INFO: task kworker/0:2:27995 blocked for more than 143 seconds. Not tainted 5.16.0-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:kworker/0:2 state:D stack:27280 pid:27995 ppid: 2 flags:0x00004000 Workqueue: usb_hub_wq hub_event Call Trace: context_switch kernel/sched/core.c:4972 [inline] __schedule+0xa9a/0x4900 kernel/sched/core.c:6253 schedule+0xd2/0x260 kernel/sched/core.c:6326 usb_kill_urb.part.0+0x19a/0x220 drivers/usb/core/urb.c:720 usb_kill_urb+0x7f/0xa0 drivers/usb/core/urb.c:715 usb_start_wait_urb+0x24a/0x4c0 drivers/usb/core/message.c:64 usb_internal_control_msg drivers/usb/core/message.c:102 [inline] usb_control_msg+0x31c/0x4a0 drivers/usb/core/message.c:153 usb_get_descriptor+0xdd/0x1d0 drivers/usb/core/message.c:793 usb_get_device_descriptor+0x81/0xf0 drivers/usb/core/message.c:1071 hub_port_init+0x971/0x2e80 drivers/usb/core/hub.c:4922 hub_port_connect drivers/usb/core/hub.c:5282 [inline] hub_port_connect_change drivers/usb/core/hub.c:5497 [inline] port_event drivers/usb/core/hub.c:5643 [inline] hub_event+0x21ea/0x4460 drivers/usb/core/hub.c:5725 process_one_work+0x9ac/0x1650 kernel/workqueue.c:2307 worker_thread+0x657/0x1110 kernel/workqueue.c:2454 kthread+0x405/0x4f0 kernel/kthread.c:327 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 Showing all locks held in the system: 1 lock held by khungtaskd/27: #0: ffffffff8bb81e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6458 1 lock held by khugepaged/33: 2 locks held by getty/3290: #0: ffff88814af6b098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:252 #1: ffffc90002b8e2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xcf0/0x1230 drivers/tty/n_tty.c:2113 3 locks held by kworker/u4:40/13121: 3 locks held by kworker/0:5/22009: #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:631 [inline] #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:658 [inline] #0: ffff888010c67d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x890/0x1650 kernel/workqueue.c:2278 #1: ffffc900110efdb0 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x8c4/0x1650 kernel/workqueue.c:2282 #2: ffffffff8bb8ba28 (rcu_state.exp_mutex){+.+.}-{3:3}, at: exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline] #2: ffffffff8bb8ba28 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4fa/0x620 kernel/rcu/tree_exp.h:840 5 locks held by kworker/0:2/27995: #0: ffff8881421f1138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff8881421f1138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff8881421f1138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff8881421f1138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:631 [inline] #0: ffff8881421f1138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:658 [inline] #0: ffff8881421f1138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x890/0x1650 kernel/workqueue.c:2278 #1: ffffc90011d3fdb0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8c4/0x1650 kernel/workqueue.c:2282 #2: ffff888147d7b220 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:760 [inline] #2: ffff888147d7b220 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c1/0x4460 drivers/usb/core/hub.c:5671 #3: ffff888147d825c8 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3086 [inline] #3: ffff888147d825c8 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5249 [inline] #3: ffff888147d825c8 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5497 [inline] #3: ffff888147d825c8 (&port_dev->status_lock){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5643 [inline] #3: ffff888147d825c8 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x1e17/0x4460 drivers/usb/core/hub.c:5725 #4: ffff88801f7b3d68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5250 [inline] #4: ffff88801f7b3d68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5497 [inline] #4: ffff88801f7b3d68 (hcd->address0_mutex){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5643 [inline] #4: ffff88801f7b3d68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x1e40/0x4460 drivers/usb/core/hub.c:5725 2 locks held by kworker/0:1/27221: #0: ffff888010c76538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888010c76538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888010c76538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff888010c76538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:631 [inline] #0: ffff888010c76538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:658 [inline] #0: ffff888010c76538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x890/0x1650 kernel/workqueue.c:2278 #1: ffffc900123a7db0 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x8c4/0x1650 kernel/workqueue.c:2282 4 locks held by syz-executor.1/31214: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880acb628a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880acb628a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880acb628a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808e7218e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808e7218e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808e7218e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31295: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31296: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803d5f99e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803d5f99e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803d5f99e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880b58428a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880b58428a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880b58428a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31303: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31305: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31316: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31317: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888097a82128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888097a82128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888097a82128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808f3bb228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808f3bb228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808f3bb228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31318: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888076fc68e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888076fc68e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888076fc68e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808e940128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808e940128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808e940128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31319: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888098ed31a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888098ed31a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888098ed31a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807e81d928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807e81d928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807e81d928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31320: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31321: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807e855928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807e855928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807e855928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802f5de268 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802f5de268 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802f5de268 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31322: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88809092e1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88809092e1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88809092e1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880951f28e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880951f28e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880951f28e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31323: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888032a8c8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888032a8c8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888032a8c8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88803ca0f2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88803ca0f2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88803ca0f2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31324: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31325: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88802f2ac228 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88802f2ac228 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88802f2ac228 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807449f8e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807449f8e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807449f8e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31326: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888014dcf128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888014dcf128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888014dcf128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801cfa81e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801cfa81e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801cfa81e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31328: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31329: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807bba9868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807bba9868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807bba9868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888098ca5968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888098ca5968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888098ca5968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31330: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31331: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88802e46f9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88802e46f9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88802e46f9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880b2b8c128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880b2b8c128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880b2b8c128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31332: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31334: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31336: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31337: 4 locks held by syz-executor.1/31338: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807270a9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807270a9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807270a9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888030ddc868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888030ddc868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888030ddc868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31340: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808d1b61e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808d1b61e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808d1b61e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88809ffa9228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88809ffa9228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88809ffa9228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31341: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888078390968 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888078390968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888078390968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888076b5f868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888076b5f868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888076b5f868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31342: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808c89f2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808c89f2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808c89f2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808cc509a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808cc509a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808cc509a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31360: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808d70a9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808d70a9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808d70a9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880a58769e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880a58769e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880a58769e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31362: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807fbf29e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807fbf29e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807fbf29e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801a9a7828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801a9a7828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801a9a7828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31363: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888021596128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888021596128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888021596128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802c54c1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802c54c1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802c54c1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31364: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31366: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31361: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31372: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88809303a968 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88809303a968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88809303a968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808d149228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808d149228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808d149228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31373: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888030d948a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888030d948a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888030d948a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880aef9d9e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880aef9d9e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880aef9d9e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31374: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808d5db1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808d5db1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808d5db1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807f27f1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807f27f1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807f27f1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31377: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888030850228 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888030850228 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888030850228 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807dbb7168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807dbb7168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807dbb7168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31379: #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31380: #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31381: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31382: #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31383: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888071d7a828 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888071d7a828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888071d7a828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888078601228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888078601228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888078601228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31385: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31386: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807ed011e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807ed011e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807ed011e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801a9a7128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801a9a7128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801a9a7128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31387: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31388: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880a413b868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880a413b868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880a413b868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880abb612a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880abb612a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880abb612a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31390: 4 locks held by syz-executor.1/31391: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88801dd11868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88801dd11868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88801dd11868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801f6e4968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801f6e4968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801f6e4968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31392: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31393: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31394: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31395: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880b2abe1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880b2abe1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880b2abe1a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808ec79228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808ec79228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808ec79228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31396: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31397: #0: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31398: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803df45128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803df45128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803df45128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807b168128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807b168128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807b168128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31399: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888079c0a8a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888079c0a8a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888079c0a8a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888030563828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888030563828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888030563828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31400: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888075336928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888075336928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888075336928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880abab9868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880abab9868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880abab9868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31402: #0: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888097fcf578 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31403: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31406: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880365b8968 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880365b8968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880365b8968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801dfbd868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801dfbd868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801dfbd868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31407: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31408: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31409: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888029e4c868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888029e4c868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888029e4c868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801ab749a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801ab749a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801ab749a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31410: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880286e0928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880286e0928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880286e0928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888079efc8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888079efc8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888079efc8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31411: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880933eb828 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880933eb828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880933eb828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802b0e8128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802b0e8128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802b0e8128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31412: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31413: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880313c49e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880313c49e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880313c49e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888097d53228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888097d53228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888097d53228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31414: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31415: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88801e390868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88801e390868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88801e390868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888073e529e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888073e529e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888073e529e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31416: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803e33e9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803e33e9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803e33e9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880114d4688 (&memcg->move_lock){..-.}-{2:2}, at: folio_memcg_lock+0x129/0x3e0 mm/memcontrol.c:2020 #3: ffffffff906aed80 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x12e/0x3e0 lib/debugobjects.c:661 4 locks held by syz-executor.1/31417: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880a1276268 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880a1276268 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880a1276268 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888073fdd9e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888073fdd9e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888073fdd9e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31418: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888076c7b2a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888076c7b2a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888076c7b2a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802956c828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802956c828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802956c828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31419: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31420: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31421: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31423: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880986b52e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880986b52e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880986b52e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880951e7828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880951e7828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880951e7828 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31424: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88802e97b9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88802e97b9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88802e97b9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888030c372e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888030c372e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888030c372e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31425: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31426: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888096dba2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888096dba2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888096dba2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880969042a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880969042a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880969042a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31427: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31432: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88809666e8a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88809666e8a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88809666e8a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888031c7d968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888031c7d968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888031c7d968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31434: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31435: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880aae7d168 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880aae7d168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880aae7d168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807c1241a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807c1241a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807c1241a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31453: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31454: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31477: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31478: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31479: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31480: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880726068a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880726068a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880726068a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808ccf81a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808ccf81a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808ccf81a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31481: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880333b09a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880333b09a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880333b09a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88809675d9a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88809675d9a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88809675d9a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 3 locks held by syz-executor.1/31482: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 #1: ffff8880b9c39d58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2b/0x120 kernel/sched/core.c:478 #2: ffff8880b9c279c8 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3a6/0x490 kernel/sched/psi.c:880 3 locks held by syz-executor.1/31483: 1 lock held by syz-executor.1/31485: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31486: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808e5828a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808e5828a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808e5828a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802e2d22e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802e2d22e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802e2d22e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31487: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31488: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31489: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31490: 1 lock held by syz-executor.1/31491: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31492: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888032a042a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888032a042a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888032a042a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880b54812e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880b54812e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880b54812e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31493: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31494: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31495: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808eb611a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808eb611a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808eb611a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880b54819e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880b54819e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880b54819e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31496: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888095b5d9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888095b5d9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888095b5d9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888030653168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888030653168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888030653168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31497: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31499: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31500: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807a93c2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807a93c2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807a93c2e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807e98e8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807e98e8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807e98e8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31501: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880966bf828 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880966bf828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880966bf828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888075e6f2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888075e6f2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888075e6f2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31502: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31503: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31504: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807c022968 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807c022968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807c022968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880901ad1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880901ad1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880901ad1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31505: #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31506: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807716d828 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807716d828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807716d828 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807700f2a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] ffff88807700f2a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] ffff88807700f2a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31507: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880763498e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880763498e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880763498e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802ebce268 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802ebce268 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802ebce268 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31509: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880a5488268 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880a5488268 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880a5488268 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888032b952a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888032b952a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888032b952a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31510: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31511: 1 lock held by syz-executor.1/31512: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31513: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803e8f8868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803e8f8868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803e8f8868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888030be22a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888030be22a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888030be22a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31514: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 3 locks held by syz-executor.1/31515: 4 locks held by syz-executor.1/31516: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880746e99a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880746e99a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880746e99a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888078b34228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888078b34228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888078b34228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31517: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880b58bb8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880b58bb8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880b58bb8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880951f21e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880951f21e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880951f21e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31518: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888073c0a8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888073c0a8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888073c0a8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888077c12228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888077c12228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888077c12228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 3 locks held by syz-executor.1/31521: 4 locks held by syz-executor.1/31522: 4 locks held by syz-executor.1/31523: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888090b071e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888090b071e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888090b071e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880328ad2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880328ad2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880328ad2e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31524: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88802e0592e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88802e0592e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88802e0592e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808ca612a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808ca612a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808ca612a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31525: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808ce372a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808ce372a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808ce372a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88803dad1168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88803dad1168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88803dad1168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 3 locks held by syz-executor.1/31526: 1 lock held by syz-executor.1/31527: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31528: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31529: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 3 locks held by syz-executor.1/31530: 3 locks held by syz-executor.1/31531: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888076b6d928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888076b6d928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888076b6d928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888028ffd168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888028ffd168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888028ffd168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 1 lock held by syz-executor.1/31533: #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31534: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31535: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888076e77128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888076e77128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888076e77128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802cd421e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802cd421e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802cd421e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31536: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888099498928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888099498928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888099498928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807693f968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807693f968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807693f968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31537: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31538: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31540: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808d55b168 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808d55b168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808d55b168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802f9db8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802f9db8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802f9db8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31541: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31542: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888029401868 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888029401868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888029401868 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888025956928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888025956928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888025956928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31544: #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31545: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880242172a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880242172a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880242172a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88809013e168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88809013e168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88809013e168 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880a06a0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31546: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888031bc4128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888031bc4128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888031bc4128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888017d869a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888017d869a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888017d869a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31547: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31548: #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31549: #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31550: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888030b47128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888030b47128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888030b47128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802956d128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802956d128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802956d128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31551: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888090ce12a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888090ce12a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888090ce12a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807d1f78a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807d1f78a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807d1f78a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31552: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31555: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803e0d0928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803e0d0928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803e0d0928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808e868868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808e868868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808e868868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888072441778 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31553: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808ebf32a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808ebf32a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808ebf32a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880933eb128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880933eb128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880933eb128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31556: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880a4e70928 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880a4e70928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880a4e70928 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888091d039a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888091d039a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888091d039a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31557: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31558: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff888074e61168 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff888074e61168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff888074e61168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801b8df968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801b8df968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801b8df968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31559: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31560: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31562: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808ebf4968 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808ebf4968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808ebf4968 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88809257f8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88809257f8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88809257f8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31563: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880965e78e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880965e78e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880965e78e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801e11e1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801e11e1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801e11e1a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 2 locks held by syz-executor.1/31564: #0: ffff8880a511c0e0 (&type->s_umount_key#21/1){+.+.}-{3:3}, at: alloc_super+0x1dd/0xac0 fs/super.c:229 #1: ffffffff8bc6c3f0 (shrinker_rwsem){++++}-{3:3}, at: prealloc_memcg_shrinker mm/vmscan.c:359 [inline] #1: ffffffff8bc6c3f0 (shrinker_rwsem){++++}-{3:3}, at: prealloc_shrinker+0x13d/0x7c0 mm/vmscan.c:620 1 lock held by syz-executor.1/31566: #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff88807592b878 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31568: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88802ba602a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88802ba602a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88802ba602a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88803175e8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88803175e8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88803175e8a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31569: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880b57b71a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880b57b71a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880b57b71a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880313182e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880313182e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880313182e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31570: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808ebe59e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808ebe59e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808ebe59e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802e0599e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802e0599e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802e0599e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31571: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88801927a9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88801927a9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88801927a9e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88808e565928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88808e565928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88808e565928 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31572: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88801ef5f128 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88801ef5f128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88801ef5f128 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880a57009a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880a57009a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880a57009a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31573: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88801934a8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88801934a8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88801934a8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802e4198e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802e4198e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802e4198e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31574: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88807e855228 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88807e855228 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88807e855228 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff8880a3bef2a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff8880a3bef2a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff8880a3bef2a8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31575: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88809143d8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88809143d8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88809143d8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88807f19e968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88807f19e968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88807f19e968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 4 locks held by syz-executor.1/31577: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff8880905ac168 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff8880905ac168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff8880905ac168 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88809996e1e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88809996e1e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88809996e1e8 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31578: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31579: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31580: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31581: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 1 lock held by syz-executor.1/31582: #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff8880991f0a78 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31583: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803169e9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803169e9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803169e9a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802a317968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802a317968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802a317968 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 5 locks held by syz-executor.1/31576: 4 locks held by syz-executor.1/31584: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88803e0642a8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88803e0642a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88803e0642a8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88801d37d228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88801d37d228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88801d37d228 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31586: #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #0: ffff888076d1d478 (&anon_vma->rwsem){++++}-{3:3}, at: unlink_anon_vmas+0x1fc/0x860 mm/rmap.c:402 4 locks held by syz-executor.1/31587: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88802b7308e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88802b7308e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88802b7308e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff888027f77128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff888027f77128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff888027f77128 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803dd1ac78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 3 locks held by syz-executor.1/31588: 4 locks held by syz-executor.1/31589: #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mmap kernel/fork.c:497 [inline] #0: ffffffff8bc56ad0 (dup_mmap_sem){++++}-{0:0}, at: dup_mm+0x108/0x13e0 kernel/fork.c:1450 #1: ffff88808f91b8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: mmap_write_lock_killable include/linux/mmap_lock.h:87 [inline] #1: ffff88808f91b8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mmap kernel/fork.c:498 [inline] #1: ffff88808f91b8e8 (&mm->mmap_lock#2){++++}-{3:3}, at: dup_mm+0x12e/0x13e0 kernel/fork.c:1450 #2: ffff88802cc6a868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: mmap_write_lock_nested include/linux/mmap_lock.h:78 [inline] #2: ffff88802cc6a868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mmap kernel/fork.c:507 [inline] #2: ffff88802cc6a868 (&mm->mmap_lock/1){+.+.}-{3:3}, at: dup_mm+0x18a/0x13e0 kernel/fork.c:1450 #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: lock_anon_vma_root mm/rmap.c:246 [inline] #3: ffff88803193df78 (&anon_vma->rwsem){++++}-{3:3}, at: anon_vma_clone+0x145/0x5f0 mm/rmap.c:292 1 lock held by syz-executor.1/31590: