[    8.706502] random: sshd: uninitialized urandom read (32 bytes read)
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   28.331567] random: sshd: uninitialized urandom read (32 bytes read)
[   28.632986] audit: type=1400 audit(1546275488.692:6): avc:  denied  { map } for  pid=1752 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   28.676075] random: sshd: uninitialized urandom read (32 bytes read)
[   29.151605] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.111' (ECDSA) to the list of known hosts.
[   34.926565] urandom_read: 1 callbacks suppressed
[   34.926569] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   35.014948] audit: type=1400 audit(1546275495.072:7): avc:  denied  { map } for  pid=1770 comm="syz-executor966" path="/root/syz-executor966800074" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   35.065179] 
[   35.066960] ======================================================
[   35.073255] WARNING: possible circular locking dependency detected
[   35.079549] 4.14.91+ #1 Not tainted
[   35.083148] ------------------------------------------------------
[   35.089443] syz-executor966/1772 is trying to acquire lock:
[   35.095125]  (&pipe->mutex/1){+.+.}, at: [<ffffffffa7371a86>] fifo_open+0x156/0x9b0
[   35.102905] 
[   35.102905] but task is already holding lock:
[   35.108995]  (&sig->cred_guard_mutex){+.+.}, at: [<ffffffffa736bea1>] prepare_bprm_creds+0x51/0x110
[   35.118168] 
[   35.118168] which lock already depends on the new lock.
[   35.118168] 
[   35.126459] 
[   35.126459] the existing dependency chain (in reverse order) is:
[   35.134054] 
[   35.134054] -> #1 (&sig->cred_guard_mutex){+.+.}:
[   35.140351] 
[   35.140351] -> #0 (&pipe->mutex/1){+.+.}:
[   35.146000] 
[   35.146000] other info that might help us debug this:
[   35.146000] 
[   35.154120]  Possible unsafe locking scenario:
[   35.154120] 
[   35.160161]        CPU0                    CPU1
[   35.164800]        ----                    ----
[   35.169441]   lock(&sig->cred_guard_mutex);
[   35.173741]                                lock(&pipe->mutex/1);
[   35.179859]                                lock(&sig->cred_guard_mutex);
[   35.186673]   lock(&pipe->mutex/1);
[   35.190275] 
[   35.190275]  *** DEADLOCK ***
[   35.190275] 
[   35.196313] 1 lock held by syz-executor966/1772:
[   35.201048]  #0:  (&sig->cred_guard_mutex){+.+.}, at: [<ffffffffa736bea1>] prepare_bprm_creds+0x51/0x110
[   35.210651] 
[   35.210651] stack backtrace:
[   35.215126] CPU: 0 PID: 1772 Comm: syz-executor966 Not tainted 4.14.91+ #1
[   35.222109] Call Trace:
[   35.224813]  dump_stack+0xb9/0x10e
[   35.228336]  print_circular_bug.isra.0.cold+0x2dc/0x425
[   35.233683]  ? __lock_acquire+0x2d83/0x3fa0
[   35.237985]  ? trace_hardirqs_on+0x10/0x10
[   35.242200]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   35.247281]  ? __lock_acquire+0x56a/0x3fa0
[   35.251608]  ? do_filp_open+0x1a1/0x280
[   35.255557]  ? lock_acquire+0x10f/0x380
[   35.259506]  ? fifo_open+0x156/0x9b0
[   35.263204]  ? fifo_open+0x156/0x9b0
[   35.267012]  ? __mutex_lock+0xf7/0x1430
[   35.270963]  ? fifo_open+0x156/0x9b0
[   35.274656]  ? fifo_open+0x156/0x9b0
[   35.278350]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   35.283774]  ? mark_held_locks+0xa6/0xf0
[   35.287860]  ? fifo_open+0x284/0x9b0
[   35.291555]  ? lock_downgrade+0x5d0/0x5d0
[   35.295674]  ? lock_acquire+0x10f/0x380
[   35.299628]  ? fifo_open+0x243/0x9b0
[   35.303325]  ? debug_mutex_init+0x28/0x53
[   35.307450]  ? fifo_open+0x156/0x9b0
[   35.311139]  ? fifo_open+0x156/0x9b0
[   35.314837]  ? do_dentry_open+0x41b/0xd60
[   35.318978]  ? pipe_release+0x240/0x240
[   35.322934]  ? vfs_open+0x105/0x230
[   35.326544]  ? path_openat+0xb6b/0x2b70
[   35.330498]  ? path_mountpoint+0x9a0/0x9a0
[   35.334707]  ? kasan_kmalloc.part.0+0xa6/0xd0
[   35.339177]  ? kasan_kmalloc.part.0+0x4f/0xd0
[   35.343648]  ? kmemdup+0x23/0x50
[   35.346991]  ? selinux_cred_prepare+0x3e/0x90
[   35.351472]  ? do_filp_open+0x1a1/0x280
[   35.355421]  ? prepare_bprm_creds+0x66/0x110
[   35.359807]  ? may_open_dev+0xe0/0xe0
[   35.363743]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   35.369183]  ? rcu_read_lock_sched_held+0x10a/0x130
[   35.374178]  ? do_open_execat+0xf7/0x5c0
[   35.378220]  ? setup_arg_pages+0x710/0x710
[   35.382434]  ? do_execveat_common.isra.0+0x674/0x1c30
[   35.387603]  ? lock_acquire+0x10f/0x380
[   35.391551]  ? do_execveat_common.isra.0+0x422/0x1c30
[   35.396729]  ? check_preemption_disabled+0x35/0x1f0
[   35.401728]  ? do_execveat_common.isra.0+0x6b3/0x1c30
[   35.406914]  ? prepare_bprm_creds+0x110/0x110
[   35.411392]  ? getname_flags+0x22e/0x550
[   35.415446]  ? S