Fuzzer hit splice-while-splice-pending debug_assert! in FundedChannel::stfu() #4429
Description
Repro on 62c7575:
echo -ne '\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xa2\xa2\xff\xa2\xa2\xa2\xa2\xff\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xa2\xff\x4c\x13' | RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo +nightly run --features stdin_fuzz --bin chanmon_consistency_target
Assert introduced in #4290
thread 'main' (7531089) panicked at /Users/joost/repo/rust-lightning/lightning/src/ln/channel.rs:13572:7:
assertion failed: false
stack backtrace:
0: __rustc::rust_begin_unwind
at /rustc/d940e56841ddcc05671ead99290e35ff2e98369f/library/std/src/panicking.rs:689:5
1: core::panicking::panic_fmt
at /rustc/d940e56841ddcc05671ead99290e35ff2e98369f/library/core/src/panicking.rs:80:14
2: core::panicking::panic
at /rustc/d940e56841ddcc05671ead99290e35ff2e98369f/library/core/src/panicking.rs:150:5
3: <lightning::ln::channel::FundedChannel<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>>>::stfu::<&lightning::util::logger::WithContext<alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>>>
at /Users/joost/repo/rust-lightning/lightning/src/ln/channel.rs:13572:7
4: <lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>>>::internal_stfu
at /Users/joost/repo/rust-lightning/lightning/src/ln/channelmanager.rs:12408:21
5: <lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>> as lightning::ln::msgs::ChannelMessageHandler>::handle_stfu::{closure#0}
at /Users/joost/repo/rust-lightning/lightning/src/ln/channelmanager.rs:15781:19
6: <lightning::ln::channelmanager::PersistenceNotifierGuard<fn() -> lightning::ln::channelmanager::NotifyOption>>::optionally_notify::<<lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>> as lightning::ln::msgs::ChannelMessageHandler>::handle_stfu::{closure#0}, lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>>>::{closure#0}
at /Users/joost/repo/rust-lightning/lightning/src/ln/channelmanager.rs:2964:18
7: <lightning::ln::channelmanager::PersistenceNotifierGuard<<lightning::ln::channelmanager::PersistenceNotifierGuard<fn() -> lightning::ln::channelmanager::NotifyOption>>::optionally_notify<<lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>> as lightning::ln::msgs::ChannelMessageHandler>::handle_stfu::{closure#0}, lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>>>::{closure#0}> as core::ops::drop::Drop>::drop
at /Users/joost/repo/rust-lightning/lightning/src/ln/channelmanager.rs:3007:9
8: core::ptr::drop_in_place::<lightning::ln::channelmanager::PersistenceNotifierGuard<<lightning::ln::channelmanager::PersistenceNotifierGuard<fn() -> lightning::ln::channelmanager::NotifyOption>>::optionally_notify<<lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>> as lightning::ln::msgs::ChannelMessageHandler>::handle_stfu::{closure#0}, lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>>>::{closure#0}>>
at /Users/joost/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:805:1
9: <lightning::ln::channelmanager::ChannelManager<alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestChainMonitor>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::TestBroadcaster>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::KeyProvider>, alloc::sync::Arc<lightning_fuzz::chanmon_consistency::FuzzEstimator>, &lightning_fuzz::chanmon_consistency::FuzzRouter, &lightning_fuzz::chanmon_consistency::FuzzRouter, alloc::sync::Arc<dyn lightning::util::logger::Logger + core::marker::Sync + core::marker::Send>> as lightning::ln::msgs::ChannelMessageHandler>::handle_stfu
at /Users/joost/repo/rust-lightning/lightning/src/ln/channelmanager.rs:15796:2
10: lightning_fuzz::chanmon_consistency::do_test::<lightning_fuzz::utils::test_logger::DevNull>
11: lightning_fuzz::chanmon_consistency::chanmon_consistency_test::<lightning_fuzz::utils::test_logger::DevNull>
at ./src/chanmon_consistency.rs:2764:2
12: chanmon_consistency_target::main::{closure#0}
at ./src/bin/chanmon_consistency_target.rs:62:3
13: std::panicking::catch_unwind::do_call::<chanmon_consistency_target::main::{closure#0}, ()>
at /Users/joost/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/src/rust/library/std/src/panicking.rs:581:40
14: std::panicking::catch_unwind::<(), chanmon_consistency_target::main::{closure#0}>
at /Users/joost/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/src/rust/library/std/src/panicking.rs:544:19
15: std::panic::catch_unwind::<chanmon_consistency_target::main::{closure#0}, ()>
at /Users/joost/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/src/rust/library/std/src/panic.rs:359:14
16: chanmon_consistency_target::main
at ./src/bin/chanmon_consistency_target.rs:61:12
17: <fn() as core::ops::function::FnOnce<()>>::call_once
at /Users/joost/.rustup/toolchains/nightly-aarch64-apple-darwin/lib/rustlib/src/rust/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.