- ieee80211_tx_status(ar->hw, msdu);
+ spin_lock_bh(&ab->base_lock);
+ peer = ath11k_peer_find_by_id(ab, ts->peer_id);
+ if (peer) {
+ arsta = (struct ath11k_sta *)peer->sta->drv_priv;
+ status.sta = peer->sta;
+ status.skb = msdu;
+ status.info = info;
+ status.rate = &arsta->last_txrate;
Assigning arsta holded last_txrate pointer to status.rate create race
condition problem b/w sta delete and ieee80211_tx_status_ext, no ?
Hw we ensure that arsta pointer is valid until ieee80211_tx_status_ext()
processing?
Instead why don't we have local struct rate_info and assign like below
code snippet
struct rate_info rate;
...
rate = arsta->last_txrate;
status.rate = &rate;
Thanks,
Karthikeyan P
