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: wallet/walletrpc.c:772 (json_signpsbt) 0x555954364dd5
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:625 (command_exec) 0x55595432c1fd
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:762 (rpc_command_hook_final) 0x55595432d6f5
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/plugin_hook.c:279 (plugin_hook_call_) 0x55595435031c
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:850 (plugin_hook_call_rpc_command) 0x55595432dccd
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:954 (parse_request) 0x55595432dccd
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:1051 (read_json) 0x55595432df55
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:59 (next_plan) 0x55595442b7d2
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:407 (do_plan) 0x55595442bc59
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:417 (io_ready) 0x55595442bcf2
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: ccan/ccan/io/poll.c:453 (io_loop) 0x55595442d54f
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/io_loop_with_timers.c:22 (io_loop_with_timers) 0x55595432bfc6
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: lightningd/lightningd.c:1195 (main) 0x55595432fc54
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f4deee2928f
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f4deee29349
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: ../sysdeps/x86_64/start.S:115 ((null)) 0x555954312ea4
2022-08-09T01:41:42.938Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0xffffffffffffffff
Log dumped in crash.log.20220809014142

@fiatjaf
Copy link
Contributor Author

fiatjaf commented Aug 9, 2022

Now this one has the first input finalized:

cHNidP8BAHsCAAAAAvuxXEAeX5exw8ZHu2qGtNunUPLr+E45hzH0D4fOLhapAAAAAAABAAAAV6BwoisrgZEB8nM3I6Gr/TK4pll71h2cGIoT0iUNxw0AAAAAAAAAAAAB4gIAAAAAAAAWABSB/6fHdOptg0U8kKiAAgDjBTEmawAAAAAAAQEf4gIAAAAAAAAWABSB/6fHdOptg0U8kKiAAgDjBTEmawEIbAJIMEUCIQCx/6WwdUKyvB4hkJefMgU+hhUJOkrVlvhYbmKmhQtMjAIgclHmaES4av0xZbMBu4sMbGZm5KyMWFrD1aTY6SihNLqDIQKN/hmqwQM7MUsLeKm/vRNjvxobISj4W3kAmqNSqo2UjwAAAA==

And the crash is the same? I don't know:

lightningd: FATAL SIGNAL 6 (version v0.11.0.1-528-g14d681e)
0x558c3faff8a0 send_backtrace
	common/daemon.c:33
0x558c3faff928 crashdump
	common/daemon.c:46
0x7f17cea3e8df ???
	???:0
0x7f17cea8e36c ???
	???:0
0x7f17cea3e837 ???
	???:0
0x7f17cea28534 ???
	???:0
0x558c3fb973f0 call_error
	ccan/ccan/tal/tal.c:93
0x558c3fb97491 check_bounds
	ccan/ccan/tal/tal.c:165
0x558c3fb974c2 to_tal_hdr
	ccan/ccan/tal/tal.c:175
0x558c3fb97de5 tal_free
	ccan/ccan/tal/tal.c:479
0x558c3fb0520f common_shutdown
	common/setup.c:59
0x558c3faff9c4 daemon_shutdown
	common/daemon.c:158
0x558c3faf49a8 master_gone
	hsmd/hsmd.c:710
0x558c3fb93c4b destroy_conn
	ccan/ccan/io/poll.c:246
0x558c3fb93c6d destroy_conn_close_fd
	ccan/ccan/io/poll.c:252
0x558c3fb97869 notify
	ccan/ccan/tal/tal.c:240
0x558c3fb97940 del_tree
	ccan/ccan/tal/tal.c:402
0x558c3fb97983 del_tree
	ccan/ccan/tal/tal.c:412
0x558c3fb97e2b tal_free
	ccan/ccan/tal/tal.c:486
0x558c3fb0694d clean_tmpctx
	common/utils.c:172
0x558c3faff763 daemon_poll
	common/daemon.c:87
0x558c3fb94121 io_loop
	ccan/ccan/io/poll.c:420
0x558c3faf58d5 main
	hsmd/hsmd.c:741
0x7f17cea2928f ???
	???:0
0x7f17cea29349 ???
	???:0
0x558c3faf4724 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
lightning_hsmd: FATAL SIGNAL 11 (version v0.11.0.1-528-g14d681e)
0x558c3faff8a0 send_backtrace
	common/daemon.c:33
0x558c3faff928 crashdump
	common/daemon.c:46
0x7f17cea3e8df ???
	???:0
0x558c3faffcc3 daemon_conn_send
	common/daemon_conn.c:161
0x558c3fb054b1 status_send
	common/status.c:90
0x558c3fb057c5 status_vfmt
	common/status.c:169
0x558c3fb063da status_backtrace_print
	common/subdaemon.c:12
0x558c3faff8c0 send_backtrace
	common/daemon.c:36
0x558c3faff928 crashdump
	common/daemon.c:46
0x7f17cea3e8df ???
	???:0
0x7f17cea8e36c ???
	???:0
0x7f17cea3e837 ???
	???:0
0x7f17cea28534 ???
	???:0
0x558c3fb973f0 call_error
	ccan/ccan/tal/tal.c:93
0x558c3fb97491 check_bounds
	ccan/ccan/tal/tal.c:165
0x558c3fb974c2 to_tal_hdr
	ccan/ccan/tal/tal.c:175
0x558c3fb97de5 tal_free
	ccan/ccan/tal/tal.c:479
0x558c3fb0520f common_shutdown
	common/setup.c:59
0x558c3faff9c4 daemon_shutdown
	common/daemon.c:158
0x558c3faf49a8 master_gone
	hsmd/hsmd.c:710
0x558c3fb93c4b destroy_conn
	ccan/ccan/io/poll.c:246
0x558c3fb93c6d destroy_conn_close_fd
	ccan/ccan/io/poll.c:252
0x558c3fb97869 notify
	ccan/ccan/tal/tal.c:240
0x558c3fb97940 del_tree
	ccan/ccan/tal/tal.c:402
0x558c3fb97983 del_tree
	ccan/ccan/tal/tal.c:412
0x558c3fb97e2b tal_free
	ccan/ccan/tal/tal.c:486
0x558c3fb0694d clean_tmpctx
	common/utils.c:172
0x558c3faff763 daemon_poll
	common/daemon.c:87
0x558c3fb94121 io_loop
	ccan/ccan/io/poll.c:420
0x558c3faf58d5 main
	hsmd/hsmd.c:741
0x7f17cea2928f ???
	???:0
0x7f17cea29349 ???
	???:0
0x558c3faf4724 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
0x55763b8c3ba1 send_backtrace
	common/daemon.c:33
0x55763b8c3c29 crashdump
	common/daemon.c:46
0x7f1a60e3e8df ???
	???:0
0x7f1a60e8e36c ???
	???:0
0x7f1a60e3e837 ???
	???:0
0x7f1a60e28534 ???
	???:0
0x55763b8850a2 fatal_vfmt
	lightningd/log.c:854
0x55763b88513b fatal
	lightningd/log.c:864
0x55763b8b7dd5 json_signpsbt
	wallet/walletrpc.c:772
0x55763b87f1fd command_exec
	lightningd/jsonrpc.c:625
0x55763b8806f5 rpc_command_hook_final
	lightningd/jsonrpc.c:762
0x55763b8a331c plugin_hook_call_
	lightningd/plugin_hook.c:279
0x55763b880ccd plugin_hook_call_rpc_command
	lightningd/jsonrpc.c:850
0x55763b880ccd parse_request
	lightningd/jsonrpc.c:954
0x55763b880f55 read_json
	lightningd/jsonrpc.c:1051
0x55763b97e7d2 next_plan
	ccan/ccan/io/io.c:59
0x55763b97ec59 do_plan
	ccan/ccan/io/io.c:407
0x55763b97ecf2 io_ready
	ccan/ccan/io/io.c:417
0x55763b98054f io_loop
	ccan/ccan/io/poll.c:453
0x55763b87efc6 io_loop_with_timers
	lightningd/io_loop_with_timers.c:22
0x55763b882c54 main
	lightningd/lightningd.c:1195
0x7f1a60e2928f ???
	???:0
0x7f1a60e29349 ???
	???:0
0x55763b865ea4 ???
	../sysdeps/x86_64/start.S:115
0xffffffffffffffff ???
	???:0
2022-08-09T01:44:52.506Z **BROKEN** lightningd: FATAL SIGNAL 6 (version v0.11.0.1-528-g14d681e)
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: common/daemon.c:38 (send_backtrace) 0x55763b8c3be9
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: common/daemon.c:46 (crashdump) 0x55763b8c3c29
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f1a60e3e8df
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f1a60e8e36c
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f1a60e3e837
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f1a60e28534
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/log.c:854 (fatal_vfmt) 0x55763b8850a2
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/log.c:864 (fatal) 0x55763b88513b
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: wallet/walletrpc.c:772 (json_signpsbt) 0x55763b8b7dd5
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:625 (command_exec) 0x55763b87f1fd
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:762 (rpc_command_hook_final) 0x55763b8806f5
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/plugin_hook.c:279 (plugin_hook_call_) 0x55763b8a331c
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:850 (plugin_hook_call_rpc_command) 0x55763b880ccd
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:954 (parse_request) 0x55763b880ccd
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/jsonrpc.c:1051 (read_json) 0x55763b880f55
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:59 (next_plan) 0x55763b97e7d2
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:407 (do_plan) 0x55763b97ec59
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: ccan/ccan/io/io.c:417 (io_ready) 0x55763b97ecf2
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: ccan/ccan/io/poll.c:453 (io_loop) 0x55763b98054f
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/io_loop_with_timers.c:22 (io_loop_with_timers) 0x55763b87efc6
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: lightningd/lightningd.c:1195 (main) 0x55763b882c54
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f1a60e2928f
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0x7f1a60e29349
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: ../sysdeps/x86_64/start.S:115 ((null)) 0x55763b865ea4
2022-08-09T01:44:52.506Z **BROKEN** lightningd: backtrace: (null):0 ((null)) 0xffffffffffffffff
Log dumped in crash.log.20220809014452

@fiatjaf
Copy link
Contributor Author

fiatjaf commented Aug 10, 2022

How to reproduce:

  1. Download this plugin (or compile from source -- you'll need sbt then run sbt nativeLink and it should download everything that is needed and work)
  2. Start lightningd on signet with the plugin above
  3. Get a utxo in your node (no need for channels)
  4. Call lightning-cli --network signet psbt -k psbt='cHNidP8BAFICAAAAAd9XNPx2+0IQEPAxAuNAzboEpkIoIIt7YyWy1yMSPyRgAAAAAAABAAAAAeICAAAAAAAAFgAUZgKCSDYLGFCfr/+wct22sUz3la8AAAAAAAEBH+ICAAAAAAAAFgAUZgKCSDYLGFCfr/+wct22sUz3la8BCGwCSDBFAiEAyn8Lc5xxkUargxFHzVd4vwXbIL1linXxL9yEFoo8FA8CIGzYOXHC+1+dgW3QZ9TuP8CWkdWiRciQYQUhRCBhQiW6gyEDyLk4yWjGa8HkR8SBjWeFJ4i/UblbRjaQntNBDAF7RIAAAA=='
  5. You'll get a psbt back that contains your node's utxo in it, ready to be signed and published and that will crash lightningd when you try to do it

@niftynei
Copy link
Collaborator

And the crash is the same? I don't know:

The crash is the same b/c we react the same way to a PSBT that's in some slightly "incorrect" state (call fatal).

Now this one has the first input finalized:
cHNidP8BAHsCAAAAAvuxXEAeX5exw8ZHu2qGtNunUPLr+E45hzH0D4fOLhapAAAAAAABAAAAV6BwoisrgZEB8nM3I6Gr/TK4pll71h2cGIoT0iUNxw0AAAAAAAAAAAAB4gIAAAAAAAAWABSB/6fHdOptg0U8kKiAAgDjBTEmawAAAAAAAQEf4gIAAAAAAAAWABSB/6fHdOptg0U8kKiAAgDjBTEmawEIbAJIMEUCIQCx/6WwdUKyvB4hkJefMgU+hhUJOkrVlvhYbmKmhQtMjAIgclHmaES4av0xZbMBu4sMbGZm5KyMWFrD1aTY6SihNLqDIQKN/hmqwQM7MUsLeKm/vRNjvxobISj4W3kAmqNSqo2UjwAAAA==

Trying to sign this fails because it's missing the utxo information for the second input that you're asking CLN to sign for, there's no witness_utxo or non_witness_utxo data in the PSBT, so it doesn't have the amount+scriptCode to generate the sig digest to sign.

Ultimately, all these are the same underlying issue: the PSBT you're asking to sign is in a state that libwally doesn't like. (and we call fatal when that happens).

On our end, the correct thing to do would be to return a nice error telling you what the problem with your PSBT is, not crashing. This doesn't really solve your problem tho (wanting to get a signed PSBT).

What you really want is the bitcoind equivalent of utxoupdatepsbt on CLN, but we don't offer this out of the box. Maybe this would work instead?

  1. Start node on regtest
  2. Generate a block to one of its addresses
  3. Build a psbt (one input, from the service you're using)
  4. Call utxopsbt with the amount you want committed to the output in the psbt built in step 3?
lightning-cli utxopsbt -k satoshi=<amount_to_put_in_output> feerate=<feerate> startweight=0 utxos='["<utxo_from_listfunds>:vout"]' excess_as_change=true
  1. Join the two psbts using bitcoind's joinpsbt
bitcoin-cli joinpsbts '["lightning-psbt", "step 3 psbt"]'
  1. Call signpsbt with the result from joinpsbt

niftynei added a commit to niftynei/lightning that referenced this issue Aug 11, 2022
@niftynei
psbt: dont crash when printing psbt to log
1d9a212 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
niftynei added a commit to niftynei/lightning that referenced this issue Aug 11, 2022
@niftynei
signpsbt: add utxo info to inputs
b7c3b29 
If you build a PSBT externally from CLN and attempt to sign for the
output, we would crash. Now we don't crash.

Changelog-Changed: JSON-RPC: `signpsbt` will now add redeemscript + witness-utxo to the PSBT for an input that we can sign for, before signing it.

Fixes ElementsProject#5499 ?
@niftynei
Copy link
Collaborator

Ok, since the proposed fix for this is pretty not fun (needing bitcoin-cli? having to call utxopsbt?) I went ahead and updated the signpsbt command to just fill in everything we need if it's missing for any input that we have in our wallet.

#5506 has been updated to do this now, can you check that it works with the plugin you're building?

Note that it'll still crash if you attempt to sign a PSBT that it doesn't like for any other reason.

@fiatjaf
Copy link
Contributor Author

fiatjaf commented Aug 11, 2022

Yes, it worked now!

Thank you, that improves my life a lot, although if only I knew more about psbts none of these problems would have happened because I would have known I had to provide the utxo.

niftynei added a commit that referenced this issue Aug 13, 2022
@niftynei
signpsbt: add utxo info to inputs
4984014 
If you build a PSBT externally from CLN and attempt to sign for the
output, we would crash. Now we don't crash.

Changelog-Changed: JSON-RPC: `signpsbt` will now add redeemscript + witness-utxo to the PSBT for an input that we can sign for, before signing it.

Fixes #5499 ?
whitslack pushed a commit to whitslack/lightning that referenced this issue Aug 30, 2022
@niftynei @whitslack
psbt: dont crash when printing psbt to log
396bfc3 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
whitslack pushed a commit to whitslack/lightning that referenced this issue Aug 30, 2022
@niftynei @whitslack
psbt: dont crash when printing psbt to log
ca2ba60 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
whitslack pushed a commit to whitslack/lightning that referenced this issue Aug 30, 2022
@niftynei @whitslack
psbt: dont crash when printing psbt to log
98fa6b8 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
whitslack pushed a commit to whitslack/lightning that referenced this issue Oct 8, 2022
@niftynei @whitslack
psbt: dont crash when printing psbt to log
96bffac 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
whitslack pushed a commit to whitslack/lightning that referenced this issue Oct 8, 2022
@niftynei @whitslack
signpsbt: add utxo info to inputs
f0cf2c9 
If you build a PSBT externally from CLN and attempt to sign for the
output, we would crash. Now we don't crash.

Changelog-Changed: JSON-RPC: `signpsbt` will now add redeemscript + witness-utxo to the PSBT for an input that we can sign for, before signing it.

Fixes ElementsProject#5499 ?
whitslack pushed a commit to whitslack/lightning that referenced this issue Oct 28, 2022
@niftynei @whitslack
psbt: dont crash when printing psbt to log
a0499fa 
We call `tal_wally_start` and then `tal_wally_start` again in
`type_to_string` for psbt.

end the last tal before calling type to string.

Fixes: ElementsProject#5499
Reported-By: @fiatjaf

lightning_hsmd: FATAL SIGNAL 6 (version v0.11.0.1-231-gddf8fbd-modded)
0x5574ca0d87ef send_backtrace
	common/daemon.c:33
0x5574ca0d8877 crashdump
	common/daemon.c:46
0x7f76ef63e8df ???
	???:0
0x7f76ef68e36c ???
	???:0
0x7f76ef63e837 ???
	???:0
0x7f76ef628534 ???
	???:0
0x5574ca0df55e tal_wally_start
	common/utils.c:27
0x5574ca0e4024 psbt_to_b64
	bitcoin/psbt.c:687
0x5574ca0e4093 fmt_wally_psbt_
	bitcoin/psbt.c:694
0x5574ca0df4b9 type_to_string_
	common/type_to_string.c:32
0x5574ca0d5139 sign_our_inputs
	hsmd/libhsmd.c:486
0x5574ca0d5206 handle_sign_withdrawal_tx
	hsmd/libhsmd.c:1029
0x5574ca0d63c4 hsmd_handle_client_message
	hsmd/libhsmd.c:1575
0x5574ca0ce763 handle_client
	hsmd/hsmd.c:671
0x5574ca100032 next_plan
	ccan/ccan/io/io.c:59
0x5574ca1004b9 do_plan
	ccan/ccan/io/io.c:407
0x5574ca100552 io_ready
	ccan/ccan/io/io.c:417
0x5574ca101daf io_loop
	ccan/ccan/io/poll.c:453
0x5574ca0ceb7b main
	hsmd/hsmd.c:739
0x7f76ef62928f ???
	???:0
0x7f76ef629349 ???
	???:0
0x5574ca0cda04 ???
	../sysdeps/x86_64/start.S:115
whitslack pushed a commit to whitslack/lightning that referenced this issue Oct 28, 2022
@niftynei @whitslack
signpsbt: add utxo info to inputs
6700bd1 
If you build a PSBT externally from CLN and attempt to sign for the
output, we would crash. Now we don't crash.

Changelog-Changed: JSON-RPC: `signpsbt` will now add redeemscript + witness-utxo to the PSBT for an input that we can sign for, before signing it.

Fixes ElementsProject#5499 ?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@niftynei niftynei

Labels
None yet
Projects
None yet
Milestone
v0.12
Development

No branches or pull requests
2 participants
@niftynei @fiatjaf