From b827d84682f6e0f87a9eeb51ab20e65251236f2b Mon Sep 17 00:00:00 2001
From: ankun <ankun@uniontech.com>
Date: Tue, 15 Apr 2025 17:22:01 +0800
Subject: [PATCH] anolis: a potential null pointer access in the
 btsdio_demove() function of Bluetooth driver

ANBZ: #20439

Fix the 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' submission error

Signed-off-by: ankun <ankun@uniontech.com>
---
 drivers/bluetooth/btsdio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/bluetooth/btsdio.c b/drivers/bluetooth/btsdio.c
index 7050a16e7efe..2e4ac39dd975 100644
--- a/drivers/bluetooth/btsdio.c
+++ b/drivers/bluetooth/btsdio.c
@@ -352,10 +352,10 @@ static void btsdio_remove(struct sdio_func *func)
 
 	BT_DBG("func %p", func);
 
-	cancel_work_sync(&data->work);
 	if (!data)
 		return;
 
+	cancel_work_sync(&data->work);
 	hdev = data->hdev;
 
 	sdio_set_drvdata(func, NULL);
-- 
Gitee