qcacld-3.0: NULL pointer dereferenced when starting 11ax SAP

BSS Desc pointer will be NULL when starting SAP, in function
csr_roam_issue_start_bss(). And it is causing NULL pointer
dereference when get bss channel number from BSS Desc.

Get channel number from csr_roamstart_bssparams instead.

CRs-Fixed: 2272749
Change-Id: Idf4eeb21f1298db03a030af72bf9f0a530ba3e68

core/sme/src/csr/csr_api_roam.c

@@ -16758,7 +16758,7 @@ QDF_STATUS csr_send_mb_start_bss_req_msg(tpAniSirGlobal pMac, uint32_t
 		csr_start_bss_copy_he_cap(pMsg, pSession);
 		/* change the HE caps like sts per band */
 		CSR_REVISE_REQ_HE_CAP_PER_BAND(pMsg, pMac,
-					       pBssDesc->channelId);
+					       pParam->operationChn);
 	}
 
 	qdf_mem_copy(&pMsg->addIeParams,

core/wma/src/wma_main.c

@@ -6192,9 +6192,9 @@ static void wma_print_populate_soc_caps(struct target_psoc_info *tgt_hdl)
 	WMA_LOGD("%s: <====== HW mode cap printing starts ======>", __func__);
 	/* print cap of each hw mode */
 	for (i = 0; i < total_mac_phy_cnt; i++) {
-		WMA_LOGD("====>: hw mode id[%d], phy_id map[%d]",
-				mac_phy_cap[i].hw_mode_id,
-				mac_phy_cap[i].phy_id);
+		WMA_LOGD("====>: hw mode id[%d], phy id[%d]",
+			 mac_phy_cap[i].hw_mode_id,
+			 mac_phy_cap[i].phy_id);
 		tmp = &mac_phy_cap[i];
 		wma_print_mac_phy_capabilities(tmp, i);
 	}