qcacmn: Fix use-after-free while draining reo cmd ring

While draining the pending reo cmd's during wifi down,
the tid array from the peer structure is used in debug
statement.However,the peer is freed much before
the drain operation.This leads to use-after-free access.

Change-Id: Idf92ccd0fe4eba3eed8a97ac83485de8fccb0f24

dp/wifi3.0/dp_peer.c

@@ -1310,6 +1310,9 @@ void dp_rx_tid_stats_cb(struct dp_soc *soc, void *cb_ctxt,
 	struct dp_rx_tid *rx_tid = (struct dp_rx_tid *)cb_ctxt;
 	struct hal_reo_queue_status *queue_status = &(reo_status->queue_status);
 
+	if (queue_status->header.status == HAL_REO_CMD_DRAIN)
+		return;
+
 	if (queue_status->header.status != HAL_REO_CMD_SUCCESS) {
 		DP_PRINT_STATS("REO stats failure %d for TID %d\n",
 			       queue_status->header.status, rx_tid->tid);