BUG: memory leak
unreferenced object 0xffff88811910d600 (size 224):
  comm "syz-executor.0", pid 8811, jiffies 4294946811 (age 17.250s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000fb05e32a>] __alloc_skb+0x5e/0x250 net/core/skbuff.c:198
    [<000000005931da09>] alloc_skb include/linux/skbuff.h:1094 [inline]
    [<000000005931da09>] bt_skb_alloc include/net/bluetooth/bluetooth.h:389 [inline]
    [<000000005931da09>] h4_recv_buf+0x279/0x450 drivers/bluetooth/hci_h4.c:181
    [<00000000a40dfff4>] ag6xx_recv+0x4d/0xb0 drivers/bluetooth/hci_ag6xx.c:108
    [<000000003119b76c>] hci_uart_tty_receive+0xa2/0x1f0 drivers/bluetooth/hci_ldisc.c:613
    [<00000000e0ae5915>] tiocsti drivers/tty/tty_io.c:2196 [inline]
    [<00000000e0ae5915>] tty_ioctl+0x7ee/0xa30 drivers/tty/tty_io.c:2572
    [<000000002a6bdebe>] vfs_ioctl fs/ioctl.c:48 [inline]
    [<000000002a6bdebe>] __do_sys_ioctl fs/ioctl.c:753 [inline]
    [<000000002a6bdebe>] __se_sys_ioctl fs/ioctl.c:739 [inline]
    [<000000002a6bdebe>] __x64_sys_ioctl+0xd6/0x110 fs/ioctl.c:739
    [<000000008a5f7aef>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b9cc05b9>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811910d800 (size 224):
  comm "syz-executor.1", pid 8817, jiffies 4294946811 (age 17.250s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000fb05e32a>] __alloc_skb+0x5e/0x250 net/core/skbuff.c:198
    [<000000005931da09>] alloc_skb include/linux/skbuff.h:1094 [inline]
    [<000000005931da09>] bt_skb_alloc include/net/bluetooth/bluetooth.h:389 [inline]
    [<000000005931da09>] h4_recv_buf+0x279/0x450 drivers/bluetooth/hci_h4.c:181
    [<00000000a40dfff4>] ag6xx_recv+0x4d/0xb0 drivers/bluetooth/hci_ag6xx.c:108
    [<000000003119b76c>] hci_uart_tty_receive+0xa2/0x1f0 drivers/bluetooth/hci_ldisc.c:613
    [<00000000e0ae5915>] tiocsti drivers/tty/tty_io.c:2196 [inline]
    [<00000000e0ae5915>] tty_ioctl+0x7ee/0xa30 drivers/tty/tty_io.c:2572
    [<000000002a6bdebe>] vfs_ioctl fs/ioctl.c:48 [inline]
    [<000000002a6bdebe>] __do_sys_ioctl fs/ioctl.c:753 [inline]
    [<000000002a6bdebe>] __se_sys_ioctl fs/ioctl.c:739 [inline]
    [<000000002a6bdebe>] __x64_sys_ioctl+0xd6/0x110 fs/ioctl.c:739
    [<000000008a5f7aef>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b9cc05b9>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88810499dc00 (size 1024):
  comm "syz-executor.1", pid 8817, jiffies 4294946811 (age 17.250s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 09 00 00 00 00 01 00 00  ................
    09 00 00 00 09 00 00 00 01 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000c083031c>] __kmalloc_reserve net/core/skbuff.c:142 [inline]
    [<00000000c083031c>] __alloc_skb+0x99/0x250 net/core/skbuff.c:210
    [<000000005931da09>] alloc_skb include/linux/skbuff.h:1094 [inline]
    [<000000005931da09>] bt_skb_alloc include/net/bluetooth/bluetooth.h:389 [inline]
    [<000000005931da09>] h4_recv_buf+0x279/0x450 drivers/bluetooth/hci_h4.c:181
    [<00000000a40dfff4>] ag6xx_recv+0x4d/0xb0 drivers/bluetooth/hci_ag6xx.c:108
    [<000000003119b76c>] hci_uart_tty_receive+0xa2/0x1f0 drivers/bluetooth/hci_ldisc.c:613
    [<00000000e0ae5915>] tiocsti drivers/tty/tty_io.c:2196 [inline]
    [<00000000e0ae5915>] tty_ioctl+0x7ee/0xa30 drivers/tty/tty_io.c:2572
    [<000000002a6bdebe>] vfs_ioctl fs/ioctl.c:48 [inline]
    [<000000002a6bdebe>] __do_sys_ioctl fs/ioctl.c:753 [inline]
    [<000000002a6bdebe>] __se_sys_ioctl fs/ioctl.c:739 [inline]
    [<000000002a6bdebe>] __x64_sys_ioctl+0xd6/0x110 fs/ioctl.c:739
    [<000000008a5f7aef>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b9cc05b9>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff888119bbfc00 (size 224):
  comm "syz-executor.4", pid 8813, jiffies 4294946811 (age 17.250s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<00000000fb05e32a>] __alloc_skb+0x5e/0x250 net/core/skbuff.c:198
    [<000000005931da09>] alloc_skb include/linux/skbuff.h:1094 [inline]
    [<000000005931da09>] bt_skb_alloc include/net/bluetooth/bluetooth.h:389 [inline]
    [<000000005931da09>] h4_recv_buf+0x279/0x450 drivers/bluetooth/hci_h4.c:181
    [<00000000a40dfff4>] ag6xx_recv+0x4d/0xb0 drivers/bluetooth/hci_ag6xx.c:108
    [<000000003119b76c>] hci_uart_tty_receive+0xa2/0x1f0 drivers/bluetooth/hci_ldisc.c:613
    [<00000000e0ae5915>] tiocsti drivers/tty/tty_io.c:2196 [inline]
    [<00000000e0ae5915>] tty_ioctl+0x7ee/0xa30 drivers/tty/tty_io.c:2572
    [<000000002a6bdebe>] vfs_ioctl fs/ioctl.c:48 [inline]
    [<000000002a6bdebe>] __do_sys_ioctl fs/ioctl.c:753 [inline]
    [<000000002a6bdebe>] __se_sys_ioctl fs/ioctl.c:739 [inline]
    [<000000002a6bdebe>] __x64_sys_ioctl+0xd6/0x110 fs/ioctl.c:739
    [<000000008a5f7aef>] do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
    [<00000000b9cc05b9>] entry_SYSCALL_64_after_hwframe+0x44/0xa9