audit: type=1800 audit(1641214149.893:208): pid=24294 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=14933 res=0 ieee802154 phy0 wpan0: encryption failed: -22 ieee802154 phy1 wpan1: encryption failed: -22 INFO: task syz-fuzzer:8107 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-fuzzer D26272 8107 8102 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205 RIP: 0033:0x41500e Code: Bad RIP value. RSP: 002b:000000c032510ef0 EFLAGS: 00010206 RAX: 00007fc4af253800 RBX: 0000000000000001 RCX: 00007fc4b7bb1cb8 RDX: 000000002b7d1940 RSI: 000000000020300f RDI: 00007fc4af99ffff RBP: 000000c032510f60 R08: 0000000000002000 R09: 0000000000000000 R10: 00007fc4b7bb1cb8 R11: 0000000000001d6c R12: 0000000000000000 R13: 0000000000000040 R14: 0000000000000200 R15: 0000000000000200 INFO: task syz-fuzzer:8111 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-fuzzer D26400 8111 8102 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205 RIP: 0033:0x551a8b Code: Bad RIP value. RSP: 002b:000000c000d2b988 EFLAGS: 00010246 RAX: 000000c012a221a0 RBX: 0000000000000000 RCX: 000000c00030af00 RDX: 0000000000551a60 RSI: 000000000054c4e0 RDI: 000000c000d2bb60 RBP: 000000c000d2b9a0 R08: 00007fc4af96d7c9 R09: 000000000020300f R10: 0000000000000002 R11: 0000000000000011 R12: 00000000000000f1 R13: 0000000000000000 R14: 00000000008dd202 R15: 0000000000000000 Showing all locks held in the system: 2 locks held by kworker/0:0/5: 3 locks held by kworker/u4:3/971: 1 lock held by khungtaskd/1570: #0: 0000000004b60282 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 1 lock held by khugepaged/1577: 1 lock held by in:imklog/7812: #0: 000000006a314c56 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767 1 lock held by syz-fuzzer/8107: #0: 00000000627d51de (&mm->mmap_sem){++++}, at: __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348 1 lock held by syz-fuzzer/8111: #0: 00000000627d51de (&mm->mmap_sem){++++}, at: __do_page_fault+0x97f/0xd60 arch/x86/mm/fault.c:1348 1 lock held by syz-executor.0/23063: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23064: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23065: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23067: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000bcae6312 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000bcae6312 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000bcae6312 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000bcae6312 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000000ac352cf (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000000ac352cf (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000000ac352cf (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000000ac352cf (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23069: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23071: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23073: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23074: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23078: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23082: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23086: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23087: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000004350e843 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000004350e843 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000004350e843 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000004350e843 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000037759bbe (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000037759bbe (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000037759bbe (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000037759bbe (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23089: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23091: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000cfa0d225 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000cfa0d225 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000cfa0d225 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000cfa0d225 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000090c96f3 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000090c96f3 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000090c96f3 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000090c96f3 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23092: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23096: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23097: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23098: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23100: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000002b254a1a (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000002b254a1a (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000002b254a1a (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000002b254a1a (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000fa64fbb3 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000fa64fbb3 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000fa64fbb3 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000fa64fbb3 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23102: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23104: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23105: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23106: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23107: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23108: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000dcae1874 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000dcae1874 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000dcae1874 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000dcae1874 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000004b3f847f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000004b3f847f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000004b3f847f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000004b3f847f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23110: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23111: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23112: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23113: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23114: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23115: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23117: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000017b386ae (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000017b386ae (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000017b386ae (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000017b386ae (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000f65a40fd (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000f65a40fd (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000f65a40fd (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000f65a40fd (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23118: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23119: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23121: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23122: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23123: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23125: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23127: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000090a1bbe4 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000090a1bbe4 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000090a1bbe4 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000090a1bbe4 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000d6b4e931 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000d6b4e931 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000d6b4e931 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000d6b4e931 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23128: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23129: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23130: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23132: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23133: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23134: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23135: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23136: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23137: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23139: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23141: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23142: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23143: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23144: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23145: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000f9b05d9d (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000f9b05d9d (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000f9b05d9d (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000f9b05d9d (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000cb5377a1 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000cb5377a1 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000cb5377a1 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000cb5377a1 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23146: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23147: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23148: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23150: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23151: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23152: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23153: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23154: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23155: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23156: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23157: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23158: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000006e12d619 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000006e12d619 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000006e12d619 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000006e12d619 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000b5b59af7 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000b5b59af7 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000b5b59af7 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000b5b59af7 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23160: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23161: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23162: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23163: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23164: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23165: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000eb78a2d9 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000eb78a2d9 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000eb78a2d9 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000eb78a2d9 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000f532ff95 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000f532ff95 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000f532ff95 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000f532ff95 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23166: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23167: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23168: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23169: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23171: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23172: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23173: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23174: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23175: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23176: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23177: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23178: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23179: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23180: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23181: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23183: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23184: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23185: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23186: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23187: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23188: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23189: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23190: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23191: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23192: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23193: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23195: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23196: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23200: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000002edca99e (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000002edca99e (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000002edca99e (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000002edca99e (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000129cfb35 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000129cfb35 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000129cfb35 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000129cfb35 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23201: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23202: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23203: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23204: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23205: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23206: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23207: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000092571bd (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000092571bd (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000092571bd (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000092571bd (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000001d5b83f8 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000001d5b83f8 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000001d5b83f8 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000001d5b83f8 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23208: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23209: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23211: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23212: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23213: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23214: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23215: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23216: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23217: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23218: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23219: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23220: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b4770c9e (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b4770c9e (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b4770c9e (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b4770c9e (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000017180a49 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000017180a49 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000017180a49 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000017180a49 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23221: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23223: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000fb68d277 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000fb68d277 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000fb68d277 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000fb68d277 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000de4e8e45 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000de4e8e45 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000de4e8e45 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000de4e8e45 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23224: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23225: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23227: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23182: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23231: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000aa29942c (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000aa29942c (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000aa29942c (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000aa29942c (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000841987d2 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000841987d2 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000841987d2 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000841987d2 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23232: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23235: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23236: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23237: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23239: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23240: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23241: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23242: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23243: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23244: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23245: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23246: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23247: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23248: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 3 locks held by syz-executor.0/23249: 4 locks held by syz-executor.0/23251: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000795580bd (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000795580bd (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000795580bd (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000795580bd (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000d2928bce (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000d2928bce (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000d2928bce (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000d2928bce (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23252: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23254: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23256: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23257: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23261: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23282: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000f3ce0623 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000f3ce0623 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000f3ce0623 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000f3ce0623 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000095c211f4 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000095c211f4 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000095c211f4 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000095c211f4 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23283: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000a0e188c5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000a0e188c5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000a0e188c5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000a0e188c5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000009d7a4aa4 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000009d7a4aa4 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000009d7a4aa4 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000009d7a4aa4 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23284: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23285: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000073977b1f (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000073977b1f (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000073977b1f (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000073977b1f (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000128888ce (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000128888ce (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000128888ce (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000128888ce (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23286: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23287: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23288: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23289: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23290: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23291: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000f604220b (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000f604220b (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000f604220b (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000f604220b (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000382c1428 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000382c1428 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000382c1428 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000382c1428 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23292: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23293: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23294: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23296: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23297: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23298: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23300: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c8438274 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c8438274 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c8438274 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c8438274 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000045fdfff2 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000045fdfff2 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000045fdfff2 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000045fdfff2 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23302: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23303: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23304: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23305: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23306: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23309: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23312: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23313: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23314: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23315: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23316: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23317: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23318: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23319: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23321: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23322: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23323: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23320: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23324: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23325: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23326: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23327: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23335: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23336: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23337: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23338: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23339: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23340: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23341: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23342: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23343: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23345: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23346: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23347: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23348: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23349: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23350: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000001ed8addb (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000001ed8addb (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000001ed8addb (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000001ed8addb (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000003384d135 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000003384d135 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000003384d135 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000003384d135 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 0000000096a2b834 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 0000000096a2b834 (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23351: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23352: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23353: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23354: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23355: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23356: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23358: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23359: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000069058841 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000069058841 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000069058841 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000069058841 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000008e5a8838 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000008e5a8838 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000008e5a8838 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000008e5a8838 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23357: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23360: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23362: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23363: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23364: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23365: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23366: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23367: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23368: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000001cd3204 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000001cd3204 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000001cd3204 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000001cd3204 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000fb9ddb6b (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000fb9ddb6b (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000fb9ddb6b (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000fb9ddb6b (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23369: #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000dff8d862 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23370: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23371: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23372: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23374: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23375: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23377: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000dc892b16 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000dc892b16 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000dc892b16 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000dc892b16 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000a5bc99d1 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000a5bc99d1 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000a5bc99d1 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000a5bc99d1 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23378: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23379: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23380: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23381: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23382: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23383: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23384: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23373: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23385: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b2d7cb50 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b2d7cb50 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b2d7cb50 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b2d7cb50 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000ef8c7842 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000ef8c7842 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000ef8c7842 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000ef8c7842 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23376: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23386: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23387: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23388: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23389: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23390: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23391: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23392: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000eb1008e5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000eb1008e5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000eb1008e5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000eb1008e5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000007ee72612 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000007ee72612 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000007ee72612 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000007ee72612 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23393: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23394: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23395: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23396: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000edab954f (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000edab954f (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000edab954f (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000edab954f (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000f8d7ab4e (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000f8d7ab4e (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000f8d7ab4e (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000f8d7ab4e (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23397: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000ac3b1890 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000ac3b1890 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000ac3b1890 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000ac3b1890 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000004053648d (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000004053648d (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000004053648d (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000004053648d (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23398: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000003b0ed973 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000003b0ed973 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000003b0ed973 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000003b0ed973 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000f64775dc (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000f64775dc (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000f64775dc (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000f64775dc (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23399: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23400: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23401: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000003353e9d5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000003353e9d5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000003353e9d5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000003353e9d5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000089dae0af (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000089dae0af (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000089dae0af (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000089dae0af (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23402: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23403: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23404: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000006fd22c66 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000006fd22c66 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000006fd22c66 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000006fd22c66 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000008c4c088f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000008c4c088f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000008c4c088f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000008c4c088f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23406: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23407: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23408: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23409: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23410: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23411: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23415: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000008d163920 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000008d163920 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000008d163920 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000008d163920 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000023845b3 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000023845b3 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000023845b3 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000023845b3 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23416: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23417: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23418: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23419: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23420: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23421: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23423: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000006d060a3c (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000006d060a3c (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000006d060a3c (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000006d060a3c (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000060cee432 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000060cee432 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000060cee432 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000060cee432 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23424: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23425: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23426: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23427: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23428: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23429: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23430: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23431: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23432: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23433: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b9bd9986 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b9bd9986 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b9bd9986 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b9bd9986 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000fdf9451f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000fdf9451f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000fdf9451f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000fdf9451f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23434: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000003d2c7212 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000003d2c7212 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000003d2c7212 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000003d2c7212 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000001643456f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000001643456f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000001643456f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000001643456f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23435: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23436: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000656a2a7b (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000656a2a7b (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000656a2a7b (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000656a2a7b (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000017a5d9bf (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000017a5d9bf (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000017a5d9bf (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000017a5d9bf (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23437: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000077f8e7ab (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000077f8e7ab (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000077f8e7ab (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000077f8e7ab (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000460c4e12 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000460c4e12 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000460c4e12 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000460c4e12 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23438: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23439: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23440: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000048d3d31b (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000048d3d31b (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000048d3d31b (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000048d3d31b (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000007e567f66 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000007e567f66 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000007e567f66 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000007e567f66 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23441: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000009153f782 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000009153f782 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000009153f782 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000009153f782 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000001c4470e (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000001c4470e (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000001c4470e (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000001c4470e (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23442: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23443: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23444: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000089bd2932 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000089bd2932 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000089bd2932 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000089bd2932 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000138ed2d8 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000138ed2d8 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000138ed2d8 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000138ed2d8 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23445: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000e11f4758 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000e11f4758 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000e11f4758 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000e11f4758 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000ceb8af24 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000ceb8af24 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000ceb8af24 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000ceb8af24 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23446: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23447: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23448: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000af220bc6 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000af220bc6 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000af220bc6 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000af220bc6 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000998b511f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000998b511f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000998b511f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000998b511f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23449: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000fc3eb6ec (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000fc3eb6ec (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000fc3eb6ec (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000fc3eb6ec (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000002892f068 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000002892f068 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000002892f068 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000002892f068 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23450: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23451: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23452: #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 00000000a3826610 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23453: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23454: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23456: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23460: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23462: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23463: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23464: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000066471c73 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000066471c73 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000066471c73 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000066471c73 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000079146728 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000079146728 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000079146728 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000079146728 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23465: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23466: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23467: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23468: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000250d5caa (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000250d5caa (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000250d5caa (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000250d5caa (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000665d8454 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000665d8454 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000665d8454 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000665d8454 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23469: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000cedbbb88 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000cedbbb88 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000cedbbb88 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000cedbbb88 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000a14f343f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000a14f343f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000a14f343f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000a14f343f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23470: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23471: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23472: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000005394239a (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000005394239a (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000005394239a (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000005394239a (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000176fe947 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000176fe947 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000176fe947 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000176fe947 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23473: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23474: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23475: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b2729d00 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b2729d00 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b2729d00 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b2729d00 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000004951b595 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000004951b595 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000004951b595 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000004951b595 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23476: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23477: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23478: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23479: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23480: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000079db2fd5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000079db2fd5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000079db2fd5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000079db2fd5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000006757e533 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000006757e533 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000006757e533 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000006757e533 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23481: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000005e013114 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000005e013114 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000005e013114 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000005e013114 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000000a44b740 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000000a44b740 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000000a44b740 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000000a44b740 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23482: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23483: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23484: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23485: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000082c7f026 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000082c7f026 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000082c7f026 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000082c7f026 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000045d06639 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000045d06639 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000045d06639 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000045d06639 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23486: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b8c9f9b6 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b8c9f9b6 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b8c9f9b6 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b8c9f9b6 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000038007b65 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000038007b65 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000038007b65 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000038007b65 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23487: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000001620cd81 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000001620cd81 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000001620cd81 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000001620cd81 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000fcd7d8b3 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000fcd7d8b3 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000fcd7d8b3 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000fcd7d8b3 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23488: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23489: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23490: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23491: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23492: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000abf4b729 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000abf4b729 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000abf4b729 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000abf4b729 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000016b699b9 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000016b699b9 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000016b699b9 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000016b699b9 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23493: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23494: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000085d12e04 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000085d12e04 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000085d12e04 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000085d12e04 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000834f01e0 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000834f01e0 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000834f01e0 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000834f01e0 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23495: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23496: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23497: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23498: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000f583c2ee (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000f583c2ee (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000f583c2ee (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000f583c2ee (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000002ea63197 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000002ea63197 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000002ea63197 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000002ea63197 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23499: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000020a553ed (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000020a553ed (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000020a553ed (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000020a553ed (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000eaab357d (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000eaab357d (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000eaab357d (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000eaab357d (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23500: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23501: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23502: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23503: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000feacabc7 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000feacabc7 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000feacabc7 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000feacabc7 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000000b84a41c (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000000b84a41c (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000000b84a41c (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000000b84a41c (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23504: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23505: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000cc6dd341 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000cc6dd341 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000cc6dd341 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000cc6dd341 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000ca97c84f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000ca97c84f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000ca97c84f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000ca97c84f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23506: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23507: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000001f289968 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000001f289968 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000001f289968 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000001f289968 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000005610c3f (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000005610c3f (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000005610c3f (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000005610c3f (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23508: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23509: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23510: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23511: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000ab713e95 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000ab713e95 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000ab713e95 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000ab713e95 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000026244594 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000026244594 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000026244594 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000026244594 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23512: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23513: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23514: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c616cb5d (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c616cb5d (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c616cb5d (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c616cb5d (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000008cbbdbd7 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000008cbbdbd7 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000008cbbdbd7 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000008cbbdbd7 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23515: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23516: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23517: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23518: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23519: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23520: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23521: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000f0303a5e (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000f0303a5e (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000f0303a5e (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000f0303a5e (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000004587db24 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000004587db24 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000004587db24 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000004587db24 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23522: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b2eea41a (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b2eea41a (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b2eea41a (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b2eea41a (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000bc1d6573 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000bc1d6573 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000bc1d6573 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000bc1d6573 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23523: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000006778cd31 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000006778cd31 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000006778cd31 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000006778cd31 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000aa9deccb (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000aa9deccb (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000aa9deccb (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000aa9deccb (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23524: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000000bd9e95f (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000000bd9e95f (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000000bd9e95f (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000000bd9e95f (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000091528bc2 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000091528bc2 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000091528bc2 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000091528bc2 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23525: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23526: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000002c824808 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000002c824808 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000002c824808 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000002c824808 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000c973fa81 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000c973fa81 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000c973fa81 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000c973fa81 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23527: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23528: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23529: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23530: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23531: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000b22108b4 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000b22108b4 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000b22108b4 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000b22108b4 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000eb1e1af7 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000eb1e1af7 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000eb1e1af7 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000eb1e1af7 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23532: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000009f3922e5 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000009f3922e5 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000009f3922e5 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000009f3922e5 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000031b9f756 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000031b9f756 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000031b9f756 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000031b9f756 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23533: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000000419b0a0 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000000419b0a0 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000000419b0a0 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000000419b0a0 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000aea2144d (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000aea2144d (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000aea2144d (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000aea2144d (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23534: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23535: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c1a86d6a (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c1a86d6a (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c1a86d6a (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c1a86d6a (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000009d8045f7 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000009d8045f7 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000009d8045f7 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000009d8045f7 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23536: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23537: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23538: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000066406d64 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000066406d64 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000066406d64 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000066406d64 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000013b367cc (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000013b367cc (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000013b367cc (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000013b367cc (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23539: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23540: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000a2cb9cdf (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000a2cb9cdf (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000a2cb9cdf (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000a2cb9cdf (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000e29c231c (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000e29c231c (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000e29c231c (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000e29c231c (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23542: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23543: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23544: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23545: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000007f1f13f (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000007f1f13f (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000007f1f13f (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000007f1f13f (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000000214c348 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000000214c348 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000000214c348 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000000214c348 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23546: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23547: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000000ad887ba (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000000ad887ba (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000000ad887ba (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000000ad887ba (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000b5b54c23 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000b5b54c23 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000b5b54c23 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000b5b54c23 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23548: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23549: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23550: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23551: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23552: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23553: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23554: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23555: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23556: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23557: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23558: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23559: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23560: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000a9104bfc (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000a9104bfc (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000a9104bfc (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000a9104bfc (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000a69faef0 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000a69faef0 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000a69faef0 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000a69faef0 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000f652bf1b (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000f652bf1b (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23561: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23562: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c562dfca (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c562dfca (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c562dfca (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c562dfca (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000005ef1f60a (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000005ef1f60a (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000005ef1f60a (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000005ef1f60a (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23563: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000544a5309 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000544a5309 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000544a5309 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000544a5309 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000a25ed182 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000a25ed182 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000a25ed182 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000a25ed182 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23564: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23565: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000ddfdaa60 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000ddfdaa60 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000ddfdaa60 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000ddfdaa60 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000ef658b65 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000ef658b65 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000ef658b65 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000ef658b65 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23566: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23567: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000008fd5147 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000008fd5147 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000008fd5147 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000008fd5147 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000074c3012 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000074c3012 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000074c3012 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000074c3012 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23568: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23569: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23570: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23571: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c77f2dbf (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c77f2dbf (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c77f2dbf (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c77f2dbf (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000070a450ae (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000070a450ae (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000070a450ae (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000070a450ae (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23572: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23573: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23574: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23575: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23576: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23577: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23578: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23579: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000002e43d3b0 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000002e43d3b0 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000002e43d3b0 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000002e43d3b0 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000305e15a0 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000305e15a0 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000305e15a0 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000305e15a0 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23580: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23581: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23582: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23583: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000695b91f7 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000695b91f7 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000695b91f7 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000695b91f7 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000075d08767 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000075d08767 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000075d08767 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000075d08767 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23584: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23585: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23586: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23587: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23588: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23589: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23590: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000069914b3c (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000069914b3c (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000069914b3c (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000069914b3c (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000003bc36fe5 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000003bc36fe5 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000003bc36fe5 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000003bc36fe5 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23591: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23592: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000007e2e3603 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000007e2e3603 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000007e2e3603 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000007e2e3603 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000002e6cc2c5 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000002e6cc2c5 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000002e6cc2c5 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000002e6cc2c5 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23593: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23594: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000062af877a (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000062af877a (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000062af877a (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000062af877a (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000c81dda8d (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000c81dda8d (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000c81dda8d (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000c81dda8d (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23595: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23596: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23597: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23598: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23599: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000009a7ba4be (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000009a7ba4be (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000009a7ba4be (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000009a7ba4be (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000007923d177 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000007923d177 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000007923d177 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000007923d177 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23600: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23601: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000da917709 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000da917709 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000da917709 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000da917709 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 0000000035a5fb52 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 0000000035a5fb52 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 0000000035a5fb52 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 0000000035a5fb52 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23602: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23603: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23604: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 000000002aa59692 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 000000002aa59692 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 000000002aa59692 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 000000002aa59692 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000003211937e (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000003211937e (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000003211937e (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000003211937e (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23605: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23606: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c08c1517 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c08c1517 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c08c1517 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c08c1517 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000579f4d13 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000579f4d13 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000579f4d13 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000579f4d13 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23607: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23608: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000099bfd4ba (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000099bfd4ba (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000099bfd4ba (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000099bfd4ba (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000000af98e98 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000000af98e98 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000000af98e98 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000000af98e98 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23609: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000f3b9f0ea (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000f3b9f0ea (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000f3b9f0ea (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000f3b9f0ea (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000002ceac833 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000002ceac833 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000002ceac833 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000002ceac833 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 1 lock held by syz-executor.0/23610: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23611: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23612: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23613: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23614: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 1 lock held by syz-executor.0/23615: #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #0: 0000000001c05919 (&anon_vma->rwsem){++++}, at: unlink_anon_vmas+0x178/0x840 mm/rmap.c:388 4 locks held by syz-executor.0/23616: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 0000000090f9807d (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 0000000090f9807d (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 0000000090f9807d (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 0000000090f9807d (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000002a458331 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000002a458331 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000002a458331 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000002a458331 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23617: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000c5a1a4c4 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000c5a1a4c4 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000c5a1a4c4 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000c5a1a4c4 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 00000000f5b27f00 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 00000000f5b27f00 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 00000000f5b27f00 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 00000000f5b27f00 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000f652bf1b (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000f652bf1b (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23618: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913 #1: 00000000a0343021 (&mm->mmap_sem){++++}, at: dup_mmap kernel/fork.c:436 [inline] #1: 00000000a0343021 (&mm->mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #1: 00000000a0343021 (&mm->mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #1: 00000000a0343021 (&mm->mmap_sem){++++}, at: copy_process.part.0+0x2bcf/0x8260 kernel/fork.c:1913 #2: 000000000d7d57d7 (&mm->mmap_sem/1){+.+.}, at: dup_mmap kernel/fork.c:445 [inline] #2: 000000000d7d57d7 (&mm->mmap_sem/1){+.+.}, at: dup_mm kernel/fork.c:1285 [inline] #2: 000000000d7d57d7 (&mm->mmap_sem/1){+.+.}, at: copy_mm kernel/fork.c:1341 [inline] #2: 000000000d7d57d7 (&mm->mmap_sem/1){+.+.}, at: copy_process.part.0+0x2c1c/0x8260 kernel/fork.c:1913 #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: lock_anon_vma_root mm/rmap.c:238 [inline] #3: 00000000cfa16ffc (&anon_vma->rwsem){++++}, at: anon_vma_clone+0x145/0x5e0 mm/rmap.c:278 4 locks held by syz-executor.0/23619: #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mmap kernel/fork.c:435 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: dup_mm kernel/fork.c:1285 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_mm kernel/fork.c:1341 [inline] #0: 000000001e46fec7 (&dup_mmap_sem){++++}, at: copy_process.part.0+0x2bb3/0x8260 kernel/fork.c:1913