On Fri, 2023-09-01 at 11:53 +0800, Zhengchao Shao wrote: > > diff --git a/net/mac80211/main.c b/net/mac80211/main.c > index 24315d7b3126..f79e2343dddd 100644 > --- a/net/mac80211/main.c > +++ b/net/mac80211/main.c > @@ -285,6 +285,9 @@ void ieee80211_link_info_change_notify(struct ieee80211_sub_if_data *sdata, > if (!changed || sdata->vif.type == NL80211_IFTYPE_AP_VLAN) > return; > > + if (!ieee80211_sdata_running(sdata)) > + return; > + > if (!check_sdata_in_driver(sdata)) > return; > I don't think this is right. Do you see anything else checking that it's running right before checking it's in the driver? :) Why can we even get into this call at all? I think the problem is already in cfg80211 allowing this. johannes
