IPVS: Creating netns size=2536 id=1

======================================================
[ INFO: possible circular locking dependency detected ]
4.9.86-gb324a70 #58 Not tainted
-------------------------------------------------------
syz-executor0/3664 is trying to acquire lock:
 (&mm->mmap_sem){++++++}, at: [<ffffffff814c26d4>] __might_fault+0xe4/0x1d0 mm/memory.c:4013
but task is already holding lock:
 (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4b121>] ashmem_pin_unpin drivers/staging/android/ashmem.c:714 [inline]
 (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4b121>] ashmem_ioctl+0x371/0xfe0 drivers/staging/android/ashmem.c:791
which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

       lock_acquire+0x12e/0x410 kernel/locking/lockdep.c:3756
       __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       mutex_lock_nested+0xbb/0x870 kernel/locking/mutex.c:621
       ashmem_mmap+0x53/0x400 drivers/staging/android/ashmem.c:379
       mmap_region+0x7dd/0xfd0 mm/mmap.c:1694
       do_mmap+0x57b/0xbe0 mm/mmap.c:1473
       do_mmap_pgoff include/linux/mm.h:2032 [inline]
       vm_mmap_pgoff+0x16b/0x1b0 mm/util.c:329
       SYSC_mmap_pgoff mm/mmap.c:1523 [inline]
       SyS_mmap_pgoff+0x33f/0x560 mm/mmap.c:1481
       do_syscall_32_irqs_on arch/x86/entry/common.c:325 [inline]
       do_fast_syscall_32+0x2f5/0x870 arch/x86/entry/common.c:387
       entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137

       check_prev_add kernel/locking/lockdep.c:1828 [inline]
       check_prevs_add kernel/locking/lockdep.c:1938 [inline]
       validate_chain kernel/locking/lockdep.c:2265 [inline]
       __lock_acquire+0x2bf9/0x3640 kernel/locking/lockdep.c:3345
       lock_acquire+0x12e/0x410 kernel/locking/lockdep.c:3756
       __might_fault+0x14a/0x1d0 mm/memory.c:4014
       copy_from_user arch/x86/include/asm/uaccess.h:705 [inline]
       ashmem_pin_unpin drivers/staging/android/ashmem.c:719 [inline]
       ashmem_ioctl+0x3c0/0xfe0 drivers/staging/android/ashmem.c:791
       compat_ashmem_ioctl+0x3e/0x50 drivers/staging/android/ashmem.c:822
       C_SYSC_ioctl fs/compat_ioctl.c:1602 [inline]
       compat_SyS_ioctl+0x15f/0x2050 fs/compat_ioctl.c:1549
       do_syscall_32_irqs_on arch/x86/entry/common.c:325 [inline]
       do_fast_syscall_32+0x2f5/0x870 arch/x86/entry/common.c:387
       entry_SYSENTER_compat+0x90/0xa2 arch/x86/entry/entry_64_compat.S:137

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(ashmem_mutex);
                               lock(&mm->mmap_sem);
                               lock(ashmem_mutex);
  lock(&mm->mmap_sem);

 *** DEADLOCK ***

1 lock held by syz-executor0/3664:
 #0:  (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4b121>] ashmem_pin_unpin drivers/staging/android/ashmem.c:714 [inline]
 #0:  (ashmem_mutex){+.+.+.}, at: [<ffffffff82d4b121>] ashmem_ioctl+0x371/0xfe0 drivers/staging/android/ashmem.c:791

stack backtrace:
CPU: 1 PID: 3664 Comm: syz-executor0 Not tainted 4.9.86-gb324a70 #58
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801bfe77a38 ffffffff81d956f9 ffffffff853a4cd0 ffffffff853a4cd0
 ffffffff853c57f0 ffff8801c2a8e8d8 ffff8801c2a8e000 ffff8801bfe77a80
 ffffffff812387f1 ffff8801c2a8e8d8 00000000c2a8e8b0 ffff8801c2a8e8d8
Call Trace:
 [<ffffffff81d956f9>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d956f9>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff812387f1>] print_circular_bug+0x271/0x310 kernel/locking/lockdep.c:1202
 [<ffffffff8123ec29>] check_prev_add kernel/locking/lockdep.c:1828 [inline]
 [<ffffffff8123ec29>] check_prevs_add kernel/locking/lockdep.c:1938 [inline]
 [<ffffffff8123ec29>] validate_chain kernel/locking/lockdep.c:2265 [inline]
 [<ffffffff8123ec29>] __lock_acquire+0x2bf9/0x3640 kernel/locking/lockdep.c:3345
 [<ffffffff812400ae>] lock_acquire+0x12e/0x410 kernel/locking/lockdep.c:3756
 [<ffffffff814c273a>] __might_fault+0x14a/0x1d0 mm/memory.c:4014
 [<ffffffff82d4b170>] copy_from_user arch/x86/include/asm/uaccess.h:705 [inline]
 [<ffffffff82d4b170>] ashmem_pin_unpin drivers/staging/android/ashmem.c:719 [inline]
 [<ffffffff82d4b170>] ashmem_ioctl+0x3c0/0xfe0 drivers/staging/android/ashmem.c:791
 [<ffffffff82d4bdce>] compat_ashmem_ioctl+0x3e/0x50 drivers/staging/android/ashmem.c:822
 [<ffffffff8167d38f>] C_SYSC_ioctl fs/compat_ioctl.c:1602 [inline]
 [<ffffffff8167d38f>] compat_SyS_ioctl+0x15f/0x2050 fs/compat_ioctl.c:1549