Fix incorrect reference counting logic in qemu monitor open

The QEMU monitor open method would not take a reference on
the virDomainObjPtr until it had successfully opened the
monitor. The cleanup code upon failure to open though would
call qemuMonitorClose() which would in turn decrement the
reference count. This caused the virDoaminObjPtr to be mistakenly
freed and then the whole driver crashes

* src/qemu/qemu_monitor.c: Fix reference counting in
  qemuMonitorOpen

diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index 235773446d6e74d96108a37159b8c85aeed1259d..f0ef81b056a29a44024124f79f8e10b60948ac4d 100644 (file)
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -456,6 +456,7 @@ qemuMonitorOpen(virDomainObjPtr vm,
     mon->vm = vm;
     mon->eofCB = eofCB;
     qemuMonitorLock(mon);
+    virDomainObjRef(vm);
 
     switch (vm->monitor_chr->type) {
     case VIR_DOMAIN_CHR_TYPE_UNIX:
@@ -499,8 +500,6 @@ qemuMonitorOpen(virDomainObjPtr vm,
         goto cleanup;
     }
 
-    virDomainObjRef(vm);
-
     VIR_DEBUG("New mon %p fd =%d watch=%d", mon, mon->fd, mon->watch);
     qemuMonitorUnlock(mon);