[Bug 106643] double free when exporting a temporarily imported semaphore
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Thu May 24 19:50:48 UTC 2018
https://bugs.freedesktop.org/show_bug.cgi?id=106643
Bug ID: 106643
Summary: double free when exporting a temporarily imported
semaphore
Product: Mesa
Version: 17.3
Hardware: Other
OS: All
Status: NEW
Severity: normal
Priority: medium
Component: Drivers/Vulkan/intel
Assignee: intel-3d-bugs at lists.freedesktop.org
Reporter: cstout at chromium.org
QA Contact: intel-3d-bugs at lists.freedesktop.org
CC: jason at jlekstrand.net
At the bottom of anv_GetSemaphoreFdKHR:
/* From the Vulkan 1.0.53 spec:
*
* "Export operations have the same transference as the specified handle
* type’s import operations. [...] If the semaphore was using a
* temporarily imported payload, the semaphore’s prior permanent payload
* will be restored.
*/
if (impl == &semaphore->temporary)
anv_semaphore_impl_cleanup(device, impl);
If this happens, the underlying semaphore resource is released but the
semaphore type is not updated to NONE.
So, on Destroy, the semaphore resource will be released again.
I think instead it should be:
anv_semaphore_reset_temporary(device, semaphore);
--
You are receiving this mail because:
You are the assignee for the bug.
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/intel-3d-bugs/attachments/20180524/731f7aec/attachment.html>
More information about the intel-3d-bugs
mailing list