audit: type=1400 audit(1556851829.709:515576): avc: denied { net_admin } for pid=28679 comm="syz-executor.1" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1556851829.709:515577): avc: denied { net_admin } for pid=28966 comm="syz-executor.1" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 INFO: task init:5700 blocked for more than 140 seconds. Not tainted 4.9.141+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. init D28848 5700 1 0x00000000 ffff880163ba2f80 ffff8801d03b7380 ffff88017019f900 ffff8801d0c297c0 ffff8801db721018 ffff8801cb07f580 ffffffff828075c2 ffff880163ba3830 000000000000015c 0000000000000000 0000000000000000 ffff8801db7218f0 Call Trace: [] schedule+0x7f/0x1b0 kernel/sched/core.c:3553 [] schedule_timeout+0x735/0xe20 kernel/time/timer.c:1771 [] __down_common kernel/locking/semaphore.c:221 [inline] [] __down+0x191/0x2b0 kernel/locking/semaphore.c:238 [] down+0x5e/0x80 kernel/locking/semaphore.c:61 [] console_lock+0x2c/0x80 kernel/printk/printk.c:2217 [] console_device+0x1c/0xc0 kernel/printk/printk.c:2554 [] tty_lookup_driver drivers/tty/tty_io.c:2008 [inline] [] tty_open_by_driver drivers/tty/tty_io.c:2053 [inline] [] tty_open+0x6f5/0xdf0 drivers/tty/tty_io.c:2130 [] chrdev_open+0x22d/0x5c0 fs/char_dev.c:392 [] do_dentry_open+0x3ef/0xc90 fs/open.c:766 [] vfs_open+0x11c/0x210 fs/open.c:879 [] do_last fs/namei.c:3410 [inline] [] path_openat+0x542/0x2790 fs/namei.c:3534 [] do_filp_open+0x197/0x270 fs/namei.c:3568 [] do_sys_open+0x30d/0x5c0 fs/open.c:1072 [] SYSC_open fs/open.c:1090 [inline] [] SyS_open+0x2d/0x40 fs/open.c:1085 [] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Showing all locks held in the system: 2 locks held by kworker/u4:0/6: #0: ("events_unbound"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((&sub_info->work)){+.+.+.}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 2 locks held by khungtaskd/24: #0: (rcu_read_lock){......}, at: [] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline] #0: (rcu_read_lock){......}, at: [] watchdog+0x11c/0xa20 kernel/hung_task.c:239 #1: (tasklist_lock){.+.+..}, at: [] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336 1 lock held by rsyslogd/1909: #0: (&f->f_pos_lock){+.+.+.}, at: [] __fdget_pos+0xac/0xd0 fs/file.c:781 2 locks held by getty/2036: #0: (&tty->ldisc_sem){++++++}, at: [] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367 #1: (&ldata->atomic_read_lock){+.+.+.}, at: [] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142 2 locks held by kworker/u4:2/2113: #0: ("events_unbound"){.+.+.+}, at: [] process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085 #1: ((&sub_info->work)){+.+.+.}, at: [] process_one_work+0x774/0x15f0 kernel/workqueue.c:2089 1 lock held by init/5700: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/5725: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/5726: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/5737: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/5739: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 1 lock held by init/5922: #0: (tty_mutex){+.+.+.}, at: [] tty_open_by_driver drivers/tty/tty_io.c:2052 [inline] #0: (tty_mutex){+.+.+.}, at: [] tty_open+0x476/0xdf0 drivers/tty/tty_io.c:2130 4 locks held by syz-executor.1/22380: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/23013: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/24812: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/24888: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/25550: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/26925: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/27294: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/27304: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/27307: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/27403: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/27402: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/27928: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28026: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28058: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28062: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28130: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28151: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28158: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28175: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28210: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28212: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28214: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28240: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28252: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28342: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_process.part.8+0x3db0/0x6a10 kernel/fork.c:1692 #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mmap kernel/fork.c:583 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] dup_mm kernel/fork.c:1156 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_mm kernel/fork.c:1210 [inline] #2: (&mm->mmap_sem/1){+.+.+.}, at: [] copy_process.part.8+0x3df9/0x6a10 kernel/fork.c:1692 #3: (&anon_vma->rwsem){++++..}, at: [] lock_anon_vma_root mm/rmap.c:235 [inline] #3: (&anon_vma->rwsem){++++..}, at: [] anon_vma_clone+0x143/0x4b0 mm/rmap.c:275 4 locks held by syz-executor.1/28349: #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mmap kernel/fork.c:573 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] dup_mm kernel/fork.c:1156 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_mm kernel/fork.c:1210 [inline] #0: (&dup_mmap_sem){.+.+.+}, at: [] copy_process.part.8+0x3d95/0x6a10 kernel/fork.c:1692 #1: (&mm->mmap_sem){++++++}, at: [] dup_mmap kernel/fork.c:574 [inline] #1: (&mm->mmap_sem){++++++}, at: [] dup_mm kernel/fork.c:1156 [inline] #1: (&mm->mmap_sem){++++++}, at: [] copy_mm kernel/fork.c:1210 [inline] #1: (&mm->mmap_sem){++++++}, at: [