BUG: memory leak unreferenced object 0xffff8881204b6900 (size 224): comm "syz-executor798", pid 7311, jiffies 4294947630 (age 22.370s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 66 10 81 88 ff ff 00 00 00 00 00 00 00 00 ..f............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6700 (size 224): comm "syz-executor798", pid 7303, jiffies 4294947630 (age 22.370s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 60 5d 20 81 88 ff ff 00 00 00 00 00 00 00 00 .`] ............ backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6900 (size 224): comm "syz-executor798", pid 7311, jiffies 4294947630 (age 24.640s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 66 10 81 88 ff ff 00 00 00 00 00 00 00 00 ..f............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6700 (size 224): comm "syz-executor798", pid 7303, jiffies 4294947630 (age 24.640s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 60 5d 20 81 88 ff ff 00 00 00 00 00 00 00 00 .`] ............ backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6c00 (size 224): comm "syz-executor798", pid 7301, jiffies 4294947631 (age 24.630s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 40 b6 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@.............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6900 (size 224): comm "syz-executor798", pid 7311, jiffies 4294947630 (age 25.830s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 66 10 81 88 ff ff 00 00 00 00 00 00 00 00 ..f............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6700 (size 224): comm "syz-executor798", pid 7303, jiffies 4294947630 (age 25.830s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 60 5d 20 81 88 ff ff 00 00 00 00 00 00 00 00 .`] ............ backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6c00 (size 224): comm "syz-executor798", pid 7301, jiffies 4294947631 (age 25.820s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 40 b6 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@.............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6900 (size 224): comm "syz-executor798", pid 7311, jiffies 4294947630 (age 27.030s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 66 10 81 88 ff ff 00 00 00 00 00 00 00 00 ..f............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6700 (size 224): comm "syz-executor798", pid 7303, jiffies 4294947630 (age 27.030s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 60 5d 20 81 88 ff ff 00 00 00 00 00 00 00 00 .`] ............ backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6c00 (size 224): comm "syz-executor798", pid 7301, jiffies 4294947631 (age 27.020s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 40 b6 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@.............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6900 (size 224): comm "syz-executor798", pid 7311, jiffies 4294947630 (age 29.360s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 66 10 81 88 ff ff 00 00 00 00 00 00 00 00 ..f............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6700 (size 224): comm "syz-executor798", pid 7303, jiffies 4294947630 (age 29.360s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 60 5d 20 81 88 ff ff 00 00 00 00 00 00 00 00 .`] ............ backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6c00 (size 224): comm "syz-executor798", pid 7301, jiffies 4294947631 (age 29.350s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 40 b6 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@.............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6900 (size 224): comm "syz-executor798", pid 7311, jiffies 4294947630 (age 29.430s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 80 66 10 81 88 ff ff 00 00 00 00 00 00 00 00 ..f............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6700 (size 224): comm "syz-executor798", pid 7303, jiffies 4294947630 (age 29.430s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 60 5d 20 81 88 ff ff 00 00 00 00 00 00 00 00 .`] ............ backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 BUG: memory leak unreferenced object 0xffff8881204b6c00 (size 224): comm "syz-executor798", pid 7301, jiffies 4294947631 (age 29.420s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 40 b6 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@.............. backtrace: [<0000000080628d2d>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline] [<0000000080628d2d>] slab_post_alloc_hook mm/slab.h:586 [inline] [<0000000080628d2d>] slab_alloc_node mm/slab.c:3263 [inline] [<0000000080628d2d>] kmem_cache_alloc_node+0x163/0x2f0 mm/slab.c:3575 [<000000003c68a21d>] __alloc_skb+0x6e/0x210 net/core/skbuff.c:197 [<0000000066692c0a>] alloc_skb include/linux/skbuff.h:1049 [inline] [<0000000066692c0a>] bt_skb_alloc include/net/bluetooth/bluetooth.h:339 [inline] [<0000000066692c0a>] h5_rx_pkt_start+0x57/0xd0 drivers/bluetooth/hci_h5.c:474 [<00000000b9bc790d>] h5_recv+0x13f/0x1d0 drivers/bluetooth/hci_h5.c:563 [<00000000750be4ef>] hci_uart_tty_receive+0xba/0x200 drivers/bluetooth/hci_ldisc.c:613 [<000000005eba0408>] tiocsti drivers/tty/tty_io.c:2200 [inline] [<000000005eba0408>] tty_ioctl+0x81c/0xa30 drivers/tty/tty_io.c:2576 [<0000000079019ec7>] vfs_ioctl fs/ioctl.c:47 [inline] [<0000000079019ec7>] file_ioctl fs/ioctl.c:545 [inline] [<0000000079019ec7>] do_vfs_ioctl+0x551/0x890 fs/ioctl.c:732 [<0000000079e1f101>] ksys_ioctl+0x86/0xb0 fs/ioctl.c:749 [<00000000636dc2a0>] __do_sys_ioctl fs/ioctl.c:756 [inline] [<00000000636dc2a0>] __se_sys_ioctl fs/ioctl.c:754 [inline] [<00000000636dc2a0>] __x64_sys_ioctl+0x1e/0x30 fs/ioctl.c:754 [<0000000047f92146>] do_syscall_64+0x73/0x220 arch/x86/entry/common.c:294 [<00000000cceaff6b>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 executing program executing program