msm: camera: common: Fix double-free scenario

In situations where there are multiple flush requests,
a double-free of buffer tracker occurs when the sync
callback which operates in a workqueue contexts interrupts
an ongoing flush request operation. This change provides
the fix to prevent it from happening.

CRs-Fixed: 3554278
Change-Id: I675b22b76c0f10fcf1808dc3fe0bc48ebd19a2e4
Signed-off-by: Li Sha Lim <[email protected]>

drivers/cam_core/cam_context_utils.c

@@ -387,7 +387,6 @@ static void cam_context_sync_callback(int32_t sync_obj, int status, void *data)
 			req->flushed = 0;
 			req->ctx = NULL;
 			mutex_unlock(&ctx->sync_mutex);
-			cam_smmu_buffer_tracker_putref(&req->buf_tracker);
 			spin_lock(&ctx->lock);
 			list_del_init(&req->list);
 			list_add_tail(&req->list, &ctx->free_req_list);