Fix: scope ownership of a stream for ust-consumer

Fix: scope ownership of a stream for ust-consumer

A failure on lttng_pipe_write() during send_stream_to_thread() leads to
a null-pointer dereference of the stream handle during
consumer_del_channel(). The chain of events leading to the problem
is:

 - Failure during lttng_pipe_write() inside send_stream_to_thread().

 - Call to consumer_stream_destroy() via consumer_del_stream_for_data()
   or consumer_del_stream_for_metadata().

 - The stream is monitor and globally visible at this point leading to
   performing a call to destroy_close_stream() which performs the first
   cleanup of the stream.

   Note: At this point the stream is still in the channel local stream
         list (stream.send_node).

 - The call to unref_channel() returns a reference to a channel for which
   a cleanup call must be done.

 - The cleanup call for the channel is performed using
   consumer_del_channel().

 - At this point the stream is still in the channel's local stream list.
   This results in a second call to consumer_stream_destroy() via
   clean_channel_stream_list(). Which, itself, results in accesses to
   freed memory.

The fix consists in:

 - Using cds_list_del() inside send_stream_to_thread() after public
   exposition of the stream to ensure that the stream ownership/visibility
   is clear. A stream cannot be globally visible and local
   (stream.send_node) to a channel at the same time.
 - Modifying error paths to acknowledge the ownership transfer to
   send_stream_to_thread().

Reported-by: Liguang Li <liguang.li@windriver.com>
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>