syzbot

=====================================================
BUG: KMSAN: uninit-value in hci_dev_do_open+0x1707/0x25a0 net/bluetooth/hci_core.c:1550
CPU: 1 PID: 2290 Comm: kworker/u5:0 Not tainted 5.3.0-rc7+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: hci0 hci_power_on
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x191/0x1f0 lib/dump_stack.c:113
 kmsan_report+0x13a/0x2b0 mm/kmsan/kmsan_report.c:108
 __msan_warning+0x73/0xe0 mm/kmsan/kmsan_instr.c:250
 skb_unref include/linux/skbuff.h:1017 [inline]
 kfree_skb+0x23c/0x4c0 net/core/skbuff.c:693
 hci_dev_do_open+0x1707/0x25a0 net/bluetooth/hci_core.c:1550
 hci_power_on+0x186/0x910 net/bluetooth/hci_core.c:2171
 process_one_work+0x1572/0x1ef0 kernel/workqueue.c:2269
 worker_thread+0x111b/0x2460 kernel/workqueue.c:2415
 kthread+0x4b5/0x4f0 kernel/kthread.c:256
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:150 [inline]
 kmsan_internal_poison_shadow+0x53/0x100 mm/kmsan/kmsan.c:134
 kmsan_slab_free+0x8d/0x100 mm/kmsan/kmsan_hooks.c:123
 slab_free_freelist_hook mm/slub.c:1472 [inline]
 slab_free mm/slub.c:3038 [inline]
 kmem_cache_free+0x2d1/0x2b70 mm/slub.c:3054
 kfree_skbmem net/core/skbuff.c:644 [inline]
 __kfree_skb net/core/skbuff.c:680 [inline]
 kfree_skb+0x473/0x4c0 net/core/skbuff.c:697
 kfree_skb_list+0x9d/0xe0 net/core/skbuff.c:706
 __dev_xmit_skb net/core/dev.c:3539 [inline]
 __dev_queue_xmit+0x2a86/0x4270 net/core/dev.c:3838
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:3902
 tx+0xe2/0x2f0 drivers/block/aoe/aoenet.c:63
 kthread+0x1f6/0x470 drivers/block/aoe/aoecmd.c:1239
 kthread+0x4b5/0x4f0 kernel/kthread.c:256
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355
=====================================================