Hi Philippe,
On 2025/5/9 19:28, Philippe Mathieu-Daudé wrote:
> Hi Zheng,
>
> On 9/5/25 13:15, Zheng Huang wrote:
>> This patch fixes an assertion error in isa_bus_get_irq() in
>> /hw/isa/isa-bus.c by adding a constraint to the irq property.
>
> Can you provide a reproducer to trigger that?
>
Sure, this bug occures when start qemu with:
```bash
qemu-system-x86_64 -display none -machine accel=qtest -m 64 -M pc -nodefaults
-audiodev none,id=snd0 -nodefaults -device cs4231a,audiodev=snd0,irq=17
```
and error message following:
qemu-system-x86_64: ../hw/isa/isa-bus.c:84: qemu_irq isa_bus_get_irq(ISABus *,
unsigned int): Assertion `irqnum < ISA_NUM_IRQS' failed.
Besides, pls refer to patch v2, in which I updated the constraint.
>>
>> Signed-off-by: Zheng Huang <hz1624917...@gmail.com>
>> ---
>> hw/audio/cs4231a.c | 4 ++++
>> 1 file changed, 4 insertions(+)
>>
>> diff --git a/hw/audio/cs4231a.c b/hw/audio/cs4231a.c
>> index 5a9be80ba3..d390da4c37 100644
>> --- a/hw/audio/cs4231a.c
>> +++ b/hw/audio/cs4231a.c
>> @@ -682,6 +682,10 @@ static void cs4231a_realizefn (DeviceState *dev, Error
>> **errp)
>> return;
>> }
>> + if (s->irq >= ISA_NUM_IRQS) {
>> + error_setg(errp, "Invalid IRQ %d (max %d)", s->irq, ISA_NUM_IRQS);
>> + return;
>> + }
>> s->pic = isa_bus_get_irq(bus, s->irq);
>> k = ISADMA_GET_CLASS(s->isa_dma);
>> k->register_channel(s->isa_dma, s->dma, cs_dma_read, s);
>
