This mimics what is done in qdev_device_add, and lets the device be
freed in case something goes wrong. Otherwise, object_unparent returns
immediately without freeing the device, which is on the other hand left
in the parent bus's list of children.
scsi_bus_legacy_handle_cmdline then returns an error, and the HBA is
destroyed as well with object_unparent. But the lingering device that
was not removed in scsi_bus_legacy_add_drive cannot be removed now either,
and bus_unparent gets stuck in an infinite loop trying to empty the list
of children.
The right fix of course would be to assert in bus_add_child that the
device already has a bus, and remove the "safety net" that adds the
drive to the QOM tree in device_set_realized. I am not yet sure whether
that would entail changing all callers to qdev_create (as well as
isa_create and usb_create and the corresponding _try_create versions).
Reported-by: Markus Armbruster <armbru@redhat.com>
Tested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2264750483