[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   21.107464] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available)
[?25l[?1c7[ ok 8[?25h[?0c.
[   21.315069] random: sshd: uninitialized urandom read (32 bytes read, 36 bits of entropy available)
[   21.598221] random: sshd: uninitialized urandom read (32 bytes read, 37 bits of entropy available)

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   22.509081] random: sshd: uninitialized urandom read (32 bytes read, 102 bits of entropy available)
[   22.674226] random: sshd: uninitialized urandom read (32 bytes read, 106 bits of entropy available)
Warning: Permanently added '10.128.0.14' (ECDSA) to the list of known hosts.
[   28.036950] random: sshd: uninitialized urandom read (32 bytes read, 110 bits of entropy available)
2018/03/18 05:27:13 parsed 1 programs
2018/03/18 05:27:13 executed programs: 0
[   28.368313] IPVS: Creating netns size=2552 id=1
[   28.398712] 
[   28.400345] ======================================================
[   28.406627] [ INFO: possible circular locking dependency detected ]
[   28.413000] 4.4.120-gd63fdf6 #29 Not tainted
[   28.417373] -------------------------------------------------------
[   28.423742] syz-executor0/3790 is trying to acquire lock:
[   28.429245]  (&mm->mmap_sem){++++++}, at: [<ffffffff81495684>] __might_fault+0xe4/0x1d0
[   28.437833] 
[   28.437833] but task is already holding lock:
[   28.443774]  (ashmem_mutex){+.+.+.}, at: [<ffffffff82c628a7>] ashmem_ioctl+0x367/0xfa0
[   28.452283] 
[   28.452283] which lock already depends on the new lock.
[   28.452283] 
[   28.460566] 
[   28.460566] the existing dependency chain (in reverse order) is:
[   28.468153] 
-> #1 (ashmem_mutex){+.+.+.}:
[   28.472902]        [<ffffffff8123d7ce>] lock_acquire+0x15e/0x460
[   28.479131]        [<ffffffff8376a39b>] mutex_lock_nested+0xbb/0x850
[   28.485710]        [<ffffffff82c61463>] ashmem_mmap+0x53/0x400
[   28.491766]        [<ffffffff814b0e4f>] mmap_region+0x94f/0x1250
[   28.497996]        [<ffffffff814b1c4d>] do_mmap+0x4fd/0x9d0
[   28.503787]        [<ffffffff814700ce>] vm_mmap_pgoff+0x16e/0x1c0
[   28.510099]        [<ffffffff814afe1f>] SyS_mmap_pgoff+0x33f/0x560
[   28.516502]        [<ffffffff81006d91>] do_fast_syscall_32+0x321/0x8a0
[   28.523261]        [<ffffffff837752ea>] sysenter_flags_fixed+0xd/0x17
[   28.529928] 
-> #0 (&mm->mmap_sem){++++++}:
[   28.534765]        [<ffffffff8123ab2f>] __lock_acquire+0x371f/0x4b50
[   28.541341]        [<ffffffff8123d7ce>] lock_acquire+0x15e/0x460
[   28.547570]        [<ffffffff814956ea>] __might_fault+0x14a/0x1d0
[   28.553884]        [<ffffffff82c628f4>] ashmem_ioctl+0x3b4/0xfa0
[   28.560115]        [<ffffffff82c6351e>] compat_ashmem_ioctl+0x3e/0x50
[   28.566782]        [<ffffffff8161e5da>] compat_SyS_ioctl+0x28a/0x2540
[   28.573448]        [<ffffffff81006d91>] do_fast_syscall_32+0x321/0x8a0
[   28.580196]        [<ffffffff837752ea>] sysenter_flags_fixed+0xd/0x17
[   28.586861] 
[   28.586861] other info that might help us debug this:
[   28.586861] 
[   28.594971]  Possible unsafe locking scenario:
[   28.594971] 
[   28.600993]        CPU0                    CPU1
[   28.605628]        ----                    ----
[   28.610262]   lock(ashmem_mutex);
[   28.613917]                                lock(&mm->mmap_sem);
[   28.620172]                                lock(ashmem_mutex);
[   28.626336]   lock(&mm->mmap_sem);
[   28.630074] 
[   28.630074]  *** DEADLOCK ***
[   28.630074] 
[   28.636101] 1 lock held by syz-executor0/3790:
[   28.640647]  #0:  (ashmem_mutex){+.+.+.}, at: [<ffffffff82c628a7>] ashmem_ioctl+0x367/0xfa0
[   28.649680] 
[   28.649680] stack backtrace:
[   28.654143] CPU: 1 PID: 3790 Comm: syz-executor0 Not tainted 4.4.120-gd63fdf6 #29
[   28.661728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   28.671050]  0000000000000000 d26c45b29c0fee20 ffff8801d978f8a8 ffffffff81d0408d
[   28.679016]  ffffffff851a0010 ffffffff851a0010 ffffffff851be970 ffff8800bb98d0f8
[   28.686987]  ffff8800bb98c800 ffff8801d978f8f0 ffffffff81233ba1 ffff8800bb98d0f8
[   28.694950] Call Trace:
[   28.697505]  [<ffffffff81d0408d>] dump_stack+0xc1/0x124
[   28.702838]  [<ffffffff81233ba1>] print_circular_bug+0x271/0x310
[   28.708948]  [<ffffffff8123ab2f>] __lock_acquire+0x371f/0x4b50
[   28.714886]  [<ffffffff81b4b522>] ? avc_has_extended_perms+0xe2/0xf30
[   28.721433]  [<ffffffff81237410>] ? debug_check_no_locks_freed+0x2c0/0x2c0
[   28.728413]  [<ffffffff812367ff>] ? mark_held_locks+0xaf/0x100
[   28.734350]  [<ffffffff81230151>] ? __lock_is_held+0xa1/0xf0
[   28.740116]  [<ffffffff8123d7ce>] lock_acquire+0x15e/0x460
[   28.745706]  [<ffffffff81495684>] ? __might_fault+0xe4/0x1d0
[   28.751469]  [<ffffffff814956ea>] __might_fault+0x14a/0x1d0
[   28.757144]  [<ffffffff81495684>] ? __might_fault+0xe4/0x1d0
[   28.762913]  [<ffffffff82c628f4>] ashmem_ioctl+0x3b4/0xfa0
[   28.768502]  [<ffffffff81b5bf03>] ? selinux_file_ioctl+0x363/0x570
[   28.774788]  [<ffffffff81b5bba0>] ? selinux_capable+0x30/0x30
[   28.780637]  [<ffffffff82c62540>] ? ashmem_shrink_scan+0x390/0x390
[   28.786924]  [<ffffffff814b04bb>] ? vma_set_page_prot+0x10b/0x150
[   28.793124]  [<ffffffff812e07e0>] ? exit_robust_list+0x240/0x240
[   28.799239]  [<ffffffff82c6351e>] compat_ashmem_ioctl+0x3e/0x50
[   28.805265]  [<ffffffff8161e5da>] compat_SyS_ioctl+0x28a/0x2540
[   28.811290]  [<ffffffff814700e0>] ? vm_mmap_pgoff+0x180/0x1c0
[   28.817141]  [<ffffffff82c634e0>] ? ashmem_ioctl+0xfa0/0xfa0
[   28.822909]  [<ffffffff8161e350>] ? compat_SyS_ppoll+0x420/0x420
[   28.829019]  [<ffffffff8147003f>] ? vm_mmap_pgoff+0xdf/0x1c0
[   28.834785]  [<ffffffff812e2899>] ? compat_SyS_futex+0x1f9/0x2a0
[   28.840899]  [<ffffffff812e26a0>] ? compat_SyS_get_robust_list+0x300/0x300
[   28.847879]  [<ffffffff814afae0>