syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8062, 0x0, {0x0, r6}}, 0x14)
BUG: memory leak
unreferenced object 0xffff888043996000 (size 4096):
  comm "syz-executor.6", pid 7962, jiffies 4295512049 (age 254.014s)
  hex dump (first 32 bytes):
    00 c0 34 43 80 88 ff ff 22 01 00 00 00 00 ad de  ..4C....".......
    01 00 00 00 aa aa aa aa aa 10 00 aa aa aa aa aa  ................
  backtrace:
    [<00000000ef6b1049>] kmalloc include/linux/slab.h:552 [inline]
    [<00000000ef6b1049>] kzalloc include/linux/slab.h:664 [inline]
    [<00000000ef6b1049>] hci_conn_add+0x53/0x1280 net/bluetooth/hci_conn.c:527
    [<000000006cd45118>] hci_connect_sco+0x352/0x880 net/bluetooth/hci_conn.c:1285
    [<00000000f1505d8a>] sco_connect net/bluetooth/sco.c:254 [inline]
    [<00000000f1505d8a>] sco_sock_connect+0x352/0xa60 net/bluetooth/sco.c:592
    [<00000000bca67266>] __sys_connect_file+0x15b/0x1a0 net/socket.c:1846
    [<000000007aa88d38>] __sys_connect+0x165/0x1a0 net/socket.c:1863
    [<00000000a23a4c40>] __do_sys_connect net/socket.c:1873 [inline]
    [<00000000a23a4c40>] __se_sys_connect net/socket.c:1870 [inline]
    [<00000000a23a4c40>] __x64_sys_connect+0x6f/0xb0 net/socket.c:1870
    [<000000004535ff72>] do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46
    [<00000000ebcda808>] entry_SYSCALL_64_after_hwframe+0x61/0xc6

BUG: memory leak
unreferenced object 0xffff88801ceec000 (size 1024):
  comm "kworker/u5:1", pid 292, jiffies 4295656151 (age 109.915s)
  hex dump (first 32 bytes):
    00 60 99 43 80 88 ff ff 00 ff 61 3a 80 88 ff ff  .`.C......a:....
    fd 03 00 00 00 00 00 00 00 06 00 00 00 00 00 00  ................
  backtrace:
    [<0000000071b95f26>] kmalloc include/linux/slab.h:552 [inline]
    [<0000000071b95f26>] kzalloc include/linux/slab.h:664 [inline]
    [<0000000071b95f26>] l2cap_conn_add.part.0+0x64/0xdf0 net/bluetooth/l2cap_core.c:7813
    [<00000000728147a0>] l2cap_conn_add net/bluetooth/l2cap_core.c:7806 [inline]
    [<00000000728147a0>] l2cap_recv_acldata+0x578/0x8e0 net/bluetooth/l2cap_core.c:8394
    [<000000006c1c4e3f>] hci_acldata_packet net/bluetooth/hci_core.c:4776 [inline]
    [<000000006c1c4e3f>] hci_rx_work+0x4d0/0xb90 net/bluetooth/hci_core.c:4967
    [<000000004192a790>] process_one_work+0x9a9/0x1590 kernel/workqueue.c:2279
    [<000000007dd08b6a>] worker_thread+0x61d/0x1310 kernel/workqueue.c:2425
    [<000000006b2c49db>] kthread+0x38f/0x470 kernel/kthread.c:313
    [<0000000006ad1919>] ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:299

BUG: memory leak
unreferenced object 0xffff888045f8bb40 (size 232):
  comm "kworker/u5:1", pid 292, jiffies 4295656163 (age 109.903s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000002c4c144>] __alloc_skb+0x6d/0x5b0 net/core/skbuff.c:198
    [<00000000459aa378>] alloc_skb include/linux/skbuff.h:1101 [inline]
    [<00000000459aa378>] bt_skb_alloc include/net/bluetooth/bluetooth.h:391 [inline]
    [<00000000459aa378>] l2cap_recv_acldata+0x1fa/0x8e0 net/bluetooth/l2cap_core.c:8439
    [<000000006c1c4e3f>] hci_acldata_packet net/bluetooth/hci_core.c:4776 [inline]
    [<000000006c1c4e3f>] hci_rx_work+0x4d0/0xb90 net/bluetooth/hci_core.c:4967
    [<000000004192a790>] process_one_work+0x9a9/0x1590 kernel/workqueue.c:2279
    [<000000007dd08b6a>] worker_thread+0x61d/0x1310 kernel/workqueue.c:2425
    [<000000006b2c49db>] kthread+0x38f/0x470 kernel/kthread.c:313
    [<0000000006ad1919>] ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:299

BUG: memory leak
unreferenced object 0xffff888038f40000 (size 28928):
  comm "kworker/u5:1", pid 292, jiffies 4295656163 (age 109.903s)
  hex dump (first 32 bytes):
    c0 9f 9c 15 80 88 ff ff 7a 6f 59 74 0c 01 c0 fb  ........zoYt....
    00 00 00 00 ff ff ff ff 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000090ede6a3>] __kmalloc_node_track_caller+0x34e/0x3f0 mm/slub.c:4482
    [<0000000052fe084e>] __kmalloc_reserve net/core/skbuff.c:142 [inline]
    [<0000000052fe084e>] __alloc_skb+0xb1/0x5b0 net/core/skbuff.c:210
    [<00000000459aa378>] alloc_skb include/linux/skbuff.h:1101 [inline]
    [<00000000459aa378>] bt_skb_alloc include/net/bluetooth/bluetooth.h:391 [inline]
    [<00000000459aa378>] l2cap_recv_acldata+0x1fa/0x8e0 net/bluetooth/l2cap_core.c:8439
    [<000000006c1c4e3f>] hci_acldata_packet net/bluetooth/hci_core.c:4776 [inline]
    [<000000006c1c4e3f>] hci_rx_work+0x4d0/0xb90 net/bluetooth/hci_core.c:4967
    [<000000004192a790>] process_one_work+0x9a9/0x1590 kernel/workqueue.c:2279
    [<000000007dd08b6a>] worker_thread+0x61d/0x1310 kernel/workqueue.c:2425
    [<000000006b2c49db>] kthread+0x38f/0x470 kernel/kthread.c:313
    [<0000000006ad1919>] ret_from_fork+0x22/0x30 arch/x86/entry/entry_64.S:299

BUG: leak checking failed