On Sun, 2013-06-09 at 23:29 -0500, Calvin Owens wrote: > rate_control_fill_sta_table(), whose sole caller is ieee80211_get_tx_rates(), > is guaranteed by mac80211 not to be called concurrently with > rate_control_set_rates() [1], the sole function that touches the rate table > pointer/data in struct ieee80211_sta. The RCU dereference is therefore safe. No, this is wrong. ieee80211_get_tx_rates() can be called by drivers in any context and at any time, that was the whole point of using RCU here. This needs to be fixed in ath9k, calling ieee80211_get_tx_rates() must be done under RCU protection. johannes -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
