scsi: give device a parent before setting properties

This mimics what is done in qdev_device_add, and lets the device be
freed in case something goes wrong.  Otherwise, object_unparent returns
immediately without freeing the device, which is on the other hand left
in the parent bus's list of children.

scsi_bus_legacy_handle_cmdline then returns an error, and the HBA is
destroyed as well with object_unparent.  But the lingering device that
was not removed in scsi_bus_legacy_add_drive cannot be removed now either,
and bus_unparent gets stuck in an infinite loop trying to empty the list
of children.

The right fix of course would be to assert in bus_add_child that the
device already has a bus, and remove the "safety net" that adds the
drive to the QOM tree in device_set_realized.  I am not yet sure whether
that would entail changing all callers to qdev_create (as well as
isa_create and usb_create and the corresponding _try_create versions).

Reported-by: Markus Armbruster <armbru@redhat.com>
Tested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
Paolo Bonzini 2015-02-19 17:05:46 +01:00
parent 041ccc922e
commit 2264750483

View File

@ -221,11 +221,16 @@ SCSIDevice *scsi_bus_legacy_add_drive(SCSIBus *bus, BlockBackend *blk,
const char *serial, Error **errp)
{
const char *driver;
char *name;
DeviceState *dev;
Error *err = NULL;
driver = blk_is_sg(blk) ? "scsi-generic" : "scsi-disk";
dev = qdev_create(&bus->qbus, driver);
name = g_strdup_printf("legacy[%d]", unit);
object_property_add_child(OBJECT(bus), name, OBJECT(dev), NULL);
g_free(name);
qdev_prop_set_uint32(dev, "scsi-id", unit);
if (bootindex >= 0) {
object_property_set_int(OBJECT(dev), bootindex, "bootindex",