From 5af3a50270f79f5402e34baf60ddd600e6e46c96 Mon Sep 17 00:00:00 2001 From: Joonbum Ko Date: Fri, 21 Sep 2018 10:54:29 +0900 Subject: [PATCH] swapchain: Fixed invalid memory overwrite issue related to oldSwapchain. - If oldswapchain of newly created swapchain that has already been destroyed is not initialized with VK_NULL_HANDLE, the invalid memory overwrite problem occurs. Change-Id: Ibe005cb3c838072b567b50843ee47aa3ec887d78 Signed-off-by: Joonbum Ko --- src/wsi/swapchain.c | 10 ++++++++++ src/wsi/wsi.h | 1 + 2 files changed, 11 insertions(+) diff --git a/src/wsi/swapchain.c b/src/wsi/swapchain.c index 6515dc6..91aacde 100644 --- a/src/wsi/swapchain.c +++ b/src/wsi/swapchain.c @@ -129,6 +129,10 @@ vk_CreateSwapchainKHR(VkDevice device, chain->surface = info->surface; chain->buffers = NULL; chain->oldSwapchain = (vk_swapchain_t *)(uintptr_t)info->oldSwapchain; + if (chain->oldSwapchain != VK_NULL_HANDLE) + chain->oldSwapchain->newSwapchain = chain; + + chain->newSwapchain = VK_NULL_HANDLE; chain->is_retired = VK_FALSE; format = get_tbm_format(info->imageFormat, info->compositeAlpha); @@ -249,6 +253,12 @@ vk_DestroySwapchainKHR(VkDevice device, } } + if (chain->newSwapchain != VK_NULL_HANDLE && + chain->newSwapchain->oldSwapchain != VK_NULL_HANDLE) { + chain->newSwapchain->oldSwapchain = VK_NULL_HANDLE; + chain->newSwapchain = VK_NULL_HANDLE; + } + chain->deinit(device, chain); vk_free(allocator, chain->buffers); vk_free(allocator, chain); diff --git a/src/wsi/wsi.h b/src/wsi/wsi.h index 67c22b6..20a7853 100644 --- a/src/wsi/wsi.h +++ b/src/wsi/wsi.h @@ -149,6 +149,7 @@ struct vk_swapchain { vk_buffer_t *buffers; vk_swapchain_t *oldSwapchain; + vk_swapchain_t *newSwapchain; vk_bool_t is_retired; void *backend_data; -- 2.7.4