`ffi/read` segfaults when trying to read `:string` from a pointer

[CFiggers]

I'm not 100% sure what the expected behavior is here. Short version: (ffi/read :string raw-ptr) segfaults, even though the same function called using ffi/call and a signature that defines :string as the return behaves as expected.

Janet 1.41.0-dev-306ce892 linux/x64/clang - '(doc)' for help
repl:1:> (def symbols (ffi/native "./main.so"))
<core/ffi-native 0x55B6EB9E48F0>
repl:2:> (def return_string (ffi/lookup symbols "return_string"))
<pointer 0x7F5C3B7DA110>
repl:3:> (def signature-str-return (ffi/signature :default :string))
<core/ffi-signature 0x55B6EB9F8BB0>
repl:4:> (def string-ret (ffi/call return_string signature-str-return))
"Here's a string for you!"
repl:5:> (def signature-ptr-return (ffi/signature :default :ptr))
<core/ffi-signature 0x55B6EB9FBD40>
repl:6:> (def ptr-ret (ffi/call return_string signature-ptr-return))
<pointer 0x7F5C3B7DB000>
repl:7:> (ffi/read :string ptr-ret)
zsh: segmentation fault (core dumped)  janet

Am I correctly reading and understanding the source behind ffi/call and ffi/read that both of them are using the same janet_ffi_read_one() function? If so, I'm confused as to why ffi/call returns the string, but ffi/read segfaults. Are they invoking janet_ffi_read_one() differently?

The above was captured on Linux, but I'm seeing the same behavior on Windows too.

[CFiggers]

main.c contains:

#include <stdio.h>

const char *return_string()
{
  return "Here's a string for you!";
}

int main()
{
  printf("Hello,world!\n");
  return 0;
}

Compiled to main.so with:

$ cc --shared main.c -o main.so

[bakpakin]

The behavior of (ffi/read :string x) is to try and read a pointer at x and use that as a string. So naturally you get an arbitrary pointer and immediately segfault.

It is the C equivalent of:

void *x = _;
const char *string = *((char **)x); // dereference x
return janet_cstringv(string);

You want to use ffi/pointer-buffer for this purpose (which also has the advantage of not copying the data).

[bakpakin]

It's a bit of work, but two ways of turning the pointer into a string:

Use ffi/write:

(defn ptr-to-string
  [p]
  (ffi/read :string (ffi/write :pointer p)))

Use strlen and pointer-buffer:

(def strlen (ffi/lookup (ffi/native) "strlen"))
(def strlen-sig (ffi/signature :default :size :pointer))
(defn ptr-to-string
  "Use FFI to convert a pointer to a string."
  [p]
  (def l (int/to-number (ffi/call strlen strlen-sig p)))
  (string (ffi/pointer-buffer p l l)))

The awkwardness of these constructions suggests we should have a function like ffi/pointer-string.

[CFiggers]

Helpful guidance, thanks @bakpakin .

I think (ffi/read :string (ffi/write :pointer p)) is perfect for my needs. Thank you!

This is also helping me update my understanding of how ffi/read actually works. Appreciate that as well.

I see you've marked this issue with "enhancement". Happy to leave this issue open if you're still planning to do something else with it. Or we can close it out whenever you like.