wl12xx: Fix kernel crash related to hw recovery and interface shutdown

It is possible that the op_remove_interface function  is invoked exactly at
the same time has hw recovery is started. In this case it is possible for the
interface to be already removed in the op_remove_interface call, which
currently leads to a kernel warning and a subsequent kernel crash.

Fix this by ignoring the op_remove_interface call if the interface is already
down at that point.

Signed-off-by: Juuso Oikarinen <juuso.oikarinen@nokia.com>
Tested-by: Tuomas Katila <ext-tuomas.2.katila@nokia.com>
Signed-off-by: Luciano Coelho <luciano.coelho@nokia.com>

diff --git a/drivers/net/wireless/wl12xx/main.c b/drivers/net/wireless/wl12xx/main.c
index 708ffe304c6d0e26282e5f52d3e6b5b0b8fb0e06..35cfcf675795ae660bfed067e2cb0ee8966eea13 100644 (file)
--- a/drivers/net/wireless/wl12xx/main.c
+++ b/drivers/net/wireless/wl12xx/main.c
@@ -1157,10 +1157,16 @@ static void wl1271_op_remove_interface(struct ieee80211_hw *hw,
        struct wl1271 *wl = hw->priv;
 
        mutex_lock(&wl->mutex);
-       WARN_ON(wl->vif != vif);
-       __wl1271_op_remove_interface(wl);
-       mutex_unlock(&wl->mutex);
+       /*
+        * wl->vif can be null here if someone shuts down the interface
+        * just when hardware recovery has been started.
+        */
+       if (wl->vif) {
+               WARN_ON(wl->vif != vif);
+               __wl1271_op_remove_interface(wl);
+       }
 
+       mutex_unlock(&wl->mutex);
        cancel_work_sync(&wl->recovery_work);
 }