Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-132356

Out-of-bounds read in QRhiVulkan::endAndSubmitPrimaryCommandBuffer

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P1: Critical
    • 6.9.0 Beta3, 6.10.0 FF
    • 6.9.0 Beta1
    • Qt RHI
    • None
    • All
    • ff68e05bc (dev), 7fbc34056 (6.9)

    Description

      Qt 6.9 added via QRhi::setQueueSubmitParams the possibility to pass additional user-provided semaphores to the vkQueueSubmit and vkQueuePresent functions called by the RHI.

      As per the Vulkan specs, VkSubmitInfo::pWaitDstStageMask is a pointer to an array of VkSubmitInfo::waitSemaphoreCount elements.

      Unfortunately, this array was not modified for the case where more than one waitSemaphore is passed (happens when additional semaphores are passed via QRhi::setQueueSubmitParams), resulting in an out-of-bounds read by the driver.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            lagocs Laszlo Agocs
            maximeduriez Maxime Duriez
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes