./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3638744838 <...> forked to background, child pid 4659 no interfaces have a carrier [ 51.277344][ T4660] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.296474][ T4660] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.26' (ECDSA) to the list of known hosts. execve("./syz-executor3638744838", ["./syz-executor3638744838"], 0x7ffcf28c72b0 /* 10 vars */) = 0 brk(NULL) = 0x5555570e9000 brk(0x5555570e9c40) = 0x5555570e9c40 arch_prctl(ARCH_SET_FS, 0x5555570e9300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 set_tid_address(0x5555570e95d0) = 5085 set_robust_list(0x5555570e95e0, 24) = 0 rt_sigaction(SIGRTMIN, {sa_handler=0x7fdd90d84bb0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fdd90d85280}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=0x7fdd90d84c50, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fdd90d85280}, NULL, 8) = 0 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3638744838", 4096) = 28 brk(0x55555710ac40) = 0x55555710ac40 brk(0x55555710b000) = 0x55555710b000 mprotect(0x7fdd90e46000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5086 attached , child_tidptr=0x5555570e95d0) = 5086 [pid 5086] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5086] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 5086] socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI) = 3 [pid 5086] openat(AT_FDCWD, "/dev/vhci", O_RDWR) = 4 [pid 5086] dup2(4, 202) = 202 [pid 5086] close(4) = 0 [pid 5086] write(202, "\xff\x00", 2) = 2 [pid 5086] read(202, "\xff\x00\x00\x00", 4) = 4 [pid 5086] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fdd90574000 [pid 5086] mprotect(0x7fdd90575000, 8388608, PROT_READ|PROT_WRITE) = 0 [pid 5086] clone(child_stack=0x7fdd90d743f0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tid=[2], tls=0x7fdd90d74700, child_tidptr=0x7fdd90d749d0) = 2 [pid 5086] ioctl(3, HCIDEVUP./strace-static-x86_64: Process 5089 attached [pid 5089] set_robust_list(0x7fdd90d749e0, 24) = 0 [pid 5089] read(202, "\x01\x03\x0c\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x03\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x03\x10\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x03\x10", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x01\x10\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x01\x10", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x09\x10\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x0a", iov_len=2}, {iov_base="\x01\x09\x10", iov_len=3}, {iov_base="\x00\xaa\xaa\xaa\xaa\xaa\xaa", iov_len=7}], 4) = 13 [pid 5089] read(202, "\x01\x05\x10\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x0b", iov_len=2}, {iov_base="\x01\x05\x10", iov_len=3}, {iov_base="\x00\xfd\x03\x60\x04\x00\x06\x00", iov_len=8}], 4) = 14 [pid 5089] read(202, "\x01\x23\x0c\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x23\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x14\x0c\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x14\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x25\x0c\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x25\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x38\x0c\x00", 1024) = 4 syzkaller login: [ 81.215899][ T5088] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.224768][ T5088] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.233417][ T5088] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.243692][ T5088] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.252500][ T5088] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x38\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x39\x0c\x00", 1024) = 4 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x39\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, "\x01\x16\x0c\x02\x00\x7d", 1024) = 6 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\xfc", iov_len=2}, {iov_base="\x01\x16\x0c", iov_len=3}, {iov_base="\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=249}], 4) = 255 [pid 5089] read(202, [pid 5086] <... ioctl resumed>, 0) = -1 EALREADY (Operation already in progress) [pid 5086] ioctl(3, HCISETSCAN [pid 5089] <... read resumed>"\x01\x1a\x0c\x01\x02", 1024) = 5 [pid 5089] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x0e\x04", iov_len=2}, {iov_base="\x01\x1a\x0c", iov_len=3}, {iov_base="\x00", iov_len=1}], 4) = 7 [pid 5086] <... ioctl resumed>, 0x7ffc287c58ec) = 0 [pid 5086] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x04\x0a", iov_len=2}, {iov_base="\xaa\xaa\xaa\xaa\xaa\x10\x00\x00\x00\x01", iov_len=10}], 3 [pid 5089] madvise(0x7fdd90574000, 8372224, MADV_DONTNEED [pid 5086] <... writev resumed>) = 13 [pid 5086] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x03\x0b", iov_len=2}, {iov_base="\x00\xc8\x00\xaa\xaa\xaa\xaa\xaa\x10\x01\x00", iov_len=11}], 3) = 14 [pid 5086] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\v\v", iov_len=2}, {iov_base="\x00\xc8\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=11}], 3) = 14 [pid 5086] writev(202, [{iov_base="\x04", iov_len=1}, {iov_base="\x3e\x13", iov_len=2}, {iov_base="\x01\x00\xc9\x00\x01\x00\xaa\xaa\xaa\xaa\xaa\x11\x00\x00\x00\x00\x00\x00\x00", iov_len=19}], 3) = 22 [pid 5086] futex(0x7fdd90d749d0, FUTEX_WAIT, 2, NULL [pid 5089] <... madvise resumed>) = 0 [pid 5089] exit(0) = ? [pid 5089] +++ exited with 0 +++ [pid 5086] <... futex resumed>) = 0 [pid 5086] close(3) = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] setsid() = 1 [pid 5086] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5086] dup2(3, 201) = 201 [pid 5086] close(3) = 0 [pid 5086] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 5086] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 5086] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 5086] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 5086] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 5086] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 5086] unshare(CLONE_NEWNS) = 0 [pid 5086] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 5086] unshare(CLONE_NEWIPC) = 0 [pid 5086] unshare(CLONE_NEWCGROUP) = 0 [pid 5086] unshare(CLONE_NEWUTS) = 0 [pid 5086] unshare(CLONE_SYSVSEM) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "16777216", 8) = 8 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "536870912", 9) = 9 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1024", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "8192", 4) = 4 [ 81.261127][ T5088] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1024", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1024", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1024 1048576 500 1024", 21) = 21 [pid 5086] close(3) = 0 [pid 5086] getpid() = 1 [pid 5086] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [pid 5086] kill(-3, SIGKILL [pid 5091] <... connect resumed>) = ? [pid 5086] <... kill resumed>) = 0 [pid 5091] +++ killed by SIGKILL +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=3, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] kill(3, SIGKILL) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570e95d0) = 4 ./strace-static-x86_64: Process 5092 attached [pid 5092] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] write(3, "1000", 4) = 4 [pid 5092] close(3) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5092] setns(201, 0) = 0 [pid 5092] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5092] setns(3, 0) = 0 [pid 5092] close(3) = 0 [pid 5092] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5092] dup2(4, 3) = 3 [ 87.508598][ T5088] Bluetooth: hci0: command 0x040f tx timeout [ 89.588684][ T5088] Bluetooth: hci0: command 0x0419 tx timeout [pid 5092] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-4, SIGKILL) = 0 [pid 5092] <... connect resumed>) = ? [pid 5092] +++ killed by SIGKILL +++ [pid 5086] kill(4, SIGKILL) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=4, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5093 attached , child_tidptr=0x5555570e95d0) = 5 [pid 5093] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] setpgid(0, 0) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5093] write(3, "1000", 4) = 4 [pid 5093] close(3) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5093] setns(201, 0) = 0 [pid 5093] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5093] setns(3, 0) = 0 [pid 5093] close(3) = 0 [pid 5093] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5093] dup2(4, 3) = 3 [ 91.668605][ T5088] Bluetooth: hci0: command 0x0405 tx timeout [ 91.750633][ T756] cfg80211: failed to load regulatory.db [pid 5093] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-5, SIGKILL [pid 5093] <... connect resumed>) = ? [pid 5086] <... kill resumed>) = 0 [pid 5093] +++ killed by SIGKILL +++ [pid 5086] kill(5, SIGKILL) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=5, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5096 attached , child_tidptr=0x5555570e95d0) = 6 [pid 5096] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5096] setpgid(0, 0) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5096] setns(201, 0) = 0 [pid 5096] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5096] setns(3, 0) = 0 [pid 5096] close(3) = 0 [pid 5096] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5096] dup2(4, 3) = 3 [pid 5096] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-6, SIGKILL) = 0 [pid 5096] <... connect resumed>) = ? [pid 5096] +++ killed by SIGKILL +++ [pid 5086] kill(6, SIGKILL) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=6, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570e95d0) = 7 ./strace-static-x86_64: Process 5099 attached [pid 5099] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5099] setpgid(0, 0) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5099] write(3, "1000", 4) = 4 [pid 5099] close(3) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5099] setns(201, 0) = 0 [pid 5099] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5099] setns(3, 0) = 0 [pid 5099] close(3) = 0 [pid 5099] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5099] dup2(4, 3) = 3 [pid 5099] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-7, SIGKILL [pid 5099] <... connect resumed>) = ? [pid 5086] <... kill resumed>) = 0 [pid 5099] +++ killed by SIGKILL +++ [pid 5086] kill(7, SIGKILL) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=7, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5101 attached , child_tidptr=0x5555570e95d0) = 8 [pid 5101] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5101] setpgid(0, 0) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5101] write(3, "1000", 4) = 4 [pid 5101] close(3) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5101] setns(201, 0) = 0 [pid 5101] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5101] setns(3, 0) = 0 [pid 5101] close(3) = 0 [pid 5101] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5101] dup2(4, 3) = 3 [pid 5101] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-8, SIGKILL [pid 5101] <... connect resumed>) = ? [pid 5086] <... kill resumed>) = 0 [pid 5086] kill(8, SIGKILL [pid 5101] +++ killed by SIGKILL +++ [pid 5086] <... kill resumed>) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=8, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555570e95d0) = 9 ./strace-static-x86_64: Process 5104 attached [pid 5104] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5104] setns(201, 0) = 0 [pid 5104] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5104] setns(3, 0) = 0 [pid 5104] close(3) = 0 [pid 5104] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5104] dup2(4, 3) = 3 [pid 5104] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-9, SIGKILL) = 0 [pid 5086] kill(9, SIGKILL) = 0 [pid 5104] <... connect resumed>) = ? [pid 5104] +++ killed by SIGKILL +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=9, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5110 attached , child_tidptr=0x5555570e95d0) = 10 [pid 5110] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5110] setns(201, 0) = 0 [pid 5110] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5110] setns(3, 0) = 0 [pid 5110] close(3) = 0 [pid 5110] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5110] dup2(4, 3) = 3 [pid 5110] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-10, SIGKILL [pid 5110] <... connect resumed>) = ? [pid 5086] <... kill resumed>) = 0 [pid 5110] +++ killed by SIGKILL +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=10, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] kill(10, SIGKILL) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5115 attached , child_tidptr=0x5555570e95d0) = 11 [pid 5115] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5115] setpgid(0, 0) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5115] write(3, "1000", 4) = 4 [pid 5115] close(3) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5115] setns(201, 0) = 0 [pid 5115] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5115] setns(3, 0) = 0 [pid 5115] close(3) = 0 [pid 5115] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5115] dup2(4, 3) = 3 [pid 5115] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10) = -1 ECONNREFUSED (Connection refused) [pid 5115] getsockopt(-1, SOL_IPV6, IPV6_FLOWLABEL_MGR, 0x20000100, NULL) = -1 EBADF (Bad file descriptor) [pid 5115] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 5 [pid 5115] setns(201, 0) = 0 [pid 5115] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 6 [pid 5115] setns(5, 0) = 0 [pid 5115] close(5) = 0 [ 121.844391][ T5115] [ 121.846784][ T5115] ====================================================== [ 121.853815][ T5115] WARNING: possible circular locking dependency detected [ 121.860845][ T5115] 6.3.0-rc4-next-20230330-syzkaller #0 Not tainted [ 121.867353][ T5115] ------------------------------------------------------ [ 121.874383][ T5115] syz-executor363/5115 is trying to acquire lock: [ 121.880807][ T5115] ffffffff8e357cc8 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_dlc_exists+0x58/0x190 [ 121.890068][ T5115] [ 121.890068][ T5115] but task is already holding lock: [ 121.897439][ T5115] ffffffff8e35cc88 (rfcomm_ioctl_mutex){+.+.}-{3:3}, at: rfcomm_dev_ioctl+0x8a2/0x1c00 [ 121.907128][ T5115] [ 121.907128][ T5115] which lock already depends on the new lock. [ 121.907128][ T5115] [ 121.917530][ T5115] [ 121.917530][ T5115] the existing dependency chain (in reverse order) is: [ 121.926561][ T5115] [ 121.926561][ T5115] -> #3 (rfcomm_ioctl_mutex){+.+.}-{3:3}: [ 121.934491][ T5115] __mutex_lock+0x12f/0x1350 [ 121.939624][ T5115] rfcomm_dev_ioctl+0x8a2/0x1c00 [ 121.945099][ T5115] rfcomm_sock_ioctl+0xb7/0xe0 [ 121.950419][ T5115] sock_do_ioctl+0xcc/0x230 [ 121.955583][ T5115] sock_ioctl+0x1f8/0x680 [ 121.960460][ T5115] __x64_sys_ioctl+0x197/0x210 [ 121.965771][ T5115] do_syscall_64+0x39/0xb0 [ 121.970734][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 121.977181][ T5115] [ 121.977181][ T5115] -> #2 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}: [ 121.986584][ T5115] lock_sock_nested+0x3a/0xf0 [ 121.991814][ T5115] rfcomm_sk_state_change+0x6d/0x3a0 [ 121.997668][ T5115] __rfcomm_dlc_close+0x1b1/0x890 [ 122.003255][ T5115] rfcomm_dlc_close+0x1e9/0x240 [ 122.008697][ T5115] __rfcomm_sock_close+0x17a/0x2f0 [ 122.014354][ T5115] rfcomm_sock_shutdown+0xd8/0x230 [ 122.020006][ T5115] rfcomm_sock_release+0x68/0x140 [ 122.025577][ T5115] __sock_release+0xcd/0x290 [ 122.030718][ T5115] sock_close+0x1c/0x20 [ 122.035450][ T5115] __fput+0x27c/0xa90 [ 122.039973][ T5115] task_work_run+0x16f/0x270 [ 122.045295][ T5115] do_exit+0xb0d/0x29f0 [ 122.049990][ T5115] do_group_exit+0xd4/0x2a0 [ 122.055031][ T5115] get_signal+0x2315/0x25b0 [ 122.060074][ T5115] arch_do_signal_or_restart+0x79/0x5c0 [ 122.066252][ T5115] exit_to_user_mode_prepare+0x11f/0x240 [ 122.072452][ T5115] syscall_exit_to_user_mode+0x1d/0x50 [ 122.078451][ T5115] do_syscall_64+0x46/0xb0 [ 122.083420][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.089871][ T5115] [ 122.089871][ T5115] -> #1 (&d->lock){+.+.}-{3:3}: [ 122.096950][ T5115] __mutex_lock+0x12f/0x1350 [ 122.102095][ T5115] __rfcomm_dlc_close+0x15d/0x890 [ 122.107706][ T5115] rfcomm_dlc_close+0x1e9/0x240 [ 122.113119][ T5115] __rfcomm_sock_close+0x17a/0x2f0 [ 122.118870][ T5115] rfcomm_sock_shutdown+0xd8/0x230 [ 122.124527][ T5115] rfcomm_sock_release+0x68/0x140 [ 122.130096][ T5115] __sock_release+0xcd/0x290 [ 122.135226][ T5115] sock_close+0x1c/0x20 [ 122.139930][ T5115] __fput+0x27c/0xa90 [ 122.144443][ T5115] task_work_run+0x16f/0x270 [ 122.149586][ T5115] do_exit+0xb0d/0x29f0 [ 122.154276][ T5115] do_group_exit+0xd4/0x2a0 [ 122.159313][ T5115] get_signal+0x2315/0x25b0 [ 122.164359][ T5115] arch_do_signal_or_restart+0x79/0x5c0 [ 122.170547][ T5115] exit_to_user_mode_prepare+0x11f/0x240 [ 122.176738][ T5115] syscall_exit_to_user_mode+0x1d/0x50 [ 122.182744][ T5115] do_syscall_64+0x46/0xb0 [ 122.187821][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.194257][ T5115] [ 122.194257][ T5115] -> #0 (rfcomm_mutex){+.+.}-{3:3}: [ 122.201677][ T5115] __lock_acquire+0x2f21/0x5df0 [ 122.207081][ T5115] lock_acquire.part.0+0x11c/0x370 [ 122.212752][ T5115] __mutex_lock+0x12f/0x1350 [ 122.217880][ T5115] rfcomm_dlc_exists+0x58/0x190 [ 122.223283][ T5115] rfcomm_dev_ioctl+0x966/0x1c00 [ 122.228758][ T5115] rfcomm_sock_ioctl+0xb7/0xe0 [ 122.234084][ T5115] sock_do_ioctl+0xcc/0x230 [ 122.239139][ T5115] sock_ioctl+0x1f8/0x680 [ 122.244014][ T5115] __x64_sys_ioctl+0x197/0x210 [ 122.249323][ T5115] do_syscall_64+0x39/0xb0 [ 122.254284][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.260808][ T5115] [ 122.260808][ T5115] other info that might help us debug this: [ 122.260808][ T5115] [ 122.271041][ T5115] Chain exists of: [ 122.271041][ T5115] rfcomm_mutex --> sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM --> rfcomm_ioctl_mutex [ 122.271041][ T5115] [ 122.285919][ T5115] Possible unsafe locking scenario: [ 122.285919][ T5115] [ 122.293373][ T5115] CPU0 CPU1 [ 122.298746][ T5115] ---- ---- [ 122.304113][ T5115] lock(rfcomm_ioctl_mutex); [ 122.308807][ T5115] lock(sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM); [ 122.317496][ T5115] lock(rfcomm_ioctl_mutex); [ 122.324735][ T5115] lock(rfcomm_mutex); [ 122.328903][ T5115] [ 122.328903][ T5115] *** DEADLOCK *** [ 122.328903][ T5115] [ 122.337052][ T5115] 2 locks held by syz-executor363/5115: [ 122.342612][ T5115] #0: ffff888146eb7130 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sock_ioctl+0xaa/0xe0 [ 122.354070][ T5115] #1: ffffffff8e35cc88 (rfcomm_ioctl_mutex){+.+.}-{3:3}, at: rfcomm_dev_ioctl+0x8a2/0x1c00 [ 122.364203][ T5115] [ 122.364203][ T5115] stack backtrace: [ 122.370109][ T5115] CPU: 0 PID: 5115 Comm: syz-executor363 Not tainted 6.3.0-rc4-next-20230330-syzkaller #0 [ 122.380101][ T5115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 [ 122.390178][ T5115] Call Trace: [ 122.393466][ T5115] [ 122.396418][ T5115] dump_stack_lvl+0xd9/0x150 [ 122.401049][ T5115] check_noncircular+0x25f/0x2e0 [ 122.406015][ T5115] ? print_circular_bug+0x730/0x730 [ 122.411238][ T5115] ? is_bpf_text_address+0x9d/0x1b0 [ 122.416455][ T5115] ? kernel_text_address+0x3d/0x80 [ 122.421608][ T5115] ? unwind_get_return_address+0x55/0xa0 [ 122.427266][ T5115] ? write_profile+0x450/0x450 [ 122.432067][ T5115] ? arch_stack_walk+0x97/0xf0 [ 122.436855][ T5115] __lock_acquire+0x2f21/0x5df0 [ 122.441737][ T5115] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 122.447743][ T5115] ? save_trace+0x3f/0xb20 [ 122.452184][ T5115] ? _find_first_zero_bit+0x94/0xb0 [ 122.457410][ T5115] lock_acquire.part.0+0x11c/0x370 [ 122.462589][ T5115] ? rfcomm_dlc_exists+0x58/0x190 [ 122.467675][ T5115] ? lock_sync+0x190/0x190 [ 122.472115][ T5115] ? rcu_is_watching+0x12/0xb0 [ 122.476914][ T5115] ? trace_lock_acquire+0x12d/0x180 [ 122.482135][ T5115] ? rfcomm_dlc_exists+0x58/0x190 [ 122.487212][ T5115] ? lock_acquire+0x32/0xc0 [ 122.491737][ T5115] ? rfcomm_dlc_exists+0x58/0x190 [ 122.496812][ T5115] __mutex_lock+0x12f/0x1350 [ 122.501445][ T5115] ? rfcomm_dlc_exists+0x58/0x190 [ 122.506520][ T5115] ? rfcomm_dlc_exists+0x58/0x190 [ 122.511576][ T5115] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 122.517162][ T5115] ? __might_fault+0xe2/0x190 [ 122.521880][ T5115] ? lock_downgrade+0x690/0x690 [ 122.526756][ T5115] ? trace_lock_acquire+0x12d/0x180 [ 122.531981][ T5115] ? apparmor_capable+0x1dc/0x460 [ 122.537129][ T5115] rfcomm_dlc_exists+0x58/0x190 [ 122.542027][ T5115] rfcomm_dev_ioctl+0x966/0x1c00 [ 122.546987][ T5115] ? rfcomm_dev_state_change+0x170/0x170 [ 122.552728][ T5115] ? lock_downgrade+0x690/0x690 [ 122.557606][ T5115] ? mark_held_locks+0x9f/0xe0 [ 122.562402][ T5115] ? __local_bh_enable_ip+0xa4/0x130 [ 122.567894][ T5115] rfcomm_sock_ioctl+0xb7/0xe0 [ 122.572706][ T5115] sock_do_ioctl+0xcc/0x230 [ 122.577256][ T5115] ? get_user_ifreq+0x250/0x250 [ 122.582140][ T5115] ? vfs_fileattr_set+0xc40/0xc40 [ 122.587198][ T5115] sock_ioctl+0x1f8/0x680 [ 122.591554][ T5115] ? br_ioctl_call+0xb0/0xb0 [ 122.596170][ T5115] ? lock_downgrade+0x690/0x690 [ 122.601059][ T5115] ? bpf_lsm_file_ioctl+0x9/0x10 [ 122.606038][ T5115] ? br_ioctl_call+0xb0/0xb0 [ 122.610673][ T5115] __x64_sys_ioctl+0x197/0x210 [ 122.615464][ T5115] do_syscall_64+0x39/0xb0 [ 122.619908][ T5115] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.625833][ T5115] RIP: 0033:0x7fdd90dc3379 [ 122.630274][ T5115] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 122.649984][ T5115] RSP: 002b:00007ffc287c58b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 122.658414][ T5115] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdd90dc3379 [ 122.666483][ T5115] RDX: 0000000020000100 RSI: 00000000400452c8 RDI: 0000000000000006 [ 122.674486][ T5115] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007ffc287c58e8 [ 122.682469][ T5115] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc287c5900 [pid 5115] ioctl(6, RFCOMMCREATEDEV, 0x20000100) = 0 [pid 5115] close(3) = 0 [pid 5115] close(4) = 0 [pid 5115] close(5) = -1 EBADF (Bad file descriptor) [pid 5115] close(6) = 0 [pid 5115] close(7) = -1 EBADF (Bad file descriptor) [pid 5115] close(8) = -1 EBADF (Bad file descriptor) [pid 5115] close(9) = -1 EBADF (Bad file descriptor) [pid 5115] close(10) = -1 EBADF (Bad file descriptor) [pid 5115] close(11) = -1 EBADF (Bad file descriptor) [pid 5115] close(12) = -1 EBADF (Bad file descriptor) [pid 5115] close(13) = -1 EBADF (Bad file descriptor) [pid 5115] close(14) = -1 EBADF (Bad file descriptor) [pid 5115] close(15) = -1 EBADF (Bad file descriptor) [pid 5115] close(16) = -1 EBADF (Bad file descriptor) [pid 5115] close(17) = -1 EBADF (Bad file descriptor) [pid 5115] close(18) = -1 EBADF (Bad file descriptor) [pid 5115] close(19) = -1 EBADF (Bad file descriptor) [pid 5115] close(20) = -1 EBADF (Bad file descriptor) [pid 5115] close(21) = -1 EBADF (Bad file descriptor) [pid 5115] close(22) = -1 EBADF (Bad file descriptor) [pid 5115] close(23) = -1 EBADF (Bad file descriptor) [pid 5115] close(24) = -1 EBADF (Bad file descriptor) [pid 5115] close(25) = -1 EBADF (Bad file descriptor) [pid 5115] close(26) = -1 EBADF (Bad file descriptor) [pid 5115] close(27) = -1 EBADF (Bad file descriptor) [pid 5115] close(28) = -1 EBADF (Bad file descriptor) [pid 5115] close(29) = -1 EBADF (Bad file descriptor) [pid 5115] exit_group(0) = ? [pid 5115] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=11, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5116 attached , child_tidptr=0x5555570e95d0) = 12 [pid 5116] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] setpgid(0, 0) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5116] write(3, "1000", 4) = 4 [pid 5116] close(3) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5116] setns(201, 0) = 0 [pid 5116] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5116] setns(3, 0) = 0 [pid 5116] close(3) = 0 [pid 5116] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5116] dup2(4, 3) = 3 [ 122.690454][ T5115] R13: 00007ffc287c5910 R14: 000000000001c039 R15: 00007ffc287c58d0 [ 122.698444][ T5115] [pid 5116] connect(3, {sa_family=AF_BLUETOOTH, rc_bdaddr=aa:aa:aa:aa:aa:00, rc_channel=4}, 10 [pid 5086] kill(-12, SIGKILL) = 0 [pid 5086] kill(12, SIGKILL) = 0 [pid 5116] <... connect resumed>) = ? [pid 5116] +++ killed by SIGKILL +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=12, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [pid 5086] restart_syscall(<... resuming interrupted kill ...>) = 0 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5117 attached , child_tidptr=0x5555570e95d0) = 13 [pid 5117] set_robust_list(0x5555570e95e0, 24) = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5117] setpgid(0, 0) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5117] write(3, "1000", 4) = 4 [pid 5117] close(3) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/ns/net", O_RDONLY) = 3 [pid 5117] setns(201, 0) = 0 [pid 5117] socket(AF_BLUETOOTH, SOCK_STREAM, BTPROTO_RFCOMM) = 4 [pid 5117] setns(3, 0) = 0 [pid 5117] close(3) = 0 [pid 5117] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 [pid 5117] dup2(4, 3) = 3