On Wed, 2024-05-15 at 13:53 +0200, Johannes Berg wrote: > From: Johannes Berg <johannes.berg@xxxxxxxxx> > > The code itself doesn't want to handle frames from the driver > if it's already stopped, but if the tasklet was queued before > and runs after the stop, then all bets are off. Flush queues > before actually stopping, RX should be off at this point since > all the interfaces are removed already, etc. > > Reported-by: syzbot+8830db5d3593b5546d2e@xxxxxxxxxxxxxxxxxxxxxxxxx > I suspect this might also address https://syzkaller.appspot.com/bug?extid=ac648b0525be1feba506 johannes
