From fa15f886fd427e2de3e09ef5c93743e611483adf Mon Sep 17 00:00:00 2001
From: Peter Chiu <chui-hao.chiu@mediatek.com>
Date: Mon, 29 Jan 2024 15:33:24 +0800
Subject: [PATCH 12/14] wifi: mt76: add sanity check to prevent kernel crash

wcid may not be initialized when mac80211 calls mt76.tx and it would lead to
kernel crash.

Signed-off-by: Peter Chiu <chui-hao.chiu@mediatek.com>
---
 tx.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tx.c b/tx.c
index 5cf6ede..ab42f69 100644
--- a/tx.c
+++ b/tx.c
@@ -345,6 +345,14 @@ mt76_tx(struct mt76_phy *phy, struct ieee80211_sta *sta,
 
 	info->hw_queue |= FIELD_PREP(MT_TX_HW_QUEUE_PHY, phy->band_idx);
 
+	if (!wcid->tx_pending.prev || !wcid->tx_pending.next) {
+		dev_warn(phy->dev->dev, "Un-initialized STA %pM wcid %d in mt76_tx\n",
+			 sta->addr, wcid->idx);
+
+		ieee80211_free_txskb(phy->hw, skb);
+		return;
+	}
+
 	spin_lock_bh(&wcid->tx_pending.lock);
 	__skb_queue_tail(&wcid->tx_pending, skb);
 	spin_unlock_bh(&wcid->tx_pending.lock);
-- 
2.18.0