Re: Segfault from nil table access when using ffi.gc

From: Peter Cawley <corsix@xxxxxxxxxx>
To: luajit@xxxxxxxxxxxxx
Date: Fri, 11 Nov 2016 22:34:32 +0000

On Fri, Nov 11, 2016 at 10:20 PM, Chris Osborne <chris.osborne@xxxxxxx> wrote:

The segfault itself is due to the nil table reference.

No. Prepend two extra events to my sequence:
-1. An error is raised (e.g. by trying to index a nil value).
0. The top-level LuaJIT REPL performs a full garbage collection cycle
(yes, the top-level REPL calls lua_gc after catching an error and
before printing said error).

Your example behaves the same if `blah:this_will_segfault()` is
replaced by `error("X")`. We can also tweak the tail of your example
to make it behave correctly:
```
local test = ffi.load('./libtest.so')
local status, err = pcall(function()
local cells = ffi.gc(test.Abc_new(100), test.Abc_destruct)
error("X")
end)
collectgarbage() -- `cells` is collected at this point
-- `test` is collected sometime after this point
assert(status, err)
```

Follow-Ups:
- Re: Segfault from nil table access when using ffi.gc
  - From: Chris Osborne

References:
- Segfault from nil table access when using ffi.gc
  - From: Chris Osborne
- Re: Segfault from nil table access when using ffi.gc
  - From: Peter Cawley
- Re: Segfault from nil table access when using ffi.gc
  - From: Chris Osborne

Re: Segfault from nil table access when using ffi.gc

Other related posts: