oraluben opened a new pull request, #592:
URL: https://github.com/apache/tvm-ffi/pull/592
## Problem
On macOS arm64 with tvm-ffi >= 0.1.8, when a C++ exception (e.g.
InternalError from LOG(FATAL)) is thrown inside a PackedFunc and forwarded
through SafeCallContext::SetRaised / SetRaisedByCstr, the process crashes with
SIGBUS during cleanup.
## Root Cause
SafeCallContext::SetRaised stores an ErrorObj via ObjectPtrFromUnowned. The
cause_chain and extra_context fields (added in PR #396 / v0.1.8) may contain
stale non-null bytes from reused allocator memory on macOS arm64. When
~ErrorObj() runs, it calls DecRefObjectHandle on these garbage pointer values,
causing SIGBUS (EXC_ARM_DA_ALIGN).
Crash address 0x6c616e7265746e49 = ASCII "Internal" (first 8 bytes of
"InternalError") being dereferenced as a pointer.
Crash trace:
SimpleObjAllocator::Handler<ErrorObjFromStd>::Deleter_
TVMFFIObjectDecRef
dict_dealloc → BaseException_dealloc → subtype_dealloc
## Fix
Explicitly zero cause_chain and extra_context before storing the ErrorObj in
TLS, ensuring ~ErrorObj() correctly sees nullptr and short-circuits the
DecRefObjectHandle calls.
## Tested
macOS arm64, tilelang 0.1.9 release
- Before: RC=-10 (SIGBUS)
- After: RC=0
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
