qcacld-3.0: Fix invalid session used in ap ecsa timeout api

If ecsa timeout is active and stop bss is received. During
pe delete session the timer is stopped and destroyed. But if
if timer has already expired and has posted the message to MC
thread the timer callback will be called with pe session which
is already deleted.

Fix this by checking if of pe session is valid in timeout API.
Also reset dfsIncludeChanSwIe during pe delete session.

Change-Id: I67d7e65c8136daaa04afa8b01b7019b0b8b36dae
CRs-Fixed: 2372278

2 files changed, 3 insertions, 2 deletions

diff --git a/core/mac/src/pe/lim/lim_session.c b/core/mac/src/pe/lim/lim_session.c
index c3a961124ed7..ed961de3f132 100644
--- a/core/mac/src/pe/lim/lim_session.c
+++ b/core/mac/src/pe/lim/lim_session.c
@@ -714,6 +714,7 @@ void pe_delete_session(tpAniSirGlobal mac_ctx, tpPESession session)
 	if (LIM_IS_AP_ROLE(session)) {
 		qdf_mc_timer_stop(&session->protection_fields_reset_timer);
 		qdf_mc_timer_destroy(&session->protection_fields_reset_timer);
+		session->dfsIncludeChanSwIe = 0;
 		qdf_mc_timer_stop(&session->ap_ecsa_timer);
 		qdf_mc_timer_destroy(&session->ap_ecsa_timer);
 		lim_del_pmf_sa_query_timer(mac_ctx, session);
diff --git a/core/mac/src/pe/lim/lim_utils.c b/core/mac/src/pe/lim/lim_utils.c
index 2ebe600848ee..f2464cbdae66 100644
--- a/core/mac/src/pe/lim/lim_utils.c
+++ b/core/mac/src/pe/lim/lim_utils.c
@@ -7484,8 +7484,8 @@ void lim_process_ap_ecsa_timeout(void *data)
 	uint8_t bcn_int, ch, ch_width;
 	QDF_STATUS status;
 
-	 if (!session) {
-		pe_err("Session is NULL");
+	if (!session || !session->valid) {
+		pe_err("Session is not valid");
 		return;
 	}