On Mon, Jul 14, 2025 at 09:25:26PM +0800, Ma Ke wrote:
Using ipu_bridge_get_ivsc_csi_dev() to locate the device could cause an imbalance in the device's reference count. ipu_bridge_get_ivsc_csi_dev() calls device_find_child_by_name() to implement the localization, and device_find_child_by_name() calls an implicit get_device() to increment the device's reference count before returning the pointer. Throughout the entire implementation process, no mechanism releases resources properly. This leads to a memory leak because the reference count of the device is never decremented.
As the comment of device_find_child_by_name() says, 'NOTE: you will need to drop the reference with put_device() after use'.
Found by code review.
Okay, but have you check unregistering process? Does it have the put_device() for this or not?
(The analysis is partial.)