util: added pipe_surface_release() function

To fix a pipe_context::surface_destroy() use-after-free problem.
We previously added pipe_sampler_view_release() for similar reasons.

Note: this is a candidate for the stable branches.

Reviewed-by: Jose Fonseca <jfonseca@vmware.com>

diff --git a/src/gallium/auxiliary/util/u_inlines.h b/src/gallium/auxiliary/util/u_inlines.h
index 6ef5fecc695f2dd82c0e1827932ece8927c4d1b9..cb06ee2e096447795369668e9a698b03d2baa563 100644 (file)
--- a/src/gallium/auxiliary/util/u_inlines.h
+++ b/src/gallium/auxiliary/util/u_inlines.h
@@ -114,6 +114,22 @@ pipe_surface_reference(struct pipe_surface **ptr, struct pipe_surface *surf)
    *ptr = surf;
 }
 
+/**
+ * Similar to pipe_surface_reference() but always set the pointer to NULL
+ * and pass in an explicit context.  The explicit context avoids the problem
+ * of using a deleted context's surface_destroy() method when freeing a surface
+ * that's shared by multiple contexts.
+ */
+static INLINE void
+pipe_surface_release(struct pipe_context *pipe, struct pipe_surface **ptr)
+{
+   if (pipe_reference_described(&(*ptr)->reference, NULL,
+                                (debug_reference_descriptor)debug_describe_surface))
+      pipe->surface_destroy(pipe, *ptr);
+   *ptr = NULL;
+}
+
+
 static INLINE void
 pipe_resource_reference(struct pipe_resource **ptr, struct pipe_resource *tex)
 {