The size of the pool is slightly smaller than the size of the
structure containing the whole pool. We need to take that into account
on when setting up the internals.
Fixes a crash due to out of bound memory access in:
dEQP-VK.api.descriptor_pool.out_of_pool_memory
v2: Drop debug traces (Lionel)
Signed-off-by: Lionel Landwerlin <lionel.g.landwer...@intel.com>
---
src/intel/vulkan/anv_descriptor_set.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/intel/vulkan/anv_descriptor_set.c
b/src/intel/vulkan/anv_descriptor_set.c
index a4b7638a61..7853ec7dd9 100644
--- a/src/intel/vulkan/anv_descriptor_set.c
+++ b/src/intel/vulkan/anv_descriptor_set.c
@@ -329,18 +329,18 @@ VkResult anv_CreateDescriptorPool(
}
}
- const size_t size =
- sizeof(*pool) +
+ const size_t pool_size =
pCreateInfo->maxSets * sizeof(struct anv_descriptor_set) +
descriptor_count * sizeof(struct anv_descriptor) +
buffer_count * sizeof(struct anv_buffer_view);
+ const size_t total_size = sizeof(*pool) + pool_size;
- pool = vk_alloc2(&device->alloc, pAllocator, size, 8,
+ pool = vk_alloc2(&device->alloc, pAllocator, total_size, 8,
VK_SYSTEM_ALLOCATION_SCOPE_OBJECT);
if (!pool)
return vk_error(VK_ERROR_OUT_OF_HOST_MEMORY);
- pool->size = size;
+ pool->size = pool_size;
pool->next = 0;
pool->free_list = EMPTY;
--
2.11.0
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/mesa-dev
