--- everything.orig/net/mac80211/ht.c	2008-08-06 21:40:24.000000000 +0200
+++ everything/net/mac80211/ht.c	2008-08-06 21:43:42.000000000 +0200
@@ -78,7 +78,7 @@ int ieee80211_start_tx_ba_session(struct
 	struct ieee80211_local *local = hw_to_local(hw);
 	struct sta_info *sta;
 	struct ieee80211_sub_if_data *sdata;
-	u16 start_seq_num = 0;
+	u16 start_seq_num;
 	u8 *state;
 	int ret;
 	DECLARE_MAC_BUF(mac);
@@ -158,6 +158,9 @@ int ieee80211_start_tx_ba_session(struct
 	 * call back right away, it must see that the flow has begun */
 	*state |= HT_ADDBA_REQUESTED_MSK;
 
+	/* This is slightly racy because the queue isn't stopped */
+	start_seq_num = sta->tid_seq[tid];
+
 	if (local->ops->ampdu_action)
 		ret = local->ops->ampdu_action(hw, IEEE80211_AMPDU_TX_START,
 						ra, tid, &start_seq_num);