qcacld-3.0: Stop the vdev rsp timer as soon as vdev req is removed

In wma_vdev_delete_handler() once vdev req is removed from the
vdev_resp_queue the vdev rsp timer is stopped and freed after
releasing the wake lock and vdev detach callback.

So before vdev rsp timer is stopped it may get expired and
post msg in MC thread. Now once this timer msg is processed it
access the already freed memory.

To fix it stop vdev rsp timer first before releasing the wake
lock and vdev detach callback.

Change-Id: Iface6d1faaa9f801d0da7a70d548eafbd082dc48
CRs-Fixed: 2196338

core/wma/src/wma_dev_if.c

@@ -2867,13 +2867,13 @@ int wma_vdev_delete_handler(void *handle, uint8_t *cmd_param_info,
 				event->vdev_id);
 		return -EINVAL;
 	}
+	qdf_mc_timer_stop(&req_msg->event_timeout);
+	qdf_mc_timer_destroy(&req_msg->event_timeout);
 
 	wma_release_wakelock(&wma->wmi_cmd_rsp_wake_lock);
 
 	/* Send response to upper layers */
 	wma_vdev_detach_callback(req_msg->user_data);
-	qdf_mc_timer_stop(&req_msg->event_timeout);
-	qdf_mc_timer_destroy(&req_msg->event_timeout);
 	qdf_mem_free(req_msg);
 
 	return status;