Lightning: Crash in lightning_connectd on master on FreeBSD

Created on 23 Nov 2020  路  17Comments  路  Source: ElementsProject/lightning

I upgraded from 711133e3c to 66b2bb9a9 and get a crash soon after launch now (every time):

~/src/clightning % gdb ./lightningd/lightning_connectd /coredumps/1001.lightning_connectd.33684.core
GNU gdb (GDB) 9.2 [GDB v9.2 for FreeBSD]
[New LWP 101203]
Core was generated by `/usr/home/user/src/clightning/lightningd/lightning_connectd'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  fmt_wireaddr_internal (ctx=0x800a76088, a=0x76130) at common/wireaddr.c:212
212             switch (a->itype) {
(gdb) bt
#0  fmt_wireaddr_internal (ctx=0x800a76088, a=0x76130) at common/wireaddr.c:212
#1  0x0000000000252c3a in type_to_string_ (ctx=0x800a76088, typename=0x2052b5 "wireaddr_internal", u=...) at common/type_to_string.c:35
#2  0x000000000024868c in destroy_io_conn (conn=<optimized out>, connect=0x800ba9168) at connectd/connectd.c:703
#3  0x000000000027157d in io_close_taken_fd (conn=0x800b50268) at ccan/ccan/io/io.c:463
#4  0x0000000000245aaf in peer_connected (conn=0x800b50268, daemon=<optimized out>, id=<optimized out>, addr=0x800bae854, cs=0x800bae960, their_features=0x800a76928 "\002\242\241\001") at connectd/connectd.c:511
#5  0x0000000000248a46 in peer_init_received (conn=0x800b50268, peer=<optimized out>) at connectd/peer_exchange_initmsg.c:94
#6  0x0000000000270cec in next_plan (conn=0x800b50268, plan=<optimized out>) at ccan/ccan/io/io.c:59
#7  0x00000000002713ef in io_ready (conn=0x800b50268, pollflags=1) at ccan/ccan/io/io.c:417
#8  0x00000000002726b2 in io_loop (timers=0x800b48090, expired=0x7fffffffe9a0) at ccan/ccan/io/poll.c:445
#9  0x000000000024618b in main (argc=<optimized out>, argv=<optimized out>) at connectd/connectd.c:1703
(gdb) print *a
Cannot access memory at address 0x76130

It looks like an invalid address is being passed (use after free?).

I intended to bisect, unfortunately the old commit won't take my data anymore :crying_cat_face:

Edit: Looks like I have a working commit without the problem: 4f2ae48c5401f289c7defca7a16df67c13b9c679

picture laanwj

All 17 comments

abad494fcf1e41b059a2627c633b0f5fd555a0c8 is the first bad commit

commit abad494fcf1e41b059a2627c633b0f5fd555a0c8
Author: niftynei <[email protected]>
Date:   Mon Nov 16 19:06:24 2020 -0600

    connectd: properly cleanup 'competing' outgoing connections

    Coauthored-By: Rusty Russell @rustyrussell

 connectd/connectd.c | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)

Edit: tried out 66b2bb9a90c5cbb83dd510fbcb450104cb4712d5 with the commit reverted: no crashes.

laanwj picture laanwj on 23 Nov 2020
👀1

I see what the issue is but not totally sure what's causing it. Do you have debug logs you can share for what happens leading up to the crash?

niftynei picture niftynei on 25 Nov 2020

That's embarrassing! My cleanup to fix simultaneous connects in & out made it worse :(

I'll try to write a stress test which triggers this now, as penance.

rustyrussell picture rustyrussell on 26 Nov 2020

I cannot reproduce this :( I have reproduced the problem that this patch fixed, but I can't see how this one happens. Annoying.

Can I prepare a patch for you to try, which may give more information?

rustyrussell picture rustyrussell on 26 Nov 2020

This should provide some clues (on top of master)? The alternative is to run under valgrind, but that's really slow...

connectd: track incoming vs outgoing connections, print out frees.

Since we seem to have an issue here.

Signed-off-by: Rusty Russell <[email protected]>

diff --git a/connectd/connectd.c b/connectd/connectd.c
index 4d20dbc69..985b6315f 100644
--- a/connectd/connectd.c
+++ b/connectd/connectd.c
@@ -279,7 +279,8 @@ static struct connecting *find_connecting(struct daemon *daemon,
  * to try the next address. */
 static void connected_to_peer(struct daemon *daemon,
                  struct io_conn *conn,
-                 const struct node_id *id)
+                 const struct node_id *id,
+                 bool out)
 {
    struct connecting *outgoing;

@@ -295,10 +296,15 @@ static void connected_to_peer(struct daemon *daemon,
    outgoing = find_connecting(daemon, id);
    if (outgoing) {
        /* Don't call destroy_io_conn, since we're done. */
-       if (outgoing->conn)
+       if (outgoing->conn) {
+           fprintf(stderr, "%i: conn %p (%s) clearing destructor for outgoing->conn %p\n",
+               getpid(), conn, out ? "out" : "in", outgoing->conn);
            io_set_finish(outgoing->conn, NULL, NULL);
+       }

        /* Now free the 'connecting' struct. */
+       fprintf(stderr, "%i: conn %p (%s) freeing connecting %p\n",
+           getpid(), conn, out ? "out" : "in", outgoing);
        tal_free(outgoing);
    }
 }
@@ -371,6 +377,7 @@ struct peer_reconnected {
    struct wireaddr_internal addr;
    struct crypto_state cs;
    const u8 *their_features;
+   bool out;
 };

 /*~ For simplicity, lightningd only ever deals with a single connection per
@@ -387,7 +394,7 @@ static struct io_plan *retry_peer_connected(struct io_conn *conn,
    /*~ Usually the pattern is to return this directly, but we have to free
     * our temporary structure. */
    plan = peer_connected(conn, pr->daemon, &pr->id, &pr->addr, &pr->cs,
-                 take(pr->their_features));
+                 take(pr->their_features), pr->out);
    tal_free(pr);
    return plan;
 }
@@ -399,7 +406,8 @@ static struct io_plan *peer_reconnected(struct io_conn *conn,
                    const struct node_id *id,
                    const struct wireaddr_internal *addr,
                    const struct crypto_state *cs,
-                   const u8 *their_features TAKES)
+                   const u8 *their_features TAKES,
+                   bool out)
 {
    u8 *msg;
    struct peer_reconnected *pr;
@@ -416,6 +424,7 @@ static struct io_plan *peer_reconnected(struct io_conn *conn,
    pr->id = *id;
    pr->cs = *cs;
    pr->addr = *addr;
+   pr->out = out;

    /*~ Note that tal_dup_talarr() will do handle the take() of features
     * (turning it into a simply tal_steal() in those cases). */
@@ -439,7 +448,8 @@ struct io_plan *peer_connected(struct io_conn *conn,
                   const struct node_id *id,
                   const struct wireaddr_internal *addr,
                   struct crypto_state *cs,
-                  const u8 *their_features TAKES)
+                  const u8 *their_features TAKES,
+                  bool out)
 {
    u8 *msg;
    struct per_peer_state *pps;
@@ -448,7 +458,7 @@ struct io_plan *peer_connected(struct io_conn *conn,

    if (node_set_get(&daemon->peers, id))
        return peer_reconnected(conn, daemon, id, addr, cs,
-                   their_features);
+                   their_features, out);

    /* We promised we'd take it by marking it TAKEN above; prepare to free it. */
    if (taken(their_features))
@@ -481,7 +491,7 @@ struct io_plan *peer_connected(struct io_conn *conn,
    }

    /* We've successfully connected. */
-   connected_to_peer(daemon, conn, id);
+   connected_to_peer(daemon, conn, id, out);

    /* This contains the per-peer state info; gossipd fills in pps->gs */
    pps = new_per_peer_state(tmpctx, cs);
@@ -527,7 +537,7 @@ static struct io_plan *handshake_in_success(struct io_conn *conn,
    node_id_from_pubkey(&id, id_key);
    status_peer_debug(&id, "Connect IN");
    return peer_exchange_initmsg(conn, daemon, daemon->our_features,
-                    cs, &id, addr);
+                    cs, &id, addr, false);
 }

 /*~ If the timer goes off, we simply free everything, which hangs up. */
@@ -601,7 +611,7 @@ static struct io_plan *handshake_out_success(struct io_conn *conn,
    status_peer_debug(&id, "Connect OUT");
    return peer_exchange_initmsg(conn, connect->daemon,
                     connect->daemon->our_features,
-                    cs, &id, addr);
+                    cs, &id, addr, true);
 }

 struct io_plan *connection_out(struct io_conn *conn, struct connecting *connect)
@@ -707,6 +717,8 @@ static void destroy_io_conn(struct io_conn *conn, struct connecting *connect)
            errstr = "peer closed connection (wrong key?)";
    }

+   fprintf(stderr, "%i: destroying (outgoing) conn %p, connecting %p\n",
+       getpid(), conn, connect);
    add_errors_to_error_list(connect,
               tal_fmt(tmpctx, "%s: %s: %s",
               type_to_string(tmpctx, struct wireaddr_internal,
@@ -811,6 +823,8 @@ static void try_connect_one_addr(struct connecting *connect)
                   connect->seconds_waited,
                   connect->addrhint, CONNECT_ALL_ADDRESSES_FAILED,
                   "%s", connect->errors);
+       fprintf(stderr, "%i: failed connecting, freeing connecting %p\n",
+           getpid(), connect);
        tal_free(connect);
        return;
    }
diff --git a/connectd/connectd.h b/connectd/connectd.h
index fbe7c6d0b..48409415a 100644
--- a/connectd/connectd.h
+++ b/connectd/connectd.h
@@ -22,6 +22,7 @@ struct io_plan *peer_connected(struct io_conn *conn,
                   const struct node_id *id,
                   const struct wireaddr_internal *addr,
                   struct crypto_state *cs,
-                  const u8 *their_features TAKES);
+                  const u8 *their_features TAKES,
+                  bool out);

 #endif /* LIGHTNING_CONNECTD_CONNECTD_H */
diff --git a/connectd/peer_exchange_initmsg.c b/connectd/peer_exchange_initmsg.c
index 5283777fb..3e9059889 100644
--- a/connectd/peer_exchange_initmsg.c
+++ b/connectd/peer_exchange_initmsg.c
@@ -24,6 +24,7 @@ struct peer {
    /* Crypto state for writing/reading peer initmsg */
    struct crypto_state cs;

+   bool out;
    /* Buffer for reading/writing message. */
    u8 *msg;
 };
@@ -93,7 +94,8 @@ static struct io_plan *peer_init_received(struct io_conn *conn,
     * be disconnected if it's a reconnect. */
    return peer_connected(conn, peer->daemon, &peer->id,
                  &peer->addr, &peer->cs,
-                 take(features));
+                 take(features),
+                 peer->out);
 }

 static struct io_plan *peer_init_hdr_received(struct io_conn *conn,
@@ -139,7 +141,8 @@ struct io_plan *peer_exchange_initmsg(struct io_conn *conn,
                      const struct feature_set *our_features,
                      const struct crypto_state *cs,
                      const struct node_id *id,
-                     const struct wireaddr_internal *addr)
+                     const struct wireaddr_internal *addr,
+                     bool out)
 {
    /* If conn is closed, forget peer */
    struct peer *peer = tal(conn, struct peer);
@@ -150,6 +153,7 @@ struct io_plan *peer_exchange_initmsg(struct io_conn *conn,
    peer->id = *id;
    peer->addr = *addr;
    peer->cs = *cs;
+   peer->out = out;

    /* BOLT #1:
     *
diff --git a/connectd/peer_exchange_initmsg.h b/connectd/peer_exchange_initmsg.h
index 9948ba349..0acfca03e 100644
--- a/connectd/peer_exchange_initmsg.h
+++ b/connectd/peer_exchange_initmsg.h
@@ -15,6 +15,7 @@ struct io_plan *peer_exchange_initmsg(struct io_conn *conn,
                      const struct feature_set *our_features,
                      const struct crypto_state *cs,
                      const struct node_id *id,
-                     const struct wireaddr_internal *addr);
+                     const struct wireaddr_internal *addr,
+                     bool out);

 #endif /* LIGHTNING_CONNECTD_PEER_EXCHANGE_INITMSG_H */
rustyrussell picture rustyrussell on 26 Nov 2020

@niftynei Unfortunately, there wasn't anything about this in the log at all. I haven't yet tried to crank up the debug level though.

@rustyrussell Thanks! Will give it a try later.

laanwj picture laanwj on 26 Nov 2020

stderr output:

user@medea:~ % ./launch-lightning-debug.sh 
51331: destroying (outgoing) conn 0x800b503e8, connecting 0x800ba9168
51331: destroying (outgoing) conn 0x800b50aa8, connecting 0x800ba9668
51331: destroying (outgoing) conn 0x800b503e8, connecting 0x800ba95c8
51331: conn 0x800b50c28 (out) clearing destructor for outgoing->conn 0x800b50c28
51331: conn 0x800b50c28 (out) freeing connecting 0x800ba9668
51331: conn 0x800b50328 (out) clearing destructor for outgoing->conn 0x800b50328
51331: conn 0x800b50328 (out) freeing connecting 0x800ba9208
51331: conn 0x800b509e8 (out) clearing destructor for outgoing->conn 0x800b509e8
51331: conn 0x800b509e8 (out) freeing connecting 0x800ba9168
51331: conn 0x800b50b68 (out) clearing destructor for outgoing->conn 0x800b50b68
51331: conn 0x800b50b68 (out) freeing connecting 0x800ba9708
51331: conn 0x800b504a8 (out) clearing destructor for outgoing->conn 0x800b504a8
51331: conn 0x800b504a8 (out) freeing connecting 0x800ba92a8
51331: destroying (outgoing) conn 0x800b50b68, connecting 0x800ba9708
51331: conn 0x800b50328 (in) clearing destructor for outgoing->conn 0x800b50868
51331: conn 0x800b50328 (in) freeing connecting 0x800ba9488
51331: conn 0x800b50328 (out) clearing destructor for outgoing->conn 0x800b50328
51331: conn 0x800b50328 (out) freeing connecting 0x800ba9488
51331: conn 0x800b509e8 (out) freeing connecting 0x800ba9708
51331: destroying (outgoing) conn 0x800b509e8, connecting 0x800ba9708
lightningd: connectd failed (signal 11), exiting.

The gdb backtrace is still the same. I kept the core dump and binary, so if you need any further information from it let me know.

I did enable debugging this time. Last connectd related messages in the log are:

2020-11-26T14:06:21.164Z DEBUG   connectd: Now try LN connect out for host 2b3d5dc7ejbnaqmrsdx3stopvswyhx7l2rtrddgqwgwhjn436k5hx7qd.onion
2020-11-26T14:06:21.528Z DEBUG   connectd: Connected out, starting crypto
2020-11-26T14:06:21.538Z DEBUG   connectd: Connect OUT
2020-11-26T14:06:21.539Z DEBUG   connectd: peer_out WIRE_INIT
2020-11-26T14:06:21.541Z DEBUG   connectd: peer_in WIRE_INIT
2020-11-26T14:06:21.729Z DEBUG   connectd: Connect OUT
2020-11-26T14:06:24.047Z DEBUG   connectd: peer_out WIRE_INIT

There is nothing from connectd immediately prior to crash. Last log messages prior to crash are:

2020-11-26T14:06:25.702Z DEBUG   channeld-chan#56419: Received commit_sig with 0 htlc sigs
2020-11-26T14:06:25.702Z DEBUG   channeld-chan#56419: Sending revoke_and_ack
2020-11-26T14:06:25.703Z DEBUG   channeld-chan#56419: Sending master 1021
2020-11-26T14:06:25.703Z DEBUG   chan#56419: got commitsig 7649: feerate 19701, 0 added, 0 fulfilled, 0 failed, 0 changed
laanwj picture laanwj on 26 Nov 2020
👀1

Hmm :( There's a regretful amount of memory recycling in there, but no smoking gun. Ok, can we try again? This time we'll print out the addresses first, too, in case it's funky from the start somehow...

If this fails, we might need valgrind :(

diff --git a/connectd/connectd.c b/connectd/connectd.c
index 5f889ee94..9d42658a8 100644
--- a/connectd/connectd.c
+++ b/connectd/connectd.c
@@ -795,6 +807,8 @@ static void try_connect_one_addr(struct connecting *connect)
    const struct wireaddr_internal *addr = &connect->addrs[connect->addrnum];

    /* In case we fail without a connection, make destroy_io_conn happy */
+   fprintf(stderr, "%i: connect %p conn set to NULL\n",
+       getpid(), connect);
    connect->conn = NULL;

    /* Out of addresses? */
@@ -878,6 +894,8 @@ static void try_connect_one_addr(struct connecting *connect)
        connect->conn = io_new_conn(connect, fd, conn_proxy_init, connect);
    else
        connect->conn = io_new_conn(connect, fd, conn_init, connect);
+   fprintf(stderr, "%i: connecting %s set conn %s\n",
+       getpid(), connect, conn);
 }

 /*~ connectd is responsible for incoming connections, but it's the process of
@@ -1538,6 +1556,15 @@ static void try_connect_peer(struct daemon *daemon,
    list_add_tail(&daemon->connecting, &connect->list);
    tal_add_destructor(connect, destroy_connecting);

+   fprintf(stderr, "%i: connecting %p with %zu addrs\n",
+       getpid(), connecting, tal_count(connect->addrs));
+   for (size_t i = 0; i < tal_count(connect->addrs); i++) {
+       fprintf(stderr, "%i: %zu/%zu = %s\n",
+           getpid(), i, tal_count(connect->addrs),
+           type_to_string(tmpctx, struct wireaddr_internal,
+                      &connect->addrs[i]));
+   }
+
    /* Now we kick it off by recursively trying connect->addrs[connect->addrnum] */
    try_connect_one_addr(connect);
 }
rustyrussell picture rustyrussell on 27 Nov 2020

Note you can just mv lightning_connectd and replace it with a script which calls valgrind on the real lightning_connectd...

rustyrussell picture rustyrussell on 29 Nov 2020 
mv lightning_connectd lightning_connectd.real
cat > lightning_connectd <<EOF
#! /bin/sh
exec valgrind -q "$0".real
EOF
chmod a+x lightning_connectd
rustyrussell picture rustyrussell on 2 Dec 2020

Note you can just mv lightning_connectd and replace it with a script which calls valgrind on the real lightning_connectd...

I first couldn't figure out how to get valgrind intsalled but it looks like FreeBSD has a package valgrind-devel. I've installed it and I'll give it a try, that way, thanks!

I was getting an "invalid version" error, trying with:

#!/bin/sh
exec valgrind -q "$0".real "$@"
laanwj picture laanwj on 3 Dec 2020
👍1

I get this output. Don't know if this is helpful (or even the real problem):

==42653== Syscall param socketcall.connect(serv_addr..sa_len) points to uninitialised byte(s)
==42653==    at 0x4C7D19A: _connect (in /lib/libc.so.7)
==42653==    by 0x4EE1F35: ??? (in /lib/libthr.so.3)
==42653==    by 0x249D57: get_local_sockname (netaddress.c:212)
==42653==    by 0x249CDB: guess_address (netaddress.c:242)
==42653==    by 0x2473D0: public_address (connectd.c:1003)
==42653==    by 0x246CE4: setup_listeners (connectd.c:0)
==42653==    by 0x246566: connect_init (connectd.c:1311)
==42653==    by 0x270CEB: next_plan (io.c:59)
==42653==    by 0x2713EE: io_ready (io.c:417)
==42653==    by 0x2726B1: io_loop (poll.c:445)
==42653==    by 0x24618A: main (connectd.c:1703)
==42653==  Address 0x7fc000690 is on thread 1's stack
==42653==  in frame #3, created by guess_address (netaddress.c:231)
==42653==

There is no crash anymore.

laanwj picture laanwj on 3 Dec 2020

I am unable to reproduce this anymore, unfortunately. Will reopen if it comes back.

laanwj picture laanwj on 3 Dec 2020

Thanks. The commit you fingered as the culprit fixes this bug, so I was completely confused.

Perhaps a bug in our build system means bisect wasn't giving valid results?

Your valgrind error is harmless, but I will fix anyway.

rustyrussell picture rustyrussell on 6 Dec 2020

Unfortunately, I have a crash in connectd again (current master 6030d0542acbeacfaf3860e8786b28f04d3ae0d9).
Looks like the same problem:

Reading symbols from ./lightningd/lightning_connectd...

warning: core file may not match specified executable file.
[New LWP 100090]
Core was generated by `/usr/home/user/src/clightning/lightningd/lightning_connectd'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  fmt_wireaddr_internal (ctx=0x800a4d0b8, a=0x76130) at common/wireaddr.c:212
212             switch (a->itype) {
(gdb) bt
#0  fmt_wireaddr_internal (ctx=0x800a4d0b8, a=0x76130) at common/wireaddr.c:212
#1  0x000000000025437a in type_to_string_ (ctx=0x800a4d0b8, typename=0x205385 "wireaddr_internal", u=...) at common/type_to_string.c:35
#2  0x000000000024977c in destroy_io_conn (conn=<optimized out>, connect=0x801200488) at connectd/connectd.c:703
#3  0x0000000000272c2d in io_close_taken_fd (conn=0x800bc93e8) at ccan/ccan/io/io.c:463
#4  0x0000000000246b9f in peer_connected (conn=0x800bc93e8, daemon=<optimized out>, id=<optimized out>, addr=0x801205a54, cs=0x801205b60, their_features=0x800a4d538 "\002\242\241") at connectd/connectd.c:511
#5  0x0000000000249b36 in peer_init_received (conn=0x800bc93e8, peer=<optimized out>) at connectd/peer_exchange_initmsg.c:94
#6  0x000000000027239c in next_plan (conn=0x800bc93e8, plan=<optimized out>) at ccan/ccan/io/io.c:59
#7  0x0000000000272a9f in io_ready (conn=0x800bc93e8, pollflags=1) at ccan/ccan/io/io.c:417
#8  0x0000000000273d62 in io_loop (timers=0x800bc1090, expired=0x7fffffffe9a0) at ccan/ccan/io/poll.c:445
#9  0x000000000024727b in main (argc=<optimized out>, argv=<optimized out>) at connectd/connectd.c:1703
(gdb) print *a
Cannot access memory at address 0x76130
laanwj picture laanwj on 30 Dec 2020


Valgrind output

==38264== Invalid read of size 8
==38264==    at 0x24975C: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794fa0 is 112 bytes inside a block of size 160 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x484F394: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C30F: allocate (tal.c:250)
==38264==    by 0x27C230: tal_alloc_ (tal.c:428)
==38264==    by 0x248B79: try_connect_peer (connectd.c:1526)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x24976B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794fa8 is 120 bytes inside a block of size 160 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x484F394: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C30F: allocate (tal.c:250)
==38264==    by 0x27C230: tal_alloc_ (tal.c:428)
==38264==    by 0x248B79: try_connect_peer (connectd.c:1526)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 4
==38264==    at 0x2550F6: fmt_wireaddr_internal (wireaddr.c:212)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794de0 is 304 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 4
==38264==    at 0x25523E: fmt_wireaddr_without_port (wireaddr.c:238)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794de4 is 308 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x255290: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794de8 is 312 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x48549B0: memcpy (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x279B86: encode_8_chars (base32.c:125)
==38264==    by 0x279B1F: base32_encode (base32.c:149)
==38264==    by 0x24D5DA: b32_encode (base32.c:12)
==38264==    by 0x25529F: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==  Address 0x5794de9 is 313 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x48549D0: memcpy (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x279B86: encode_8_chars (base32.c:125)
==38264==    by 0x279B1F: base32_encode (base32.c:149)
==38264==    by 0x24D5DA: b32_encode (base32.c:12)
==38264==    by 0x25529F: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==  Address 0x5794dea is 314 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x48549D5: memcpy (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x279B86: encode_8_chars (base32.c:125)
==38264==    by 0x279B1F: base32_encode (base32.c:149)
==38264==    by 0x24D5DA: b32_encode (base32.c:12)
==38264==    by 0x25529F: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==  Address 0x5794deb is 315 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x48549DC: memcpy (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x279B86: encode_8_chars (base32.c:125)
==38264==    by 0x279B1F: base32_encode (base32.c:149)
==38264==    by 0x24D5DA: b32_encode (base32.c:12)
==38264==    by 0x25529F: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==  Address 0x5794dec is 316 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x48549E3: memcpy (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x279B86: encode_8_chars (base32.c:125)
==38264==    by 0x279B1F: base32_encode (base32.c:149)
==38264==    by 0x24D5DA: b32_encode (base32.c:12)
==38264==    by 0x25529F: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==  Address 0x5794ded is 317 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 2
==38264==    at 0x4854940: memcpy (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x279B86: encode_8_chars (base32.c:125)
==38264==    by 0x279B1F: base32_encode (base32.c:149)
==38264==    by 0x24D5DA: b32_encode (base32.c:12)
==38264==    by 0x25529F: fmt_wireaddr_without_port (wireaddr.c:249)
==38264==    by 0x2551ED: fmt_wireaddr (wireaddr.c:261)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==  Address 0x5794dee is 318 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 2
==38264==    at 0x2551F2: fmt_wireaddr (wireaddr.c:262)
==38264==    by 0x254379: type_to_string_ (type_to_string.c:35)
==38264==    by 0x24977B: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794e0c is 348 bytes inside a block of size 568 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x248D0F: add_gossip_addrs (connectd.c:1453)
==38264==    by 0x248A08: try_connect_peer (connectd.c:1494)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x24977C: destroy_io_conn (connectd.c:703)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794fb8 is 136 bytes inside a block of size 160 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x484F394: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C30F: allocate (tal.c:250)
==38264==    by 0x27C230: tal_alloc_ (tal.c:428)
==38264==    by 0x248B79: try_connect_peer (connectd.c:1526)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x27B960: tal_append_vfmt (str.c:102)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794fc0 is 144 bytes inside a block of size 160 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x484F394: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C30F: allocate (tal.c:250)
==38264==    by 0x27C230: tal_alloc_ (tal.c:428)
==38264==    by 0x248B79: try_connect_peer (connectd.c:1526)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x4853330: strlen (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27B967: tal_append_vfmt (str.c:102)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c88 is 40 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
==38264== Invalid read of size 1
==38264==    at 0x4853339: strlen (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27B967: tal_append_vfmt (str.c:102)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c8a is 42 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x27CE8E: tal_resize_ (tal.c:694)
==38264==    by 0x27B874: do_vfmt (str.c:60)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5794fc0 is 144 bytes inside a block of size 160 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x484F394: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C30F: allocate (tal.c:250)
==38264==    by 0x27C230: tal_alloc_ (tal.c:428)
==38264==    by 0x248B79: try_connect_peer (connectd.c:1526)
==38264==    by 0x247892: connect_to_peer (connectd.c:1558)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x27C5C6: to_tal_hdr (tal.c:174)
==38264==    by 0x27CE95: tal_resize_ (tal.c:694)
==38264==    by 0x27B874: do_vfmt (str.c:60)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c78 is 24 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x27C5D7: to_tal_hdr (tal.c:175)
==38264==    by 0x27CE95: tal_resize_ (tal.c:694)
==38264==    by 0x27B874: do_vfmt (str.c:60)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c60 is 0 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x27C5E0: to_tal_hdr (tal.c:176)
==38264==    by 0x27CE95: tal_resize_ (tal.c:694)
==38264==    by 0x27B874: do_vfmt (str.c:60)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c68 is 8 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
==38264== Invalid read of size 8
==38264==    at 0x27C5E9: to_tal_hdr (tal.c:177)
==38264==    by 0x27CE95: tal_resize_ (tal.c:694)
==38264==    by 0x27B874: do_vfmt (str.c:60)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c70 is 16 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
==38264== Invalid free() / delete / delete[] / realloc()
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B874: do_vfmt (str.c:60)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x272C2C: io_close_taken_fd (io.c:463)
==38264==    by 0x246B9E: peer_connected (connectd.c:511)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Address 0x5795c60 is 0 bytes inside a block of size 104 free'd
==38264==    at 0x485068C: free (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27C6E5: del_tree (tal.c:412)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x246AB9: peer_connected (connectd.c:481)
==38264==    by 0x249B35: peer_init_received (peer_exchange_initmsg.c:94)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272A9E: io_ready (io.c:417)
==38264==    by 0x273D61: io_loop (poll.c:445)
==38264==    by 0x24727A: main (connectd.c:1703)
==38264==  Block was alloc'd at
==38264==    at 0x4851E99: realloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
==38264==    by 0x27CECC: tal_resize_ (tal.c:699)
==38264==    by 0x27B8F7: do_vfmt (str.c:72)
==38264==    by 0x27BA0A: tal_append_fmt (str.c:111)
==38264==    by 0x2497A4: destroy_io_conn (connectd.c:702)
==38264==    by 0x27C447: notify (tal.c:240)
==38264==    by 0x27C698: del_tree (tal.c:402)
==38264==    by 0x27C599: tal_free (tal.c:486)
==38264==    by 0x272978: io_close (io.c:450)
==38264==    by 0x27294A: io_connect_ (io.c:345)
==38264==    by 0x27239B: next_plan (io.c:59)
==38264==    by 0x272342: io_new_conn_ (io.c:116)
==38264== 
lightningd: connectd failed (signal 6), exiting.

Edit: and again, reverting abad494fcf1e41b059a2627c633b0f5fd555a0c8 fixes it.

laanwj picture laanwj on 30 Dec 2020

It seems yet again solved after updating to master (015ac37d924e31bb87b8597da9f863e82270657b). Now running stable without any patches or reversions on top.

Sorry for the noise here, this issue completely eludes me, I really don't understand what triggers it.

On one hand I'd like to get to the bottom of this (say, what if this is deliberate misbehavior by one of my peers, exploiting a bug?), on the other I don't currently have the motivation to really dive into this logic.

laanwj picture laanwj on 23 Jan 2021
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Christewart picture Christewart  路  3Comments
softgear picture softgear  路  4Comments
SPIRY-RO picture SPIRY-RO  路  4Comments
mloop1 picture mloop1  路  4Comments
brunoaduarte picture brunoaduarte  路  4Comments