From: Laszlo Ersek Date: Wed, 13 Sep 2023 14:49:57 +0000 (+0200) Subject: ui/console: only walk QemuGraphicConsoles in qemu_console_is_multihead() X-Git-Tag: v8.2.0~140^2~10 X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=4ce2f97c000629531553328e1871b56312a210cf;p=mirror_qemu.git ui/console: only walk QemuGraphicConsoles in qemu_console_is_multihead() qemu_console_is_multihead() declares the console "c" a "multihead" console if there are two different consoles in the system that (a) both reference "c->device", and (b) have different "c->head" numbers. In effect, if at least two consoles exist that are different heads of the same device that underlies "c". Commit 58d5870845c6 ("ui/console: move graphic fields to QemuGraphicConsole", 2023-09-04) pushed the "device" and "head" members from the QemuConsole base class down to the QemuGraphicConsole subclass, adjusting the referring QOM properties accordingly as well. As a result, the "device" property lookup in qemu_console_is_multihead() now crashes, in case the candidate console being investigated for criterion (a) is not a QemuGraphicConsole instance: > Unexpected error in object_property_find_err() at qom/object.c:1314: > qemu: Property 'qemu-fixed-text-console.device' not found > Aborted (core dumped) This is effectively an unchecked downcast. Make it checked: only consider such console candidates that are themselves QemuGraphicConsole instances. Cc: "Marc-André Lureau" (odd fixer:Graphics) Cc: Gerd Hoffmann (odd fixer:Graphics) Fixes: 58d5870845c6 Signed-off-by: Laszlo Ersek Reviewed-by: Marc-André Lureau Message-ID: <20230913144959.41891-3-lersek@redhat.com> --- diff --git a/ui/console.c b/ui/console.c index d17b4ee397..4fe26c08fb 100644 --- a/ui/console.c +++ b/ui/console.c @@ -1442,6 +1442,9 @@ static bool qemu_console_is_multihead(DeviceState *dev) uint32_t h; QTAILQ_FOREACH(con, &consoles, next) { + if (!QEMU_IS_GRAPHIC_CONSOLE(con)) { + continue; + } obj = object_property_get_link(OBJECT(con), "device", &error_abort); if (DEVICE(obj) != dev) {