frida_device_attach_sync causing kernel panic in arm64 macOS Ventura beta 8

[briankendall]

Attempting to attach to a process with frida_device_attach_sync causes an instant kernel panic in macOS Ventura beta 8 on Apple Silicon. No kernel panic occurs when I test in Ventura 8 on an Intel mac.

I've reproduced the panic with both frida-core-devkit-15.2.2-macos-arm64 and frida-core-devkit-15.2.2-macos-arm64e on an M1 Mac Mini. (System Integrity Protection is fully disabled.)

Here is the code that triggers the panic:

GError *error = NULL;
frida_init();
FridaDeviceManager *manager = frida_device_manager_new();
FridaDeviceList *devices;
devices = frida_device_manager_enumerate_devices_sync(manager, NULL, &error);

if (error != NULL) {
    fprintf(stderr, "Error: frida_device_manager_enumerate_devices_sync failed. Error: %s\n", error->message);
    g_error_free(error);
    return;
}

FridaDevice *localDevice = NULL;
gint numDevices = frida_device_list_size(devices);

for(int i = 0; i != numDevices; i++) {
    FridaDevice *device = frida_device_list_get(devices, i);

    if (frida_device_get_dtype(device) == FRIDA_DEVICE_TYPE_LOCAL) {
        localDevice = device;
        break;
    }

    g_object_unref(device);
}

if (localDevice == NULL) {
    fprintf(stderr, "Error: frida failed to find local device\n");
    return;
}

frida_unref(devices);

FridaSession * session = frida_device_attach_sync(localDevice, targetPid, NULL, NULL, &error); // PANIC!

Panic log is attached.

frida-kernel-panic.txt