diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 9a3504c900..ca5befba0e 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -594,6 +594,17 @@ static inline QEMUTimer *timer_new_ms(QEMUClockType type, QEMUTimerCB *cb,
     return timer_new(type, SCALE_MS, cb, opaque);
 }
 
+/**
+ * timer_deinit:
+ * @ts: the timer to be de-initialised
+ *
+ * Deassociate the timer from any timerlist.  You should
+ * call timer_del before.  After this call, any further
+ * timer_del call cannot cause dangling pointer accesses
+ * even if the previously used timerlist is freed.
+ */
+void timer_deinit(QEMUTimer *ts);
+
 /**
  * timer_free:
  * @ts: the timer
diff --git a/qemu-timer.c b/qemu-timer.c
index 98d9d1bc0b..464396f7d0 100644
--- a/qemu-timer.c
+++ b/qemu-timer.c
@@ -342,6 +342,12 @@ void timer_init_tl(QEMUTimer *ts,
     ts->expire_time = -1;
 }
 
+void timer_deinit(QEMUTimer *ts)
+{
+    assert(ts->expire_time == -1);
+    ts->timer_list = NULL;
+}
+
 void timer_free(QEMUTimer *ts)
 {
     g_free(ts);
@@ -398,9 +404,11 @@ void timer_del(QEMUTimer *ts)
 {
     QEMUTimerList *timer_list = ts->timer_list;
 
-    qemu_mutex_lock(&timer_list->active_timers_lock);
-    timer_del_locked(timer_list, ts);
-    qemu_mutex_unlock(&timer_list->active_timers_lock);
+    if (timer_list) {
+        qemu_mutex_lock(&timer_list->active_timers_lock);
+        timer_del_locked(timer_list, ts);
+        qemu_mutex_unlock(&timer_list->active_timers_lock);
+    }
 }
 
 /* modify the current timer so that it will be fired when current_time