From: Michael Chapman <mike@very.puzzling.org>
Date: Wed, 11 Mar 2015 02:19:54 +0000 (+1100)
Subject: domain_conf: fix crash in virDomainObjListFindByUUIDInternal
X-Git-Tag: v1.2.13.1~49
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3db520d9dbbd5b38705b8b0685acd2c336a4a904;p=thirdparty%2Flibvirt.git

domain_conf: fix crash in virDomainObjListFindByUUIDInternal

If a domain object is being removed and looked up concurrently we must
ensure we unlock the object before unreferencing it, since the latter
might free the object.

The flaw was introduced in commit feb1a4d792e1c35b1009e69c00bf351b39.

Signed-off-by: Michael Chapman <mike@very.puzzling.org>
(cherry picked from commit 616003d6bd5a3d87d6d529ddb6d83715979d903c)
---

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 245d017dfd..f9734b5acb 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1068,9 +1068,9 @@ virDomainObjListFindByUUIDInternal(virDomainObjListPtr doms,
     if (obj) {
         virObjectLock(obj);
         if (obj->removing) {
+            virObjectUnlock(obj);
             if (ref)
                 virObjectUnref(obj);
-            virObjectUnlock(obj);
             obj = NULL;
         }
     }