gallium/vbuf: fix buffer reference bugs

In two places we called pipe_resource_reference() to remove a reference
to a vertex buffer resource.  But we neglected to check if the buffer was
a user buffer and not a pipe_resource.  This caused us to pass an invalid
pipe_resource pointer to pipe_resource_reference().

Instead of calling pipe_resource_reference(&vbuf->resource, NULL), use
pipe_vertex_buffer_unreference(&vbuf) which checks the is_user_buffer
field and does the right thing.

Also, explicity set the is_user_buffer field to false after setting the
vbuf->resource pointer to out_buffer.

Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=102377
Reviewed-by: Marek Olšák <marek.olsak@amd.com>
Tested-by: Bruce Cherniak <bruce.cherniak@intel.com>

diff --git a/src/gallium/auxiliary/util/u_vbuf.c b/src/gallium/auxiliary/util/u_vbuf.c
index 6dc8bc7892f2733539847e6691e91322ad4ef573..80c30acc76752a4e2a755d843279e257534f0ac9 100644 (file)
--- a/src/gallium/auxiliary/util/u_vbuf.c
+++ b/src/gallium/auxiliary/util/u_vbuf.c
@@ -513,9 +513,9 @@ u_vbuf_translate_buffers(struct u_vbuf *mgr, struct translate_key *key,
    mgr->real_vertex_buffer[out_vb].stride = key->output_stride;
 
    /* Move the buffer reference. */
-   pipe_resource_reference(
-      &mgr->real_vertex_buffer[out_vb].buffer.resource, NULL);
+   pipe_vertex_buffer_unreference(&mgr->real_vertex_buffer[out_vb]);
    mgr->real_vertex_buffer[out_vb].buffer.resource = out_buffer;
+   mgr->real_vertex_buffer[out_vb].is_user_buffer = false;
 
    return PIPE_OK;
 }
@@ -833,8 +833,7 @@ void u_vbuf_set_vertex_buffers(struct u_vbuf *mgr,
          unsigned dst_index = start_slot + i;
 
          pipe_vertex_buffer_unreference(&mgr->vertex_buffer[dst_index]);
-         pipe_resource_reference(&mgr->real_vertex_buffer[dst_index].buffer.resource,
-                                 NULL);
+         pipe_vertex_buffer_unreference(&mgr->real_vertex_buffer[dst_index]);
       }
 
       pipe->set_vertex_buffers(pipe, start_slot, count, NULL);