From: Daniel P. Berrange <berrange@redhat.com>
Date: Fri, 13 Nov 2009 11:43:09 +0000 (+0000)
Subject: Fix incorrect reference counting logic in qemu monitor open
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=5313dc372ba5871abb7ad0e8d4a99f3c9c7ad8be;p=libvirt.git

Fix incorrect reference counting logic in qemu monitor open

The QEMU monitor open method would not take a reference on
the virDomainObjPtr until it had successfully opened the
monitor. The cleanup code upon failure to open though would
call qemuMonitorClose() which would in turn decrement the
reference count. This caused the virDoaminObjPtr to be mistakenly
freed and then the whole driver crashes

* src/qemu/qemu_monitor.c: Fix reference counting in
  qemuMonitorOpen
---

diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index 235773446d..f0ef81b056 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -456,6 +456,7 @@ qemuMonitorOpen(virDomainObjPtr vm,
     mon->vm = vm;
     mon->eofCB = eofCB;
     qemuMonitorLock(mon);
+    virDomainObjRef(vm);
 
     switch (vm->monitor_chr->type) {
     case VIR_DOMAIN_CHR_TYPE_UNIX:
@@ -499,8 +500,6 @@ qemuMonitorOpen(virDomainObjPtr vm,
         goto cleanup;
     }
 
-    virDomainObjRef(vm);
-
     VIR_DEBUG("New mon %p fd =%d watch=%d", mon, mon->fd, mon->watch);
     qemuMonitorUnlock(mon);