From 1426d1bbd962886cb09ffe107be47af9ad560e57 Mon Sep 17 00:00:00 2001 From: Jordan Logan Date: Thu, 25 May 2017 13:56:41 -0700 Subject: [PATCH] Fix for double delete in Vulkan DescSetLayout::Init DescSetLayout::Init can crash when Immutable Samplers are provided. When the vector containing the Binding info is resized, the pointer to immutableSamplers is copied and then deleted in the old copy. A copy constructor has been added to the Binding struct. Fixed indexing in DescSetLayout::Init --- renderdoc/driver/vulkan/vk_info.cpp | 2 +- renderdoc/driver/vulkan/vk_info.h | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/renderdoc/driver/vulkan/vk_info.cpp b/renderdoc/driver/vulkan/vk_info.cpp index 98e3c099e..130c9d5fd 100644 --- a/renderdoc/driver/vulkan/vk_info.cpp +++ b/renderdoc/driver/vulkan/vk_info.cpp @@ -55,7 +55,7 @@ void DescSetLayout::Init(VulkanResourceManager *resourceMan, VulkanCreationInfo if(pCreateInfo->pBindings[i].pImmutableSamplers) { - bindings[b].immutableSampler = new ResourceId[bindings[i].descriptorCount]; + bindings[b].immutableSampler = new ResourceId[bindings[b].descriptorCount]; for(uint32_t s = 0; s < bindings[b].descriptorCount; s++) { diff --git a/renderdoc/driver/vulkan/vk_info.h b/renderdoc/driver/vulkan/vk_info.h index 64f9c906f..848c7e8e2 100644 --- a/renderdoc/driver/vulkan/vk_info.h +++ b/renderdoc/driver/vulkan/vk_info.h @@ -49,6 +49,19 @@ struct DescSetLayout immutableSampler(NULL) { } + // Copy the immutable sampler + Binding(const Binding &b) + : descriptorType(b.descriptorType), + descriptorCount(b.descriptorCount), + stageFlags(b.stageFlags), + immutableSampler(NULL) + { + if(b.immutableSampler) + { + immutableSampler = new ResourceId[descriptorCount]; + memcpy(immutableSampler, b.immutableSampler, sizeof(ResourceId) * descriptorCount); + } + } ~Binding() { SAFE_DELETE_ARRAY(immutableSampler); } VkDescriptorType descriptorType; uint32_t descriptorCount;