BUG: memory leak
unreferenced object 0xffff88811a651100 (size 96):
  comm "syz-executor641", pid 7039, jiffies 4294941459 (age 18.370s)
  hex dump (first 32 bytes):
    10 f0 e8 83 ff ff ff ff 08 11 65 1a 81 88 ff ff  ..........e.....
    08 11 65 1a 81 88 ff ff 00 00 00 00 00 00 00 00  ..e.............
  backtrace:
    [<000000005c658974>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000005c658974>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005c658974>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005c658974>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<000000005e7ecadb>] kmalloc include/linux/slab.h:547 [inline]
    [<000000005e7ecadb>] kzalloc include/linux/slab.h:742 [inline]
    [<000000005e7ecadb>] class_dir_create_and_add drivers/base/core.c:1723 [inline]
    [<000000005e7ecadb>] get_device_parent.isra.0+0x1a8/0x240 drivers/base/core.c:1787
    [<0000000081d8f097>] device_add+0x136/0x890 drivers/base/core.c:2048
    [<00000000bb1f9b99>] hci_register_dev+0x166/0x380 net/bluetooth/hci_core.c:3305
    [<00000000de65f1db>] __vhci_create_device+0x10a/0x1f0 drivers/bluetooth/hci_vhci.c:124
    [<000000007788edc0>] vhci_create_device drivers/bluetooth/hci_vhci.c:148 [inline]
    [<000000007788edc0>] vhci_get_user drivers/bluetooth/hci_vhci.c:204 [inline]
    [<000000007788edc0>] vhci_write+0x130/0x1f0 drivers/bluetooth/hci_vhci.c:284
    [<0000000014ea831e>] call_write_iter include/linux/fs.h:1872 [inline]
    [<0000000014ea831e>] new_sync_write+0x1ad/0x260 fs/read_write.c:483
    [<00000000b7c37b74>] __vfs_write+0x87/0xa0 fs/read_write.c:496
    [<000000004fc8bd16>] vfs_write fs/read_write.c:558 [inline]
    [<000000004fc8bd16>] vfs_write+0xee/0x210 fs/read_write.c:542
    [<00000000aac1c0d7>] ksys_write+0x7c/0x130 fs/read_write.c:611
    [<0000000049d01b63>] __do_sys_write fs/read_write.c:623 [inline]
    [<0000000049d01b63>] __se_sys_write fs/read_write.c:620 [inline]
    [<0000000049d01b63>] __x64_sys_write+0x1e/0x30 fs/read_write.c:620
    [<000000002ab9cc4b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<000000002f166f97>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a651100 (size 96):
  comm "syz-executor641", pid 7039, jiffies 4294941459 (age 19.390s)
  hex dump (first 32 bytes):
    10 f0 e8 83 ff ff ff ff 08 11 65 1a 81 88 ff ff  ..........e.....
    08 11 65 1a 81 88 ff ff 00 00 00 00 00 00 00 00  ..e.............
  backtrace:
    [<000000005c658974>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000005c658974>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005c658974>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005c658974>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<000000005e7ecadb>] kmalloc include/linux/slab.h:547 [inline]
    [<000000005e7ecadb>] kzalloc include/linux/slab.h:742 [inline]
    [<000000005e7ecadb>] class_dir_create_and_add drivers/base/core.c:1723 [inline]
    [<000000005e7ecadb>] get_device_parent.isra.0+0x1a8/0x240 drivers/base/core.c:1787
    [<0000000081d8f097>] device_add+0x136/0x890 drivers/base/core.c:2048
    [<00000000bb1f9b99>] hci_register_dev+0x166/0x380 net/bluetooth/hci_core.c:3305
    [<00000000de65f1db>] __vhci_create_device+0x10a/0x1f0 drivers/bluetooth/hci_vhci.c:124
    [<000000007788edc0>] vhci_create_device drivers/bluetooth/hci_vhci.c:148 [inline]
    [<000000007788edc0>] vhci_get_user drivers/bluetooth/hci_vhci.c:204 [inline]
    [<000000007788edc0>] vhci_write+0x130/0x1f0 drivers/bluetooth/hci_vhci.c:284
    [<0000000014ea831e>] call_write_iter include/linux/fs.h:1872 [inline]
    [<0000000014ea831e>] new_sync_write+0x1ad/0x260 fs/read_write.c:483
    [<00000000b7c37b74>] __vfs_write+0x87/0xa0 fs/read_write.c:496
    [<000000004fc8bd16>] vfs_write fs/read_write.c:558 [inline]
    [<000000004fc8bd16>] vfs_write+0xee/0x210 fs/read_write.c:542
    [<00000000aac1c0d7>] ksys_write+0x7c/0x130 fs/read_write.c:611
    [<0000000049d01b63>] __do_sys_write fs/read_write.c:623 [inline]
    [<0000000049d01b63>] __se_sys_write fs/read_write.c:620 [inline]
    [<0000000049d01b63>] __x64_sys_write+0x1e/0x30 fs/read_write.c:620
    [<000000002ab9cc4b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<000000002f166f97>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a651100 (size 96):
  comm "syz-executor641", pid 7039, jiffies 4294941459 (age 22.330s)
  hex dump (first 32 bytes):
    10 f0 e8 83 ff ff ff ff 08 11 65 1a 81 88 ff ff  ..........e.....
    08 11 65 1a 81 88 ff ff 00 00 00 00 00 00 00 00  ..e.............
  backtrace:
    [<000000005c658974>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000005c658974>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005c658974>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005c658974>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<000000005e7ecadb>] kmalloc include/linux/slab.h:547 [inline]
    [<000000005e7ecadb>] kzalloc include/linux/slab.h:742 [inline]
    [<000000005e7ecadb>] class_dir_create_and_add drivers/base/core.c:1723 [inline]
    [<000000005e7ecadb>] get_device_parent.isra.0+0x1a8/0x240 drivers/base/core.c:1787
    [<0000000081d8f097>] device_add+0x136/0x890 drivers/base/core.c:2048
    [<00000000bb1f9b99>] hci_register_dev+0x166/0x380 net/bluetooth/hci_core.c:3305
    [<00000000de65f1db>] __vhci_create_device+0x10a/0x1f0 drivers/bluetooth/hci_vhci.c:124
    [<000000007788edc0>] vhci_create_device drivers/bluetooth/hci_vhci.c:148 [inline]
    [<000000007788edc0>] vhci_get_user drivers/bluetooth/hci_vhci.c:204 [inline]
    [<000000007788edc0>] vhci_write+0x130/0x1f0 drivers/bluetooth/hci_vhci.c:284
    [<0000000014ea831e>] call_write_iter include/linux/fs.h:1872 [inline]
    [<0000000014ea831e>] new_sync_write+0x1ad/0x260 fs/read_write.c:483
    [<00000000b7c37b74>] __vfs_write+0x87/0xa0 fs/read_write.c:496
    [<000000004fc8bd16>] vfs_write fs/read_write.c:558 [inline]
    [<000000004fc8bd16>] vfs_write+0xee/0x210 fs/read_write.c:542
    [<00000000aac1c0d7>] ksys_write+0x7c/0x130 fs/read_write.c:611
    [<0000000049d01b63>] __do_sys_write fs/read_write.c:623 [inline]
    [<0000000049d01b63>] __se_sys_write fs/read_write.c:620 [inline]
    [<0000000049d01b63>] __x64_sys_write+0x1e/0x30 fs/read_write.c:620
    [<000000002ab9cc4b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<000000002f166f97>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a651100 (size 96):
  comm "syz-executor641", pid 7039, jiffies 4294941459 (age 23.350s)
  hex dump (first 32 bytes):
    10 f0 e8 83 ff ff ff ff 08 11 65 1a 81 88 ff ff  ..........e.....
    08 11 65 1a 81 88 ff ff 00 00 00 00 00 00 00 00  ..e.............
  backtrace:
    [<000000005c658974>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000005c658974>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005c658974>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005c658974>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<000000005e7ecadb>] kmalloc include/linux/slab.h:547 [inline]
    [<000000005e7ecadb>] kzalloc include/linux/slab.h:742 [inline]
    [<000000005e7ecadb>] class_dir_create_and_add drivers/base/core.c:1723 [inline]
    [<000000005e7ecadb>] get_device_parent.isra.0+0x1a8/0x240 drivers/base/core.c:1787
    [<0000000081d8f097>] device_add+0x136/0x890 drivers/base/core.c:2048
    [<00000000bb1f9b99>] hci_register_dev+0x166/0x380 net/bluetooth/hci_core.c:3305
    [<00000000de65f1db>] __vhci_create_device+0x10a/0x1f0 drivers/bluetooth/hci_vhci.c:124
    [<000000007788edc0>] vhci_create_device drivers/bluetooth/hci_vhci.c:148 [inline]
    [<000000007788edc0>] vhci_get_user drivers/bluetooth/hci_vhci.c:204 [inline]
    [<000000007788edc0>] vhci_write+0x130/0x1f0 drivers/bluetooth/hci_vhci.c:284
    [<0000000014ea831e>] call_write_iter include/linux/fs.h:1872 [inline]
    [<0000000014ea831e>] new_sync_write+0x1ad/0x260 fs/read_write.c:483
    [<00000000b7c37b74>] __vfs_write+0x87/0xa0 fs/read_write.c:496
    [<000000004fc8bd16>] vfs_write fs/read_write.c:558 [inline]
    [<000000004fc8bd16>] vfs_write+0xee/0x210 fs/read_write.c:542
    [<00000000aac1c0d7>] ksys_write+0x7c/0x130 fs/read_write.c:611
    [<0000000049d01b63>] __do_sys_write fs/read_write.c:623 [inline]
    [<0000000049d01b63>] __se_sys_write fs/read_write.c:620 [inline]
    [<0000000049d01b63>] __x64_sys_write+0x1e/0x30 fs/read_write.c:620
    [<000000002ab9cc4b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<000000002f166f97>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a651100 (size 96):
  comm "syz-executor641", pid 7039, jiffies 4294941459 (age 24.390s)
  hex dump (first 32 bytes):
    10 f0 e8 83 ff ff ff ff 08 11 65 1a 81 88 ff ff  ..........e.....
    08 11 65 1a 81 88 ff ff 00 00 00 00 00 00 00 00  ..e.............
  backtrace:
    [<000000005c658974>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000005c658974>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005c658974>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005c658974>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<000000005e7ecadb>] kmalloc include/linux/slab.h:547 [inline]
    [<000000005e7ecadb>] kzalloc include/linux/slab.h:742 [inline]
    [<000000005e7ecadb>] class_dir_create_and_add drivers/base/core.c:1723 [inline]
    [<000000005e7ecadb>] get_device_parent.isra.0+0x1a8/0x240 drivers/base/core.c:1787
    [<0000000081d8f097>] device_add+0x136/0x890 drivers/base/core.c:2048
    [<00000000bb1f9b99>] hci_register_dev+0x166/0x380 net/bluetooth/hci_core.c:3305
    [<00000000de65f1db>] __vhci_create_device+0x10a/0x1f0 drivers/bluetooth/hci_vhci.c:124
    [<000000007788edc0>] vhci_create_device drivers/bluetooth/hci_vhci.c:148 [inline]
    [<000000007788edc0>] vhci_get_user drivers/bluetooth/hci_vhci.c:204 [inline]
    [<000000007788edc0>] vhci_write+0x130/0x1f0 drivers/bluetooth/hci_vhci.c:284
    [<0000000014ea831e>] call_write_iter include/linux/fs.h:1872 [inline]
    [<0000000014ea831e>] new_sync_write+0x1ad/0x260 fs/read_write.c:483
    [<00000000b7c37b74>] __vfs_write+0x87/0xa0 fs/read_write.c:496
    [<000000004fc8bd16>] vfs_write fs/read_write.c:558 [inline]
    [<000000004fc8bd16>] vfs_write+0xee/0x210 fs/read_write.c:542
    [<00000000aac1c0d7>] ksys_write+0x7c/0x130 fs/read_write.c:611
    [<0000000049d01b63>] __do_sys_write fs/read_write.c:623 [inline]
    [<0000000049d01b63>] __se_sys_write fs/read_write.c:620 [inline]
    [<0000000049d01b63>] __x64_sys_write+0x1e/0x30 fs/read_write.c:620
    [<000000002ab9cc4b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<000000002f166f97>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

BUG: memory leak
unreferenced object 0xffff88811a651100 (size 96):
  comm "syz-executor641", pid 7039, jiffies 4294941459 (age 25.410s)
  hex dump (first 32 bytes):
    10 f0 e8 83 ff ff ff ff 08 11 65 1a 81 88 ff ff  ..........e.....
    08 11 65 1a 81 88 ff ff 00 00 00 00 00 00 00 00  ..e.............
  backtrace:
    [<000000005c658974>] kmemleak_alloc_recursive include/linux/kmemleak.h:43 [inline]
    [<000000005c658974>] slab_post_alloc_hook mm/slab.h:439 [inline]
    [<000000005c658974>] slab_alloc mm/slab.c:3326 [inline]
    [<000000005c658974>] kmem_cache_alloc_trace+0x13d/0x280 mm/slab.c:3553
    [<000000005e7ecadb>] kmalloc include/linux/slab.h:547 [inline]
    [<000000005e7ecadb>] kzalloc include/linux/slab.h:742 [inline]
    [<000000005e7ecadb>] class_dir_create_and_add drivers/base/core.c:1723 [inline]
    [<000000005e7ecadb>] get_device_parent.isra.0+0x1a8/0x240 drivers/base/core.c:1787
    [<0000000081d8f097>] device_add+0x136/0x890 drivers/base/core.c:2048
    [<00000000bb1f9b99>] hci_register_dev+0x166/0x380 net/bluetooth/hci_core.c:3305
    [<00000000de65f1db>] __vhci_create_device+0x10a/0x1f0 drivers/bluetooth/hci_vhci.c:124
    [<000000007788edc0>] vhci_create_device drivers/bluetooth/hci_vhci.c:148 [inline]
    [<000000007788edc0>] vhci_get_user drivers/bluetooth/hci_vhci.c:204 [inline]
    [<000000007788edc0>] vhci_write+0x130/0x1f0 drivers/bluetooth/hci_vhci.c:284
    [<0000000014ea831e>] call_write_iter include/linux/fs.h:1872 [inline]
    [<0000000014ea831e>] new_sync_write+0x1ad/0x260 fs/read_write.c:483
    [<00000000b7c37b74>] __vfs_write+0x87/0xa0 fs/read_write.c:496
    [<000000004fc8bd16>] vfs_write fs/read_write.c:558 [inline]
    [<000000004fc8bd16>] vfs_write+0xee/0x210 fs/read_write.c:542
    [<00000000aac1c0d7>] ksys_write+0x7c/0x130 fs/read_write.c:611
    [<0000000049d01b63>] __do_sys_write fs/read_write.c:623 [inline]
    [<0000000049d01b63>] __se_sys_write fs/read_write.c:620 [inline]
    [<0000000049d01b63>] __x64_sys_write+0x1e/0x30 fs/read_write.c:620
    [<000000002ab9cc4b>] do_syscall_64+0x76/0x1a0 arch/x86/entry/common.c:301
    [<000000002f166f97>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

executing program
executing program