ssi_auto_connect_slaves(parent, cs_line, bus) iterates over @parent's
QOM children @dev of type TYPE_SSI_SLAVE. It puts these on @bus, and
sets cs_line[] to qdev_get_gpio_in_named(dev, SSI_GPIO_CS, 0).
Suspicious: there is no protection against overrunning cs_line[].
Turns out it's safe because ssi_auto_connect_slaves() never finds any
such children. Its called by realize methods of some (but not all)
devices providing an SSI bus, and gets passed the device.
SSI slave devices are always created with ssi_create_slave_no_init(),
optionally via ssi_create_slave(). This adds them to their SSI bus.
It doesn't set their QOM parent.
ssi_create_slave_no_init() is always immediately followed by
qdev_init_nofail(), with no QOM parent assigned, so
device_set_realized() puts the device into the /machine/unattached/
orphanage. None become QOM children of a device providing an SSI bus.
ssi_auto_connect_slaves() was added in commit b4ae3cfa57 "ssi: Add
slave autoconnect helper". I can't see which slaves it was supposed
to connect back then.
Cc: Alistair Francis <alistair@alistair23.me>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-Id: <20200610053247.1583243-23-armbru@redhat.com>
7f16c76e83