[PATCH v2] mwifiex: don't call del_timer_sync() on uninitialized timer

syzbot is reporting that del_timer_sync() is called from mwifiex_usb_cleanup_tx_aggr() from mwifiex_unregister_dev() without checking timer_setup() from mwifiex_usb_tx_init() was called [1]. Ganapathi Bhat proposed a possibly cleaner fix, but it seems that that fix was forgotten [2]. "grep -FrB1

Re: [PATCH v2] mwifiex: don't call del_timer_sync() on uninitialized timer

Tetsuo Handa wrote: > syzbot is reporting that del_timer_sync() is called from > mwifiex_usb_cleanup_tx_aggr() from mwifiex_unregister_dev() without > checking timer_setup() from mwifiex_usb_tx_init() was called [1]. > > Ganapathi Bhat proposed a possibly cleaner fix, but it seems that > that fi

Re: [PATCH v2] mwifiex: don't call del_timer_sync() on uninitialized timer

On Fri, Aug 21, 2020 at 1:28 AM Tetsuo Handa wrote: > > syzbot is reporting that del_timer_sync() is called from > mwifiex_usb_cleanup_tx_aggr() from mwifiex_unregister_dev() without > checking timer_setup() from mwifiex_usb_tx_init() was called [1]. > > Ganapathi Bhat proposed a possibly cleaner

RE: [EXT] Re: [PATCH v2] mwifiex: don't call del_timer_sync() on uninitialized timer

Hi Tetsuo, > > "grep -FrB1 'del_timer' drivers/ | grep -FA1 '.function)'" says that > > currently there are 28 locations which call del_timer[_sync]() only if > > that timer's function field was initialized (because timer_setup() > > sets that timer's function field). Therefore, let's use same app