[PATCH] media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()

From: Tomi Valkeinen
Date: Fri Aug 08 2025 - 05:00:09 EST

Next message: Nuno Sá: "Re: [PATCH v2 06/10] iio: adc: ad7476: Drop convstart chan_spec"
Previous message: Liao Yuanhong: "Re: [PATCH v4] f2fs: Add bggc_block_io to adjust the priority of BG_GC when issuing IO"
Next in thread: Dan Carpenter: "Re: [PATCH] media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

v4l2_subdev_call_state_try() macro allocates a subdev state with
__v4l2_subdev_state_alloc(), but does not check the returned value. If
__v4l2_subdev_state_alloc fails, it returns an ERR_PTR, and that would
cause v4l2_subdev_call_state_try() to crash.

Add proper error handling to v4l2_subdev_call_state_try().

Signed-off-by: Tomi Valkeinen <tomi.valkeinen@xxxxxxxxxxxxxxxx>
Fixes: 982c0487185b ("media: subdev: Add v4l2_subdev_call_state_try() macro")
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Closes: https://lore.kernel.org/all/aJTNtpDUbTz7eyJc%40stanley.mountain/
Cc: stable@xxxxxxxxxxxxxxx
---
include/media/v4l2-subdev.h | 30 +++++++++++++++++-------------
1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/include/media/v4l2-subdev.h b/include/media/v4l2-subdev.h
index 5dcf4065708f..398b57461677 100644
--- a/include/media/v4l2-subdev.h
+++ b/include/media/v4l2-subdev.h
@@ -1962,19 +1962,23 @@ extern const struct v4l2_subdev_ops v4l2_subdev_call_wrappers;
*
* Note: only legacy non-MC drivers may need this macro.
*/
-#define v4l2_subdev_call_state_try(sd, o, f, args...) \
- ({ \
- int __result; \
- static struct lock_class_key __key; \
- const char *name = KBUILD_BASENAME \
- ":" __stringify(__LINE__) ":state->lock"; \
- struct v4l2_subdev_state *state = \
- __v4l2_subdev_state_alloc(sd, name, &__key); \
- v4l2_subdev_lock_state(state); \
- __result = v4l2_subdev_call(sd, o, f, state, ##args); \
- v4l2_subdev_unlock_state(state); \
- __v4l2_subdev_state_free(state); \
- __result; \
+#define v4l2_subdev_call_state_try(sd, o, f, args...) \
+ ({ \
+ int __result; \
+ static struct lock_class_key __key; \
+ const char *name = KBUILD_BASENAME \
+ ":" __stringify(__LINE__) ":state->lock"; \
+ struct v4l2_subdev_state *state = \
+ __v4l2_subdev_state_alloc(sd, name, &__key); \
+ if (IS_ERR(state)) { \
+ __result = PTR_ERR(state); \
+ } else { \
+ v4l2_subdev_lock_state(state); \
+ __result = v4l2_subdev_call(sd, o, f, state, ##args); \
+ v4l2_subdev_unlock_state(state); \
+ __v4l2_subdev_state_free(state); \
+ } \
+ __result; \
})

/**

---
base-commit: d968e50b5c26642754492dea23cbd3592bde62d8
change-id: 20250808-fix-subdev-call-state-try-e724fa6907f8

Best regards,
--
Tomi Valkeinen <tomi.valkeinen@xxxxxxxxxxxxxxxx>

Next message: Nuno Sá: "Re: [PATCH v2 06/10] iio: adc: ad7476: Drop convstart chan_spec"
Previous message: Liao Yuanhong: "Re: [PATCH v4] f2fs: Add bggc_block_io to adjust the priority of BG_GC when issuing IO"
Next in thread: Dan Carpenter: "Re: [PATCH] media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]