Re: [RFC PATCH v7 6/9] media: tegra: Add Tegra210 Video input driver

[Sowjanya Komatineni]

On 4/15/20 12:21 PM, Dmitry Osipenko wrote:
> External email: Use caution opening links or attachments
>
>
> 15.04.2020 21:53, Sowjanya Komatineni ÐÐÑÐÑ:
> ...
> > > > > > > > Have you tried to test this driver under KASAN? I suspect that
> > > > > > > > you just
> > > > > > > > masked the problem, instead of fixing it.
> > Tested with kmemleak scan and did not see any memory leaks
> You should get use-after-free and not memleak.
I don't see use-after-free bugs during the testing.

But as mentioned when direct vi/csi client driver unbind happens while 
video device node is kept opened, vi driver remove will free vi 
structure memory but actual video device memory which is part of 
channels remains but list head gets lost when vi structure is freed.

So, when device node is released and executes release callback as list 
head is lost it can't free allocated channels which is not good.

This happens only with direct host1x client vi/csi driver unbind.

Need to find better place to free host1x client driver data structure to 
allow direct client driver unbind->bind.