sharedgpures: fix dispatch_close decrementing ref_count for handles that never opened a resource#313
Open
avafloww wants to merge 1 commit intoValveSoftware:bleeding-edgefrom
Conversation
…hat never opened a resource When a process opens the \Device\SharedGpuResource device but the subsequent IOCTL_SHARED_GPU_RESOURCE_OPEN fails (e.g. invalid KMT handle), FsContext is never updated from its default value of 0. dispatch_close unconditionally computes &resource_pool[FsContext] and decrements ref_count, which erroneously frees whatever resource happens to be at index 0. This is particularly damaging when DXVK retries failed OPEN ioctls thousands of times via the D3DKMT DDI path (when NtGdiDdDDIQueryResourceInfo is stubbed), as each open/close cycle decrements resource_pool[0].ref_count. Fix by initializing FsContext to (UINT_PTR)-1 as a sentinel in dispatch_create, and skipping cleanup in dispatch_close when the sentinel is still set.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When a process opens the \Device\SharedGpuResource device but the subsequent IOCTL_SHARED_GPU_RESOURCE_OPEN fails (e.g. invalid KMT handle), FsContext is never updated from its default value of 0. dispatch_close unconditionally computes &resource_pool[FsContext] and decrements ref_count, which erroneously frees whatever resource happens to be at index 0.
This is particularly damaging when DXVK retries failed OPEN ioctls thousands of times via the D3DKMT DDI path (when
NtGdiDdDDIQueryResourceInfo is stubbed), as each open/close cycle decrements resource_pool[0].ref_count.
Fix by initializing FsContext to (UINT_PTR)-1 as a sentinel in dispatch_create, and skipping cleanup in dispatch_close when the sentinel is still set.
This is one of two PRs needed to make Wine/Proton & Spout2PW work with VNyan under Linux. The other PR is #312.