Bluetooth: hci0 command 0x0406 tx timeout IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 INFO: task kworker/u4:2:25 blocked for more than 140 seconds. Not tainted 4.14.262-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/u4:2 D26784 25 2 0x80000000 Workqueue: netns cleanup_net Call Trace: context_switch kernel/sched/core.c:2811 [inline] __schedule+0x88b/0x1de0 kernel/sched/core.c:3387 schedule+0x8d/0x1b0 kernel/sched/core.c:3431 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3489 __mutex_lock_common kernel/locking/mutex.c:833 [inline] __mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893 IPVS: ftp: loaded support on port[0] = 21 cleanup_net+0x110/0x840 net/core/net_namespace.c:451 process_one_work+0x793/0x14a0 kernel/workqueue.c:2117 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2251 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 Showing all locks held in the system: 3 locks held by kworker/u4:2/25: #0: ("%s""netns"){+.+.}, at: [] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2088 #1: (net_cleanup_work){+.+.}, at: [] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2092 #2: (net_mutex){+.+.}, at: [] cleanup_net+0x110/0x840 net/core/net_namespace.c:451 1 lock held by khungtaskd/1533: #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548 1 lock held by kswapd0/1946: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_read include/linux/fs.h:483 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] rmap_walk_file+0x50e/0x7c0 mm/rmap.c:1828 1 lock held by syz-executor.3/12057: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12079: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12106: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12135: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12299: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12547: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12701: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/12844: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13047: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13119: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13160: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13191: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13270: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13333: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13385: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13690: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13789: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/13894: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/14045: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/14115: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/14137: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.3/14182: #0: (net_mutex){+.+.}, at: [] copy_net_ns+0x156/0x440 net/core/net_namespace.c:411 1 lock held by syz-executor.0/14192: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14194: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14197: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14199: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14201: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14203: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14206: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14207: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14209: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14212: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14211: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14213: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14215: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14214: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14217: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14216: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14218: #0: (&anon_vma->rwsem){++++}, at: [] lock_anon_vma_root mm/rmap.c:238 [inline] #0: (&anon_vma->rwsem){++++}, at: [] unlink_anon_vmas+0x178/0x7e0 mm/rmap.c:388 1 lock held by syz-executor.0/14219: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14220: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14221: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14222: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14224: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14226: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14228: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14229: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14230: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14231: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14232: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14235: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14236: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14237: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14238: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14239: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14241: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14242: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14245: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14246: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14247: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14248: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14249: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14251: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14252: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14253: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14255: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14256: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14257: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14258: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14260: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14261: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14267: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14270: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14271: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14272: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14274: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14275: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14276: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14278: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14279: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14280: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14282: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14285: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14286: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14288: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14289: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14290: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&anon_vma->rwsem){++++}, at: [] anon_vma_lock_write include/linux/rmap.h:121 [inline] #3: (&anon_vma->rwsem){++++}, at: [] anon_vma_fork+0x28a/0x580 mm/rmap.c:362 4 locks held by syz-executor.0/14292: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14295: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14296: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14298: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14299: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14300: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14301: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14302: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14303: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14305: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14306: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14308: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14311: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14310: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14312: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14313: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14314: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14315: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14316: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14317: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14318: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14319: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14320: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14321: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14324: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14325: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14326: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14327: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14328: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14329: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14330: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14331: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14332: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14333: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14334: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14335: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14336: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14337: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14338: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14340: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14342: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14343: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14344: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14345: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14346: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14349: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14350: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14351: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14352: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14353: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14354: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14355: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14356: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&anon_vma->rwsem){++++}, at: [] lock_anon_vma_root mm/rmap.c:238 [inline] #3: (&anon_vma->rwsem){++++}, at: [] anon_vma_clone+0x145/0x5b0 mm/rmap.c:278 4 locks held by syz-executor.0/14357: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14358: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14360: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14362: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14363: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14364: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14365: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14366: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14367: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14368: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14369: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14370: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14372: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14373: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14375: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14376: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14377: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14379: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14380: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14381: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14382: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14339: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14383: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14385: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14386: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14387: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14388: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14390: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14391: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14392: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14393: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14394: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14395: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14396: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14397: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14398: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14399: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14400: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14401: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14402: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14403: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14404: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14405: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14406: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14407: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14409: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14410: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14411: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14412: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14413: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14414: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14415: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14416: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14417: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14418: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14419: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14420: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14421: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14422: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14423: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14424: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14425: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14426: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14429: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14430: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14431: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14433: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 1 lock held by syz-executor.0/14436: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14437: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14438: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14439: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14440: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14441: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14442: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14443: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14444: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14445: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14446: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14447: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14448: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14449: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14450: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14451: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14453: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14454: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14455: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14457: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14458: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14459: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14460: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14461: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14463: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14464: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14465: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 1 lock held by syz-executor.0/14468: #0: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #0: (&mapping->i_mmap_rwsem){++++}, at: [] unlink_file_vma+0x71/0xb0 mm/mmap.c:152 4 locks held by syz-executor.0/14470: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 #3: (&mapping->i_mmap_rwsem){++++}, at: [] i_mmap_lock_write include/linux/fs.h:473 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mmap kernel/fork.c:676 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #3: (&mapping->i_mmap_rwsem){++++}, at: [] copy_process.part.0+0x4810/0x71c0 kernel/fork.c:1791 4 locks held by syz-executor.0/14471: