From: Dongwon Kim <[email protected]> A page number of -1 is invalid and can refer to multiple unattached Virtual Consoles (VCs). This patch ensures negative page numbers are no longer treated as valid indices.
To prevent a regression, a null check is added to gtk_release_modifiers. This avoids a segmentation fault during the "untabify" process, where a VC's page number is temporarily set to -1 immediately after detaching. Cc: Gerd Hoffmann <[email protected]> Cc: Marc-André Lureau <[email protected]> Signed-off-by: Vivek Kasireddy <[email protected]> Signed-off-by: Dongwon Kim <[email protected]> --- ui/gtk.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ui/gtk.c b/ui/gtk.c index 48571bedbf..15a6d79fa2 100644 --- a/ui/gtk.c +++ b/ui/gtk.c @@ -166,7 +166,7 @@ static VirtualConsole *gd_vc_find_by_page(GtkDisplayState *s, gint page) for (i = 0; i < s->nb_vcs; i++) { vc = &s->vc[i]; p = gtk_notebook_page_num(GTK_NOTEBOOK(s->notebook), vc->tab_item); - if (p == page) { + if (p >= 0 && p == page) { return vc; } } @@ -355,7 +355,7 @@ static void gtk_release_modifiers(GtkDisplayState *s) { VirtualConsole *vc = gd_vc_find_current(s); - if (vc->type != GD_VC_GFX || + if (!vc || vc->type != GD_VC_GFX || !qemu_console_is_graphic(vc->gfx.dcl.con)) { return; } -- 2.43.0
