memory leak in v4l2_ctrl_handler_init

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
52697712-a6a2-4cd1-a2e2-6c488fcaa001	assessment-security	DenialOfService: ✅ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ✅ RemoteTrigger: ❌ Unprivileged: ❌ UserNamespace: ❌ VMGuestTrigger: ❌ VMHostTrigger: ❌	❓	memory leak in v4l2_ctrl_handler_init_class (3)	2026/06/01 10:16	2026/06/01 10:16	2026/06/01 11:19	6b4a844333e83556da95d61d7f207e7ef5cd4bc6
a6b749b2-e2b5-49f8-b6f4-4249b76fb5c6	assessment-security		💥	memory leak in v4l2_ctrl_handler_init_class (3)	2026/05/15 11:41	2026/05/15 11:41	2026/05/15 11:42	9cd3beaadf14b3a22d15fd97a0bf081ee41ebe01	failed to run ["git" "pull" "origin" "HEAD" "--depth=1" "--allow-unrelated-histories"]: exit status 128 From /app/workdir/repo/linux * branch HEAD -> FETCH_HEAD Updating files: ... truncated to first 200 bytes; open job for full error

Title	Replies (including bot)	Last reply
[PATCH] media: msi2500: free controls when video registration fails	1 (1)	2026/06/28 01:00
[syzbot] Monthly media report (Jun 2026)	0 (1)	2026/06/03 04:32
[PATCH v2] media: msi2500: fix memory leak in msi2500_probe error path	1 (1)	2026/05/15 07:25
[PATCH] media: msi2500: fix memory leak in msi2500_probe error path	2 (2)	2026/05/14 16:33
[syzbot] [media?] [usb?] memory leak in v4l2_ctrl_handler_init_class (3)	0 (3)	2026/05/08 03:01

Title

Replies (including bot)

Last reply

[PATCH] media: msi2500: free controls when video registration fails

1 (1)

2026/06/28 01:00

[syzbot] Monthly media report (Jun 2026)

0 (1)

2026/06/03 04:32

[PATCH v2] media: msi2500: fix memory leak in msi2500_probe error path

1 (1)

2026/05/15 07:25

[PATCH] media: msi2500: fix memory leak in msi2500_probe error path

2 (2)

2026/05/14 16:33

[syzbot] [media?] [usb?] memory leak in v4l2_ctrl_handler_init_class (3)

0 (3)

2026/05/08 03:01

Kernel	Title	Rank 🛈	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	memory leak in v4l2_ctrl_handler_init_class usb media	3	C			12	1897d	1950d	20/29	fixed on 2021/11/10 00:50
upstream	memory leak in v4l2_ctrl_handler_init_class (2) usb media	3	C			14	152d	216d	29/29	fixed on 2026/05/06 16:40

Rank 🛈

upstream

memory leak in v4l2_ctrl_handler_init_class usb media

1897d

1950d

20/29

fixed on 2021/11/10 00:50

upstream

memory leak in v4l2_ctrl_handler_init_class (2) usb media

152d

216d

29/29

fixed on 2026/05/06 16:40

Created	Duration	User	Patch	Repo	Result
2026/06/14 09:25	54m	retest repro		upstream	report log
2026/06/14 09:25	46m	retest repro		upstream	report log
2026/05/31 02:12	24m	retest repro		upstream	report log
2026/05/31 02:12	22m	retest repro		upstream	report log
2026/05/31 02:12	24m	retest repro		upstream	report log
2026/05/31 02:12	57m	retest repro		upstream	report log
2026/05/31 02:12	49m	retest repro		upstream	report log
2026/05/08 03:01	36m	daiky0325@gmail.com	patch	upstream	OK log
2026/05/08 02:56	21m	daiky0325@gmail.com		upstream	report log

Created

Duration

User

Patch

Repo

Result

2026/06/14 09:25

54m

retest repro

upstream

report log

2026/06/14 09:25

46m

retest repro

upstream

report log

2026/05/31 02:12

24m

retest repro

upstream

report log

2026/05/31 02:12

22m

retest repro

upstream

report log

2026/05/31 02:12

24m

retest repro

upstream

report log

2026/05/31 02:12

57m

retest repro

upstream

report log

2026/05/31 02:12

49m

retest repro

upstream

report log

2026/05/08 03:01

36m

daiky0325@gmail.com

patch

upstream

OK log

2026/05/08 02:56

21m

daiky0325@gmail.com

upstream

report log

BUG: memory leak unreferenced object 0xffff88810e791760 (size 8): comm "kworker/1:3", pid 4938, jiffies 4294942079 hex dump (first 8 bytes): 00 ae 00 12 81 88 ff ff ........ backtrace (crc 951e548): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4625 [inline] slab_alloc_node mm/slub.c:4945 [inline] __do_kmalloc_node mm/slub.c:5361 [inline] __kvmalloc_node_noprof+0x58a/0x6f0 mm/slub.c:6933 v4l2_ctrl_handler_init_class+0x59/0x90 drivers/media/v4l2-core/v4l2-ctrls-core.c:1741 msi2500_probe+0x2f7/0x3a0 drivers/media/usb/msi2500/msi2500.c:1263 usb_probe_interface+0x210/0x480 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:628 [inline] really_probe+0x12f/0x3a0 drivers/base/dd.c:706 __driver_probe_device+0xe9/0x1a0 drivers/base/dd.c:868 driver_probe_device+0x28/0xf0 drivers/base/dd.c:898 __device_attach_driver+0x10f/0x170 drivers/base/dd.c:1026 bus_for_each_drv+0xd2/0x130 drivers/base/bus.c:500 __device_attach+0xf9/0x290 drivers/base/dd.c:1098 device_initial_probe+0x6f/0x80 drivers/base/dd.c:1153 bus_probe_device+0x3e/0xb0 drivers/base/bus.c:620 device_add+0x99f/0xc80 drivers/base/core.c:3772 usb_set_configuration+0x8f5/0xb80 drivers/usb/core/message.c:2268 usb_generic_driver_probe+0x73/0xb0 drivers/usb/core/generic.c:250 usb_probe_device+0x78/0x1f0 drivers/usb/core/driver.c:291 BUG: memory leak unreferenced object 0xffff8881133eba00 (size 256): comm "kworker/1:3", pid 4938, jiffies 4294942079 hex dump (first 32 bytes): 58 e7 6a 14 81 88 ff ff 58 e7 6a 14 81 88 ff ff X.j.....X.j..... 10 ba 3e 13 81 88 ff ff 10 ba 3e 13 81 88 ff ff ..>.......>..... backtrace (crc 8a53cf81): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4625 [inline] slab_alloc_node mm/slub.c:4945 [inline] __do_kmalloc_node mm/slub.c:5361 [inline] __kvmalloc_node_noprof+0x58a/0x6f0 mm/slub.c:6933 v4l2_ctrl_new+0x2bb/0x1470 drivers/media/v4l2-core/v4l2-ctrls-core.c:2152 v4l2_ctrl_new_std+0x122/0x180 drivers/media/v4l2-core/v4l2-ctrls-core.c:2306 handler_new_ref+0x34d/0x440 drivers/media/v4l2-core/v4l2-ctrls-core.c:1887 v4l2_ctrl_add_handler drivers/media/v4l2-core/v4l2-ctrls-core.c:2456 [inline] v4l2_ctrl_add_handler+0x12d/0x180 drivers/media/v4l2-core/v4l2-ctrls-core.c:2430 msi2500_probe+0x32e/0x3a0 drivers/media/usb/msi2500/msi2500.c:1271 usb_probe_interface+0x210/0x480 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:628 [inline] really_probe+0x12f/0x3a0 drivers/base/dd.c:706 __driver_probe_device+0xe9/0x1a0 drivers/base/dd.c:868 driver_probe_device+0x28/0xf0 drivers/base/dd.c:898 __device_attach_driver+0x10f/0x170 drivers/base/dd.c:1026 bus_for_each_drv+0xd2/0x130 drivers/base/bus.c:500 __device_attach+0xf9/0x290 drivers/base/dd.c:1098 device_initial_probe+0x6f/0x80 drivers/base/dd.c:1153 bus_probe_device+0x3e/0xb0 drivers/base/bus.c:620 device_add+0x99f/0xc80 drivers/base/core.c:3772 BUG: memory leak unreferenced object 0xffff888115d4e100 (size 64): comm "kworker/1:3", pid 4938, jiffies 4294942079 hex dump (first 32 bytes): 40 e1 d4 15 81 88 ff ff 68 e7 6a 14 81 88 ff ff @.......h.j..... 00 00 00 00 00 00 00 00 00 ba 3e 13 81 88 ff ff ..........>..... backtrace (crc 22f27a80): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4625 [inline] slab_alloc_node mm/slub.c:4945 [inline] __do_kmalloc_node mm/slub.c:5361 [inline] __kmalloc_noprof+0x3bf/0x550 mm/slub.c:5387 _kmalloc_noprof include/linux/slab.h:973 [inline] _kzalloc_noprof include/linux/slab.h:1290 [inline] handler_new_ref+0xd9/0x440 drivers/media/v4l2-core/v4l2-ctrls-core.c:1895 v4l2_ctrl_new+0x69e/0x1470 drivers/media/v4l2-core/v4l2-ctrls-core.c:2235 v4l2_ctrl_new_std+0x122/0x180 drivers/media/v4l2-core/v4l2-ctrls-core.c:2306 handler_new_ref+0x34d/0x440 drivers/media/v4l2-core/v4l2-ctrls-core.c:1887 v4l2_ctrl_add_handler drivers/media/v4l2-core/v4l2-ctrls-core.c:2456 [inline] v4l2_ctrl_add_handler+0x12d/0x180 drivers/media/v4l2-core/v4l2-ctrls-core.c:2430 msi2500_probe+0x32e/0x3a0 drivers/media/usb/msi2500/msi2500.c:1271 usb_probe_interface+0x210/0x480 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:628 [inline] really_probe+0x12f/0x3a0 drivers/base/dd.c:706 __driver_probe_device+0xe9/0x1a0 drivers/base/dd.c:868 driver_probe_device+0x28/0xf0 drivers/base/dd.c:898 __device_attach_driver+0x10f/0x170 drivers/base/dd.c:1026 bus_for_each_drv+0xd2/0x130 drivers/base/bus.c:500 __device_attach+0xf9/0x290 drivers/base/dd.c:1098 device_initial_probe+0x6f/0x80 drivers/base/dd.c:1153 bus_probe_device+0x3e/0xb0 drivers/base/bus.c:620 BUG: memory leak unreferenced object 0xffff888115d4e140 (size 64): comm "kworker/1:3", pid 4938, jiffies 4294942079 hex dump (first 32 bytes): 80 af 00 12 81 88 ff ff 00 e1 d4 15 81 88 ff ff ................ 00 e1 d4 15 81 88 ff ff 00 bb 3e 13 81 88 ff ff ..........>..... backtrace (crc 54da83b1): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4625 [inline] slab_alloc_node mm/slub.c:4945 [inline] __do_kmalloc_node mm/slub.c:5361 [inline] __kmalloc_noprof+0x3bf/0x550 mm/slub.c:5387 _kmalloc_noprof include/linux/slab.h:973 [inline] _kzalloc_noprof include/linux/slab.h:1290 [inline] handler_new_ref+0xd9/0x440 drivers/media/v4l2-core/v4l2-ctrls-core.c:1895 v4l2_ctrl_add_handler drivers/media/v4l2-core/v4l2-ctrls-core.c:2456 [inline] v4l2_ctrl_add_handler+0x12d/0x180 drivers/media/v4l2-core/v4l2-ctrls-core.c:2430 msi2500_probe+0x32e/0x3a0 drivers/media/usb/msi2500/msi2500.c:1271 usb_probe_interface+0x210/0x480 drivers/usb/core/driver.c:396 call_driver_probe drivers/base/dd.c:628 [inline] really_probe+0x12f/0x3a0 drivers/base/dd.c:706 __driver_probe_device+0xe9/0x1a0 drivers/base/dd.c:868 driver_probe_device+0x28/0xf0 drivers/base/dd.c:898 __device_attach_driver+0x10f/0x170 drivers/base/dd.c:1026 bus_for_each_drv+0xd2/0x130 drivers/base/bus.c:500 __device_attach+0xf9/0x290 drivers/base/dd.c:1098 device_initial_probe+0x6f/0x80 drivers/base/dd.c:1153 bus_probe_device+0x3e/0xb0 drivers/base/bus.c:620 device_add+0x99f/0xc80 drivers/base/core.c:3772 usb_set_configuration+0x8f5/0xb80 drivers/usb/core/message.c:2268 usb_generic_driver_probe+0x73/0xb0 drivers/usb/core/generic.c:250 connection error: failed to recv *flatrpc.ExecutorMessageRawT: EOF

Crashes (13):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Assets (help?)	Manager	Title
2026/06/29 23:59	upstream	dc59e4fea9d8	6a0c72dc	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/06/29 23:08	upstream	dc59e4fea9d8	6a0c72dc	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/06/29 22:39	upstream	dc59e4fea9d8	6a0c72dc	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/06/29 22:22	upstream	dc59e4fea9d8	6a0c72dc	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/06/29 21:55	upstream	dc59e4fea9d8	6a0c72dc	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/16 20:17	upstream	6916d5703ddf	a15a64a6	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/16 19:54	upstream	6916d5703ddf	a15a64a6	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/16 19:52	upstream	6916d5703ddf	a15a64a6	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/07 16:29	upstream	5862221fdded	f250db59	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/07 16:06	upstream	5862221fdded	f250db59	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/07 15:43	upstream	5862221fdded	f250db59	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/07 15:37	upstream	5862221fdded	f250db59	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class
2026/05/07 15:33	upstream	5862221fdded	f250db59	.config	console log	report	syz / log	C	[disk image] [vmlinux] [kernel image]	ci-upstream-gce-leak	memory leak in v4l2_ctrl_handler_init_class

Crashes (13):

Assets (help?)