On Mon, 2013-07-15 at 14:35 +0200, Felix Fietkau wrote: > When priv_sta == NULL, mi->prev_sample is dereferenced too early. Move > the assignment further down, after the rate_control_send_low call. > > Reported-by: Krzysztof Mazur <krzysiek@xxxxxxxxxxxx> > Cc: stable@xxxxxxxxxxxxxxx # 3.10 > Signed-off-by: Felix Fietkau <nbd@xxxxxxxxxxx> Why should this be marked for stable? It's a local reference only, it's not used. It's like suggesting that all the initialized automatics should not be set until after rate_control_set_low is called. > --- > net/mac80211/rc80211_minstrel.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/net/mac80211/rc80211_minstrel.c b/net/mac80211/rc80211_minstrel.c > index ac7ef54..e6512e2 100644 > --- a/net/mac80211/rc80211_minstrel.c > +++ b/net/mac80211/rc80211_minstrel.c > @@ -290,7 +290,7 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta, > struct minstrel_rate *msr, *mr; > unsigned int ndx; > bool mrr_capable; > - bool prev_sample = mi->prev_sample; > + bool prev_sample; > int delta; > int sampling_ratio; > > @@ -314,6 +314,7 @@ minstrel_get_rate(void *priv, struct ieee80211_sta *sta, > (mi->sample_count + mi->sample_deferred / 2); > > /* delta < 0: no sampling required */ > + prev_sample = mi->prev_sample; > mi->prev_sample = false; > if (delta < 0 || (!mrr_capable && prev_sample)) > return; -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
