From 4fc4fbd1d9a05fa4f348b499aca3a6f8d3c9bbe6 Mon Sep 17 00:00:00 2001 From: Mohammed Shafi Shajakhan Date: Thu, 28 Oct 2010 19:51:47 +0530 Subject: [PATCH] ath9k: Fix incorrect access of rate flags in RC The index variable to access the rate flags should be obtained from the inner loop counter which corresponds to the rate table structure.This fixes the invalid rate selection i.e when the supported basic rate is invalid on a particular band and also the following warning message. Thanks to Raj for finding this out. Call Trace: [] warn_slowpath_common+0x7a/0xb0 [] warn_slowpath_null+0x15/0x20 [] ath_get_rate+0x595/0x5b0 [ath9k] [] ? cpumask_next_and+0x36/0x50 [] rate_control_get_rate+0x86/0x160 [mac80211] [] invoke_tx_handlers+0x81c/0x12d0 [mac80211] [] ieee80211_tx+0x89/0x2b0 [mac80211] [] ? pskb_expand_head+0x1cc/0x1f0 [] ieee80211_xmit+0xb5/0x1c0 [mac80211] [] ieee80211_tx_skb+0x4f/0x60 [mac80211] [] ieee80211_send_nullfunc+0x46/0x60 [mac80211] [] ieee80211_offchannel_stop_station+0x107/0x150 [mac80211] [] ? pskb_expand_head+0x1cc/0x1f0 [] ieee80211_xmit+0xb5/0x1c0 [mac80211] [] ieee80211_tx_skb+0x4f/0x60 [mac80211] [] ieee80211_send_nullfunc+0x46/0x60 [mac80211] [] ieee80211_offchannel_stop_station+0x107/0x150 [mac80211] [] ieee80211_scan_work+0x146/0x600 [mac80211] [] ? schedule+0x2f5/0x8e0 [] ? ieee80211_scan_work+0x0/0x600 [mac80211] [] process_one_work+0x10f/0x380 [] worker_thread+0x162/0x340 [] ? worker_thread+0x0/0x340 Cc: stable@kernel.org Signed-off-by: Mohammed Shafi Shajakhan Signed-off-by: John W. Linville --- drivers/net/wireless/ath/ath9k/rc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/ath/ath9k/rc.c b/drivers/net/wireless/ath/ath9k/rc.c index 0cee90cf8dc9..89978d71617f 100644 --- a/drivers/net/wireless/ath/ath9k/rc.c +++ b/drivers/net/wireless/ath/ath9k/rc.c @@ -527,7 +527,7 @@ static u8 ath_rc_setvalid_rates(struct ath_rate_priv *ath_rc_priv, for (i = 0; i < rateset->rs_nrates; i++) { for (j = 0; j < rate_table->rate_cnt; j++) { u32 phy = rate_table->info[j].phy; - u16 rate_flags = rate_table->info[i].rate_flags; + u16 rate_flags = rate_table->info[j].rate_flags; u8 rate = rateset->rs_rates[i]; u8 dot11rate = rate_table->info[j].dot11rate;