From 3db520d9dbbd5b38705b8b0685acd2c336a4a904 Mon Sep 17 00:00:00 2001
From: Michael Chapman <mike@very.puzzling.org>
Date: Wed, 11 Mar 2015 13:19:54 +1100
Subject: [PATCH] domain_conf: fix crash in virDomainObjListFindByUUIDInternal

If a domain object is being removed and looked up concurrently we must
ensure we unlock the object before unreferencing it, since the latter
might free the object.

The flaw was introduced in commit feb1a4d792e1c35b1009e69c00bf351b39.

Signed-off-by: Michael Chapman <mike@very.puzzling.org>
(cherry picked from commit 616003d6bd5a3d87d6d529ddb6d83715979d903c)
---
 src/conf/domain_conf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 245d017dfd..f9734b5acb 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1068,9 +1068,9 @@ virDomainObjListFindByUUIDInternal(virDomainObjListPtr doms,
     if (obj) {
         virObjectLock(obj);
         if (obj->removing) {
+            virObjectUnlock(obj);
             if (ref)
                 virObjectUnref(obj);
-            virObjectUnlock(obj);
             obj = NULL;
         }
     }