From: Marcel Holtmann <marcel@holtmann.org>
Date: Thu, 21 Dec 2006 22:06:24 +0000 (+0100)
Subject: [PATCH] Call init_timer() for ISDN PPP CCP reset state timer
X-Git-Tag: firefly_0821_release~31747
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=dab6df63086762629936e8b89a5984bae39724f6;p=firefly-linux-kernel-4.4.55.git

[PATCH] Call init_timer() for ISDN PPP CCP reset state timer

The function isdn_ppp_ccp_reset_alloc_state() sets ->timer.function
and ->timer.data and later on calls add_timer() with no init_timer()
ever done.

Noted by Al Viro.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Karsten Keil <kkeil@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---

diff --git a/drivers/isdn/i4l/isdn_ppp.c b/drivers/isdn/i4l/isdn_ppp.c
index 1726131b20be..4e3f127e4003 100644
--- a/drivers/isdn/i4l/isdn_ppp.c
+++ b/drivers/isdn/i4l/isdn_ppp.c
@@ -2339,6 +2339,7 @@ static struct ippp_ccp_reset_state *isdn_ppp_ccp_reset_alloc_state(struct ippp_s
 		rs->state = CCPResetIdle;
 		rs->is = is;
 		rs->id = id;
+		init_timer(&rs->timer);
 		rs->timer.data = (unsigned long)rs;
 		rs->timer.function = isdn_ppp_ccp_timer_callback;
 		is->reset->rs[id] = rs;