From 616003d6bd5a3d87d6d529ddb6d83715979d903c Mon Sep 17 00:00:00 2001
From: Michael Chapman <mike@very.puzzling.org>
Date: Wed, 11 Mar 2015 13:19:54 +1100
Subject: [PATCH] domain_conf: fix crash in virDomainObjListFindByUUIDInternal

If a domain object is being removed and looked up concurrently we must
ensure we unlock the object before unreferencing it, since the latter
might free the object.

The flaw was introduced in commit feb1a4d792e1c35b1009e69c00bf351b39.

Signed-off-by: Michael Chapman <mike@very.puzzling.org>
---
 src/conf/domain_conf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a8f4ce26df..83f3ec6731 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1068,9 +1068,9 @@ virDomainObjListFindByUUIDInternal(virDomainObjListPtr doms,
     if (obj) {
         virObjectLock(obj);
         if (obj->removing) {
+            virObjectUnlock(obj);
             if (ref)
                 virObjectUnref(obj);
-            virObjectUnlock(obj);
             obj = NULL;
         }
     }