From cc295aac1ffa4c646bbbb0386a153c2dea73220a Mon Sep 17 00:00:00 2001
From: Thomas Senyk <thomas.senyk@qt.io>
Date: Mon, 12 Dec 2022 15:03:00 +0100
Subject: [PATCH] eglfs-kms/gbm: fix segfault and add qScopeGuard

As framebufferForBufferObject has a code-path which returns a nullptr,
it's vital to check on that and return early in that case.

As this is the second segment in this function that does gbm_surface_release_buffer,
a qScopeGuard was introduced to reduce code duplication.
This also makes this function saver/easier to maintain long term.

The platform on which this segfault was reported is QEMU

Change-Id: I5ee1ad4073712349b7475bce3a7978961fea2344
Reviewed-by: Laszlo Agocs <laszlo.agocs@qt.io>
(cherry picked from commit ad2aca113daccb4d0e9299b7c37d61f2d9b1f930)
---
 .../eglfs_kms/qeglfskmsgbmscreen.cpp              | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmscreen.cpp b/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmscreen.cpp
index 722d0266ce9..86a77cca632 100644
--- a/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmscreen.cpp
+++ b/src/plugins/platforms/eglfs/deviceintegration/eglfs_kms/qeglfskmsgbmscreen.cpp
@@ -349,7 +349,17 @@ void QEglFSKmsGbmScreen::flip()
         return;
     }
 
+    auto gbmRelease = qScopeGuard([this]{
+        m_flipPending = false;
+        gbm_surface_release_buffer(m_gbm_surface, m_gbm_bo_next);
+        m_gbm_bo_next = nullptr;
+    });
+
     FrameBuffer *fb = framebufferForBufferObject(m_gbm_bo_next);
+    if (!fb) {
+        qWarning("FrameBuffer not available. Cannot flip");
+        return;
+    }
     ensureModeSet(fb->fb);
 
     const QKmsOutput &thisOutput(output());
@@ -381,9 +391,6 @@ void QEglFSKmsGbmScreen::flip()
                                   this);
         if (ret) {
             qErrnoWarning("Could not queue DRM page flip on screen %s", qPrintable(name()));
-            m_flipPending = false;
-            gbm_surface_release_buffer(m_gbm_surface, m_gbm_bo_next);
-            m_gbm_bo_next = nullptr;
             return;
         }
     }
@@ -426,6 +433,8 @@ void QEglFSKmsGbmScreen::flip()
 #if QT_CONFIG(drm_atomic)
     device()->threadLocalAtomicCommit(this);
 #endif
+
+    gbmRelease.dismiss();
 }
 
 void QEglFSKmsGbmScreen::flipFinished()