client: Set queued buffer busy

From the outside it doesn't matter if the buffer was really committed
or queued, it still in use. If it is not marked  busy QWaylandShmBackingStore
will delete when it is resized which can happen when the surface changes
screens or receives a new fractional scale resulting in a use after free
producing a crash or protocol error.

Pick-to: 6.6
Change-Id: I8abc4edbd8990af5114aa0b36c8ecedb37a4f0f6
Reviewed-by: David Edmundson <davidedmundson@kde.org>
Reviewed-by: Kai Uwe Broulik <kde@privat.broulik.de>

src/plugins/platforms/wayland/qwaylandbuffer_p.h

@@ -37,7 +37,7 @@ public:
     virtual QSize size() const = 0;
     virtual int scale() const { return 1; }
 
-    void setBusy() { mBusy = true; }
+    void setBusy(bool busy) { mBusy = busy; }
     bool busy() const { return mBusy; }
 
     void setCommitted() { mCommitted = true; }

src/plugins/platforms/wayland/qwaylandwindow.cpp

@@ -681,7 +681,7 @@ void QWaylandWindow::attach(QWaylandBuffer *buffer, int x, int y)
     if (buffer) {
         Q_ASSERT(!buffer->committed());
         handleUpdate();
-        buffer->setBusy();
+        buffer->setBusy(true);
 
         mSurface->attach(buffer->buffer(), x, y);
     } else {
@@ -713,7 +713,11 @@ void QWaylandWindow::safeCommit(QWaylandBuffer *buffer, const QRegion &damage)
     if (isExposed()) {
         commit(buffer, damage);
     } else {
+        if (mQueuedBuffer) {
+            mQueuedBuffer->setBusy(false);
+        }
         mQueuedBuffer = buffer;
+        mQueuedBuffer->setBusy(true);
         mQueuedBufferDamage = damage;
     }
 }