Bluetooth: hci2 command 0x0406 tx timeout Bluetooth: hci5 command 0x0406 tx timeout Bluetooth: hci3 command 0x0406 tx timeout Bluetooth: hci1 command 0x0406 tx timeout Bluetooth: hci4 command 0x0406 tx timeout INFO: task oom_reaper:1534 blocked for more than 140 seconds. Not tainted 4.14.261-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. oom_reaper D30640 1534 2 0x80000000 Call Trace: context_switch kernel/sched/core.c:2811 [inline] __schedule+0x88b/0x1de0 kernel/sched/core.c:3387 schedule+0x8d/0x1b0 kernel/sched/core.c:3431 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3489 __mutex_lock_common kernel/locking/mutex.c:833 [inline] __mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893 oom_reap_task_mm mm/oom_kill.c:526 [inline] oom_reap_task mm/oom_kill.c:585 [inline] oom_reaper+0x1a2/0x1000 mm/oom_kill.c:622 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 INFO: task syz-executor.5:14436 blocked for more than 140 seconds. Not tainted 4.14.261-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D27000 14436 12441 0x80100004 Call Trace: context_switch kernel/sched/core.c:2811 [inline] __schedule+0x88b/0x1de0 kernel/sched/core.c:3387 schedule+0x8d/0x1b0 kernel/sched/core.c:3431 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3489 __mutex_lock_common kernel/locking/mutex.c:833 [inline] __mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893 exit_mmap+0x3d9/0x4d0 mm/mmap.c:3029 __mmput kernel/fork.c:931 [inline] mmput kernel/fork.c:952 [inline] mmput+0xfa/0x420 kernel/fork.c:947 exit_mm kernel/exit.c:548 [inline] do_exit+0x984/0x2850 kernel/exit.c:855 do_group_exit+0x100/0x2e0 kernel/exit.c:965 get_signal+0x38d/0x1ca0 kernel/signal.c:2412 do_signal+0x7c/0x1550 arch/x86/kernel/signal.c:792 exit_to_usermode_loop+0x160/0x200 arch/x86/entry/common.c:160 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline] syscall_return_slowpath arch/x86/entry/common.c:270 [inline] do_syscall_64+0x4a3/0x640 arch/x86/entry/common.c:297 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x7f20d5d91e99 RSP: 002b:00007f20d4683168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: fffffffffffffdff RBX: 00007f20d5ea52a0 RCX: 00007f20d5d91e99 RDX: 0000000020000580 RSI: 0000000020000c00 RDI: 0000000000000000 RBP: 00007f20d5debff1 R08: 0000000020000880 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffd108b85f R14: 00007f20d4683300 R15: 0000000000022000 Showing all locks held in the system: 2 locks held by systemd/1: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 1 lock held by khungtaskd/1533: #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548 1 lock held by oom_reaper/1534: #0: (oom_lock){+.+.}, at: [] oom_reap_task_mm mm/oom_kill.c:526 [inline] #0: (oom_lock){+.+.}, at: [] oom_reap_task mm/oom_kill.c:585 [inline] #0: (oom_lock){+.+.}, at: [] oom_reaper+0x1a2/0x1000 mm/oom_kill.c:622 2 locks held by systemd-journal/4608: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 2 locks held by cron/7694: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 2 locks held by in:imklog/7708: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 2 locks held by login/7934: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 2 locks held by syz-fuzzer/7994: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 2 locks held by syz-fuzzer/8003: #0: (&mm->mmap_sem){++++}, at: [] __do_page_fault+0x2b9/0xad0 arch/x86/mm/fault.c:1371 #1: (&ei->i_mmap_sem){++++}, at: [] ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6246 3 locks held by syz-executor.4/8016: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11580: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11582: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11585: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11587: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11592: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11596: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11597: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11598: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11600: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11601: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11605: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11606: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11607: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11611: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11615: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11620: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11624: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11625: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11626: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11628: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11629: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11630: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11631: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11632: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11634: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11636: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11638: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11639: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11641: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11642: #0: (&dup_mmap_sem){.+.+}, at: [] dup_mmap kernel/fork.c:601 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] dup_mm kernel/fork.c:1200 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_mm kernel/fork.c:1255 [inline] #0: (&dup_mmap_sem){.+.+}, at: [] copy_process.part.0+0x4392/0x71c0 kernel/fork.c:1791 #1: (&mm->mmap_sem){++++}, at: [] dup_mmap kernel/fork.c:602 [inline] #1: (&mm->mmap_sem){++++}, at: [] dup_mm kernel/fork.c:1200 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_mm kernel/fork.c:1255 [inline] #1: (&mm->mmap_sem){++++}, at: [] copy_process.part.0+0x43ae/0x71c0 kernel/fork.c:1791 #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mmap kernel/fork.c:611 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] dup_mm kernel/fork.c:1200 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_mm kernel/fork.c:1255 [inline] #2: (&mm->mmap_sem/1){+.+.}, at: [] copy_process.part.0+0x43e8/0x71c0 kernel/fork.c:1791 3 locks held by syz-executor.5/11643: