INFO: task syz-executor.1:6156 blocked for more than 143 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D29088 6156 6147 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6259 blocked for more than 144 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28792 6259 6227 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6298 blocked for more than 144 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28792 6298 6165 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6382 blocked for more than 145 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28760 6382 6255 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6390 blocked for more than 145 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D29088 6390 6241 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6468 blocked for more than 146 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28792 6468 6306 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.4:6495 blocked for more than 147 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29304 6495 6487 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: 16df360d8f834c80 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.4:6527 blocked for more than 147 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D29304 6527 6504 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: 16df360d8f834c80 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6537 blocked for more than 148 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28792 6537 6166 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff INFO: task syz-executor.1:6561 blocked for more than 148 seconds. Not tainted 5.1.0-rc7+ #96 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D28792 6561 6211 0x00000000 Call Trace: context_switch kernel/sched/core.c:2877 [inline] __schedule+0x813/0x1cc0 kernel/sched/core.c:3518 schedule+0x92/0x180 kernel/sched/core.c:3562 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline] rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117 __down_write arch/x86/include/asm/rwsem.h:142 [inline] down_write+0x53/0x90 kernel/locking/rwsem.c:72 i_mmap_lock_write include/linux/fs.h:516 [inline] dup_mmap kernel/fork.c:552 [inline] dup_mm kernel/fork.c:1319 [inline] copy_mm kernel/fork.c:1374 [inline] copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 copy_process kernel/fork.c:1709 [inline] _do_fork+0x257/0xfd0 kernel/fork.c:2226 __do_sys_clone kernel/fork.c:2333 [inline] __se_sys_clone kernel/fork.c:2327 [inline] __x64_sys_clone+0xbf/0x150 kernel/fork.c:2327 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x2000008a Code: Bad RIP value. RSP: 002b:00000000000004f0 EFLAGS: 00000287 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 000000002000008a RDX: a58e1cddc89c0376 RSI: 00000000000004f0 RDI: 0000000000000003 RBP: 00000000000000f8 R08: 0000000000000005 R09: 0000000000000006 R10: 0000000000000007 R11: 0000000000000287 R12: 000000000000000b R13: 000000000000000c R14: 000000000000000d R15: 00000000ffffffff Showing all locks held in the system: 1 lock held by init/1: #0: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 2 locks held by kworker/u4:0/7: #0: 000000004ec2d73c (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1168 [inline] #0: 000000004ec2d73c (&rq->lock){-.-.}, at: __schedule+0x1f8/0x1cc0 kernel/sched/core.c:3456 #1: 0000000010347997 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}, at: psi_dequeue kernel/sched/stats.h:100 [inline] #1: 0000000010347997 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}, at: dequeue_task kernel/sched/core.c:783 [inline] #1: 0000000010347997 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}, at: deactivate_task+0x2c4/0x3e0 kernel/sched/core.c:802 1 lock held by khungtaskd/1043: #0: 00000000708fa0d4 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e kernel/locking/lockdep.c:5057 1 lock held by kcompactd0/1047: #0: 00000000e967b6f6 (&anon_vma->rwsem){++++}, at: anon_vma_lock_read include/linux/rmap.h:130 [inline] #0: 00000000e967b6f6 (&anon_vma->rwsem){++++}, at: page_lock_anon_vma_read+0x420/0x6b0 mm/rmap.c:549 2 locks held by kswapd0/1554: #0: 00000000865781af (fs_reclaim){+.+.}, at: __fs_reclaim_acquire+0x0/0x30 mm/page_alloc.c:4722 #1: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: i_mmap_lock_read include/linux/fs.h:526 [inline] #1: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: rmap_walk_file+0x6e1/0xd20 mm/rmap.c:1875 4 locks held by rs:main Q:Reg/7455: #0: 00000000d8e6033e (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:801 #1: 000000009844a77e (sb_writers#3){.+.+}, at: file_start_write include/linux/fs.h:2825 [inline] #1: 000000009844a77e (sb_writers#3){.+.+}, at: vfs_write+0x429/0x580 fs/read_write.c:548 #2: 000000001abcc634 (&sb->s_type->i_mutex_key#10){+.+.}, at: inode_trylock include/linux/fs.h:792 [inline] #2: 000000001abcc634 (&sb->s_type->i_mutex_key#10){+.+.}, at: ext4_file_write_iter+0x257/0x11c0 fs/ext4/file.c:232 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 2 locks held by rsyslogd/7458: #0: 00000000e3bc8232 (&mm->mmap_sem){++++}, at: do_user_addr_fault arch/x86/mm/fault.c:1416 [inline] #0: 00000000e3bc8232 (&mm->mmap_sem){++++}, at: __do_page_fault+0x337/0xda0 arch/x86/mm/fault.c:1541 #1: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 1 lock held by cron/7497: #0: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 2 locks held by getty/7569: #0: 000000000ce00d0c (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000396d8412 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7570: #0: 00000000a827088b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 000000005c3b6c11 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7571: #0: 00000000eb4de5a5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000020d606c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7572: #0: 0000000051057c92 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 0000000009a9e42f (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7573: #0: 0000000058143699 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000bc868e1a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7574: #0: 000000009a99e0ea (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 00000000fa54931a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by getty/7575: #0: 000000001696b4f4 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341 #1: 000000001a05b1f0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156 2 locks held by syz-fuzzer/7604: #0: 0000000092d39a63 (&mm->mmap_sem){++++}, at: do_user_addr_fault arch/x86/mm/fault.c:1416 [inline] #0: 0000000092d39a63 (&mm->mmap_sem){++++}, at: __do_page_fault+0x337/0xda0 arch/x86/mm/fault.c:1541 #1: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 1 lock held by syz-executor.1/7652: #0: 0000000067e1d892 (&mapping->i_mmap_rwsem){++++}, at: i_mmap_lock_write include/linux/fs.h:516 [inline] #0: 0000000067e1d892 (&mapping->i_mmap_rwsem){++++}, at: unlink_file_vma+0x76/0xb0 mm/mmap.c:167 3 locks held by syz-executor.1/7653: #0: 00000000af52a0d6 (&mm->mmap_sem){++++}, at: do_user_addr_fault arch/x86/mm/fault.c:1416 [inline] #0: 00000000af52a0d6 (&mm->mmap_sem){++++}, at: __do_page_fault+0x337/0xda0 arch/x86/mm/fault.c:1541 #1: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 #2: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: i_mmap_lock_read include/linux/fs.h:526 [inline] #2: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: rmap_walk_file+0x6e1/0xd20 mm/rmap.c:1875 1 lock held by syz-executor.4/7659: #0: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: i_mmap_lock_write include/linux/fs.h:516 [inline] #0: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: unlink_file_vma+0x76/0xb0 mm/mmap.c:167 2 locks held by syz-executor.3/16439: #0: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 #1: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: i_mmap_lock_read include/linux/fs.h:526 [inline] #1: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: rmap_walk_file+0x6e1/0xd20 mm/rmap.c:1875 5 locks held by syz-executor.1/6101: 5 locks held by syz-executor.1/6108: 4 locks held by syz-executor.1/6111: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000bf739073 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000bf739073 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000bf739073 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000bf739073 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000d05b0734 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000d05b0734 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000d05b0734 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000d05b0734 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6117: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000b1d96058 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000b1d96058 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000b1d96058 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000b1d96058 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000dd8e62d4 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000dd8e62d4 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000dd8e62d4 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000dd8e62d4 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6121: 1 lock held by syz-executor.1/6124: 6 locks held by syz-executor.1/6126: 4 locks held by syz-executor.1/6130: 4 locks held by syz-executor.1/6131: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000e9653be2 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000e9653be2 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000e9653be2 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000e9653be2 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000c626e7ef (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000c626e7ef (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000c626e7ef (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000c626e7ef (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6132: 4 locks held by syz-executor.1/6139: 4 locks held by syz-executor.1/6140: 5 locks held by syz-executor.1/6141: 4 locks held by syz-executor.1/6147: 6 locks held by syz-executor.1/6149: 4 locks held by syz-executor.1/6152: 4 locks held by syz-executor.1/6154: 4 locks held by syz-executor.1/6155: 4 locks held by syz-executor.1/6156: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 000000002787111d (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 000000002787111d (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 000000002787111d (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 000000002787111d (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000b0308c9a (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000b0308c9a (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000b0308c9a (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000b0308c9a (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: i_mmap_lock_write include/linux/fs.h:516 [inline] #3: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: dup_mmap kernel/fork.c:552 [inline] #3: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #3: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #3: 00000000f120e5b0 (&mapping->i_mmap_rwsem){++++}, at: copy_process.part.0+0x30bf/0x7980 kernel/fork.c:1916 6 locks held by syz-executor.1/6158: 4 locks held by syz-executor.1/6159: 5 locks held by syz-executor.1/6160: 5 locks held by syz-executor.1/6161: 4 locks held by syz-executor.1/6162: 4 locks held by syz-executor.1/6163: 4 locks held by syz-executor.1/6164: 4 locks held by syz-executor.1/6165: 4 locks held by syz-executor.1/6166: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000cbc60647 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000cbc60647 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000cbc60647 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000cbc60647 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 000000007ae528e0 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 000000007ae528e0 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 000000007ae528e0 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 000000007ae528e0 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6167: 4 locks held by syz-executor.1/6168: 4 locks held by syz-executor.1/6170: 4 locks held by syz-executor.1/6171: 5 locks held by syz-executor.1/6172: 4 locks held by syz-executor.1/6173: 4 locks held by syz-executor.1/6174: 5 locks held by syz-executor.1/6175: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000d5dc595f (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000d5dc595f (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000d5dc595f (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000d5dc595f (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000b6cb5062 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000b6cb5062 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000b6cb5062 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000b6cb5062 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 #4: 000000004ca1c4a4 (&rq->lock){-.-.}, at: rq_lock kernel/sched/sched.h:1168 [inline] #4: 000000004ca1c4a4 (&rq->lock){-.-.}, at: __schedule+0x1f8/0x1cc0 kernel/sched/core.c:3456 4 locks held by syz-executor.1/6176: 4 locks held by syz-executor.1/6177: 6 locks held by syz-executor.1/6178: 6 locks held by syz-executor.1/6179: 4 locks held by syz-executor.1/6180: 4 locks held by syz-executor.1/6181: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 0000000019682b4f (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 0000000019682b4f (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 0000000019682b4f (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 0000000019682b4f (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000359111a8 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000359111a8 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000359111a8 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000359111a8 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6182: 4 locks held by syz-executor.1/6183: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000d2d002b4 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000d2d002b4 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000d2d002b4 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000d2d002b4 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000dbcfa209 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000dbcfa209 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000dbcfa209 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000dbcfa209 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6184: 4 locks held by syz-executor.1/6185: 4 locks held by syz-executor.1/6186: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 0000000063e35a5d (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 0000000063e35a5d (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 0000000063e35a5d (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 0000000063e35a5d (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000925eb26c (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000925eb26c (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000925eb26c (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000925eb26c (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6187: 6 locks held by syz-executor.1/6188: 4 locks held by syz-executor.1/6189: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000b404f618 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000b404f618 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000b404f618 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000b404f618 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000475784d2 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000475784d2 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000475784d2 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000475784d2 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 6 locks held by syz-executor.1/6190: 4 locks held by syz-executor.1/6191: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 0000000009490370 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 0000000009490370 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 0000000009490370 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 0000000009490370 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000ad4c389c (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000ad4c389c (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000ad4c389c (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000ad4c389c (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6192: 4 locks held by syz-executor.1/6193: 6 locks held by syz-executor.1/6194: 4 locks held by syz-executor.1/6195: 5 locks held by syz-executor.1/6196: 4 locks held by syz-executor.1/6197: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 000000004c6a55aa (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 000000004c6a55aa (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 000000004c6a55aa (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 000000004c6a55aa (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000a3cd3136 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000a3cd3136 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000a3cd3136 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000a3cd3136 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6198: 4 locks held by syz-executor.1/6199: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 0000000030a0d4a1 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 0000000030a0d4a1 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 0000000030a0d4a1 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 0000000030a0d4a1 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 0000000018d6b47b (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 0000000018d6b47b (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 0000000018d6b47b (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 0000000018d6b47b (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 5 locks held by syz-executor.1/6200: 4 locks held by syz-executor.1/6201: 6 locks held by syz-executor.1/6202: 5 locks held by syz-executor.1/6203: 4 locks held by syz-executor.1/6205: 4 locks held by syz-executor.1/6206: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 000000000599e88a (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 000000000599e88a (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 000000000599e88a (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 000000000599e88a (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 000000000010d87e (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 000000000010d87e (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 000000000010d87e (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 000000000010d87e (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 6 locks held by syz-executor.1/6207: 4 locks held by syz-executor.1/6208: 4 locks held by syz-executor.1/6209: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000e5584dd5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000e5584dd5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000e5584dd5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000e5584dd5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 000000004fe1578a (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 000000004fe1578a (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 000000004fe1578a (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 000000004fe1578a (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 0000000052925a7a (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 0000000052925a7a (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x143/0x480 mm/rmap.c:278 4 locks held by syz-executor.1/6210: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000f304bb15 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000f304bb15 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000f304bb15 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000f304bb15 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 000000003c8f6e2b (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 000000003c8f6e2b (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 000000003c8f6e2b (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 000000003c8f6e2b (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6211: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 000000009a80e3d5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 000000009a80e3d5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 000000009a80e3d5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 000000009a80e3d5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000ae263c69 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000ae263c69 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000ae263c69 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000ae263c69 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 6 locks held by syz-executor.1/6212: 4 locks held by syz-executor.1/6213: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 0000000020b0ff90 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 0000000020b0ff90 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 0000000020b0ff90 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 0000000020b0ff90 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 0000000050716d60 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 0000000050716d60 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 0000000050716d60 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 0000000050716d60 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 1 lock held by syz-executor.1/6214: 5 locks held by syz-executor.1/6215: 4 locks held by syz-executor.1/6216: 4 locks held by syz-executor.1/6217: 5 locks held by syz-executor.1/6218: 4 locks held by syz-executor.1/6219: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000c7103a2b (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000c7103a2b (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000c7103a2b (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000c7103a2b (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 000000007a827c79 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 000000007a827c79 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 000000007a827c79 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 000000007a827c79 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6220: 4 locks held by syz-executor.1/6221: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000dcc3d629 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000dcc3d629 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000dcc3d629 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000dcc3d629 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 000000009de1d1d1 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 000000009de1d1d1 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 000000009de1d1d1 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 000000009de1d1d1 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6222: 4 locks held by syz-executor.1/6223: 4 locks held by syz-executor.1/6224: 4 locks held by syz-executor.1/6225: 6 locks held by syz-executor.1/6226: 4 locks held by syz-executor.1/6227: #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mmap kernel/fork.c:471 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: dup_mm kernel/fork.c:1319 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_mm kernel/fork.c:1374 [inline] #0: 000000005b547f06 (&dup_mmap_sem){.+.+}, at: copy_process.part.0+0x2b94/0x7980 kernel/fork.c:1916 #1: 00000000949feaf1 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:472 [inline] #1: 00000000949feaf1 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1319 [inline] #1: 00000000949feaf1 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1374 [inline] #1: 00000000949feaf1 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bb0/0x7980 kernel/fork.c:1916 #2: 00000000f7dfec63 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:481 [inline] #2: 00000000f7dfec63 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1319 [inline] #2: 00000000f7dfec63 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1374 [inline] #2: 00000000f7dfec63 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2bfd/0x7980 kernel/fork.c:1916 #3: 00000000865781af (fs_reclaim){+.+.}, at: fs_reclaim_acquire.part.0+0x0/0x30 include/linux/mm.h:1034 4 locks held by syz-executor.1/6228: 5 locks held by syz-executor.1/6229: