Fix the NON-NULL check by changing the OR (||) to AND (&&), ensuring that the function only proceeds when both `dest_ring` and `status_ring` are NON-NULL. The current implementation of `ath11k_ce_rx_post_pipe` checks for NON-NULL of either `dest_ring` or `status_ring` using a logical OR (||). However, both rings, especially `dest_ring`, should be ensured to be NON-NULL in this function. If only one of the rings is valid, such as `dest_ring` is NULL and `status_ring` is NON-NULL, the subsequent call to `ath11k_ce_rx_buf_enqueue_pipe()` will access the NULL pointer, resulting in a driver crash. Link: https://lore.kernel.org/ath11k/a9ccc947-20b2-4322-84e5-c96aaa604e63@xxxxxx Fixes: d5c65159f289 ("ath11k: driver for Qualcomm IEEE 802.11ax devices") Signed-off-by: Baichuan Qi <zghbqbc@xxxxxxxxx> --- drivers/net/wireless/ath/ath11k/ce.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/ath/ath11k/ce.c b/drivers/net/wireless/ath/ath11k/ce.c index e66e86bdec20..cc9ad014d800 100644 --- a/drivers/net/wireless/ath/ath11k/ce.c +++ b/drivers/net/wireless/ath/ath11k/ce.c @@ -324,7 +324,7 @@ static int ath11k_ce_rx_post_pipe(struct ath11k_ce_pipe *pipe) dma_addr_t paddr; int ret = 0; - if (!(pipe->dest_ring || pipe->status_ring)) + if (!(pipe->dest_ring && pipe->status_ring)) return 0; spin_lock_bh(&ab->ce.ce_lock); -- 2.34.1
