[Test Failure] Odd crash in HashTable scan on macos

[madolson]

We saw a crash on macos during a replication + expire test:

EIP:
0   valkey-server                       0x0000000102a6c9e4 expireScanCallback + 24

Backtrace:
0   libsystem_platform.dylib            0x0000000194a76584 _sigtramp + 56
1   valkey-server                       0x0000000102948480 hashtableScanDefrag + 520
2   valkey-server                       0x0000000102948480 hashtableScanDefrag + 520
3   valkey-server                       0x000000010294a4d0 kvstoreScan + 164
4   valkey-server                       0x0000000102a6cedc activeExpireCycle + 772
5   valkey-server                       0x000000010295184c serverCron + 5148
6   valkey-server                       0x00000001029428f8 aeProcessEvents + 688
7   valkey-server                       0x000000010296d94c main + 27132
8   dyld                                0x00000001946bb154 start + 2476

On my intel, +24 of expire Scan callback is here:

valkey/src/expire.c

Line 133 in e1db553

long long ttl = objectGetExpire(val) - data->now;

. It's doing the offset check to see if the key has an embedded TTL and finding a NULL pointer. Since it's trying to access 0x4. I don't clearly see how it's possible atm.

https://github.com/valkey-io/valkey/actions/runs/12642566507/job/35227110056

[madolson]

@SoftlyRaining @zuiderkwast This is the first instance of this crash I've seen, but it might be related to the hash table refactor.

[dvkashapov]

Seems like it's the same crash that is fixed by #2257