On Tue, Jan 08, 2019 at 10:22:06AM +0100, Andrzej Hajda wrote: > What part of drm core disallows it? As I remember discussions about > drm_bridge design there were voices that they should be > hot(un)pluggable, and they are IMO, of course if they are not active. Even if they are not active, once the DRM master device has used of_drm_find_bridge(), it has a reference on struct drm_bridge. Normally, that is allocated using something like devm_kzalloc() in the bridge drivers probe function. When the bridge driver is unbound, that memory will be freed, but there is no notification to the DRM master that this structure is no longer valid (unless you have something implemented in exynos between the exynos core and the bridge driver(s) that specifically deals with that.) Note that there is nothing in drm_bridge_remove() that does anything beyond removing the bridge from the global list of bridges. Any further accesses by the DRM master to that struct drm_bridge will be a use-after-free of that memory. -- RMK's Patch system: http://www.armlinux.org.uk/developer/patches/ FTTC broadband for 0.8mile line in suburbia: sync at 12.1Mbps down 622kbps up According to speedtest.net: 11.9Mbps down 500kbps up _______________________________________________ dri-devel mailing list dri-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/dri-devel
