mac80211 currently has a race which can be hit
with this sequence:

* Start a scan operation.
* TX BA is initiated by ieee80211_start_tx_ba_session().
* Driver sets up internal state and calls
  ieee80211_start_tx_ba_cb_irqsafe().
* mac80211 adds a packet to sdata->skb_queue with
  type IEEE80211_SDATA_QUEUE_AGG_START.
* ieee80211_iface_work() doesn't process the
  packet because scan is in progress.
* ADDBA response timer expires and the sta/tid is
  torn down.
* Driver receives BA stop notification and calls
  ieee80211_stop_tx_ba_cb_irqsafe().
* This is also added to the queue by mac80211.
* Now, scan finishes.

At this point, the queued up packets might be processed
if some other operation schedules the sdata work. Since
the tids have been cleaned up already, warnings are hit.

If this doesn't happen, the packets are left in the queue
until the interface is torn down.

Since initiating a BA session when scan is in progress
leads to flaky connections, especially in MCC mode, we
can drop the TX BA request. This improves connectivity
with legacy clients in MCC mode.
Signed-off-by: Sujith Manoharan <c_manoha@qca.qualcomm.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>