From 6abb6b1f5545d7d0059f2ed31afb095d655c9b73 Mon Sep 17 00:00:00 2001
From: qiuku30 <qiuku30@users.noreply.github.com>
Date: Tue, 23 Jun 2026 21:48:30 +0800
Subject: [PATCH] Fix null pointer deref in KVCache::ToPtr() - missing .cache =
 this

When KVCache::ToPtr() constructs a KVCachePtr, it assigns kv_cache,
k_cache, and v_cache but omits the 'cache' back-reference. This causes
a segfault at attention.cc:183 where cache->KOrVDefaultCols() is
dereferenced through the null pointer.

Root cause identified via AddressSanitizer (SEGV on address 0x0 at
kv_cache.h:97). Fix adds the missing .cache = this field.

Tested: Gemma 2B model runs successfully on 6GB VM after fix.

Co-Authored-By: Claude <noreply@anthropic.com>
---
 gemma/kv_cache.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/gemma/kv_cache.h b/gemma/kv_cache.h
index 2b122760..f66cd0a2 100644
--- a/gemma/kv_cache.h
+++ b/gemma/kv_cache.h
@@ -184,6 +184,7 @@ struct KVCache {
         .kv_cache = kv_cache,
         .k_cache = k_cache,
         .v_cache = v_cache,
+        .cache = this,
     };
   }