-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vk: Use-after-free coverage #8273
base: main
Are you sure you want to change the base?
Conversation
if (UTILS_UNLIKELY(ptr->isHandleConsideredDestroyed())) { | ||
FILAMENT_CHECK_PRECONDITION(!ptr->isHandleConsideredDestroyed()) | ||
<< "Handle id=" << ptr->id << " (" << getTypeStr(ptr->restype) | ||
<< ") is being used after it has been freed"; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you don't need the if
here, FILAMENT_CHECK_PRECONDITION
already does all the likely/unlikely
shenanigans
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was trying to avoid hitting the switch in getTypeStr
unless necessary, hence the roundabout logic here.
Do you think it's worth it or not? (or maybe it just going to be speculatively executed anyways?).
@@ -156,6 +162,7 @@ struct resource_ptr { | |||
// only be used from VulkanDriver. | |||
inline void dec() { | |||
assert_invariant(mRef); | |||
mRef->setHandleConsiderDestroyed(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should we at least assert_invariant()
here that the handle is not already in the considered destroyed state? (I think this should never happen right?).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
To allow for use-after-free discovery with ref-counting, we keep a bit to indicate whether the handle is considered destroyed by Filament. We assert against "cast"-ing a destroyed handle.
8e7cc08
to
3e6ceaa
Compare
no longer needed |
Accidentally closed. |
To allow for use-after-free discovery with ref-counting, we keep a bit to indicate whether the handle is considered destroyed by Filament. We assert against "cast"-ing a destroyed handle.