[....] Starting OpenBSD Secure Shell server: sshd[   11.251186] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   41.523197] random: sshd: uninitialized urandom read (32 bytes read)
[   41.949054] audit: type=1400 audit(1553307826.741:6): avc:  denied  { map } for  pid=1777 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[   42.011777] random: sshd: uninitialized urandom read (32 bytes read)
[   42.533438] random: sshd: uninitialized urandom read (32 bytes read)
[   42.704290] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.202' (ECDSA) to the list of known hosts.
[   48.298021] random: sshd: uninitialized urandom read (32 bytes read)
executing program
[   48.393820] audit: type=1400 audit(1553307833.191:7): avc:  denied  { map } for  pid=1789 comm="syz-executor142" path="/root/syz-executor142915877" dev="sda1" ino=16482 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   48.397837] 
[   48.421862] ======================================================
[   48.428211] WARNING: possible circular locking dependency detected
[   48.434787] 4.14.107+ #34 Not tainted
[   48.438782] ------------------------------------------------------
[   48.445082] syz-executor142/1789 is trying to acquire lock:
[   48.450889]  (&pipe->mutex/1){+.+.}, at: [<ffffffffb1774df6>] fifo_open+0x156/0x9b0
[   48.458678] 
[   48.458678] but task is already holding lock:
[   48.464642]  (&sig->cred_guard_mutex){+.+.}, at: [<ffffffffb176f211>] prepare_bprm_creds+0x51/0x110
[   48.473909] 
[   48.473909] which lock already depends on the new lock.
[   48.473909] 
[   48.482432] 
[   48.482432] the existing dependency chain (in reverse order) is:
[   48.490136] 
[   48.490136] -> #1 (&sig->cred_guard_mutex){+.+.}:
[   48.496447] 
[   48.496447] -> #0 (&pipe->mutex/1){+.+.}:
[   48.502067] 
[   48.502067] other info that might help us debug this:
[   48.502067] 
[   48.510386]  Possible unsafe locking scenario:
[   48.510386] 
[   48.516422]        CPU0                    CPU1
[   48.521367]        ----                    ----
[   48.526020]   lock(&sig->cred_guard_mutex);
[   48.530646]                                lock(&pipe->mutex/1);
[   48.536822]                                lock(&sig->cred_guard_mutex);
[   48.543969]   lock(&pipe->mutex/1);
[   48.547625] 
[   48.547625]  *** DEADLOCK ***
[   48.547625] 
[   48.553861] 1 lock held by syz-executor142/1789:
[   48.558859]  #0:  (&sig->cred_guard_mutex){+.+.}, at: [<ffffffffb176f211>] prepare_bprm_creds+0x51/0x110
[   48.568485] 
[   48.568485] stack backtrace:
[   48.573076] CPU: 0 PID: 1789 Comm: syz-executor142 Not tainted 4.14.107+ #34
[   48.580282] Call Trace:
[   48.582928]  dump_stack+0xb9/0x10e
[   48.586471]  print_circular_bug.isra.0.cold+0x2dc/0x425
[   48.591825]  ? __lock_acquire+0x2d83/0x3fa0
[   48.596517]  ? trace_hardirqs_on+0x10/0x10
[   48.600944]  ? _raw_spin_unlock_irqrestore+0x41/0x70
[   48.606197]  ? __lock_acquire+0x56a/0x3fa0
[   48.610436]  ? do_filp_open+0x1a1/0x280
[   48.614441]  ? lock_acquire+0x10f/0x380
[   48.618495]  ? fifo_open+0x156/0x9b0
[   48.622426]  ? fifo_open+0x156/0x9b0
[   48.626128]  ? __mutex_lock+0xf7/0x1430
[   48.630098]  ? fifo_open+0x156/0x9b0
[   48.633856]  ? fifo_open+0x156/0x9b0
[   48.637564]  ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[   48.643010]  ? fifo_open+0x284/0x9b0
[   48.646936]  ? lock_downgrade+0x5d0/0x5d0
[   48.651080]  ? lock_acquire+0x10f/0x380
[   48.655195]  ? fifo_open+0x243/0x9b0
[   48.658949]  ? debug_mutex_init+0x28/0x53
[   48.663209]  ? fifo_open+0x156/0x9b0
[   48.666905]  ? fifo_open+0x156/0x9b0
[   48.670693]  ? do_dentry_open+0x41b/0xd60
[   48.674823]  ? pipe_release+0x240/0x240
[   48.679139]  ? vfs_open+0x105/0x230
[   48.682762]  ? path_openat+0xb6b/0x2b70
[   48.686723]  ? path_mountpoint+0x9a0/0x9a0
[   48.691328]  ? kasan_kmalloc.part.0+0xa6/0xd0
[   48.695811]  ? kasan_kmalloc.part.0+0x4f/0xd0
[   48.700299]  ? kmemdup+0x23/0x50
[   48.703658]  ? selinux_cred_prepare+0x3e/0x90
[   48.708147]  ? do_filp_open+0x1a1/0x280
[   48.712101]  ? prepare_bprm_creds+0x66/0x110
[   48.716582]  ? may_open_dev+0xe0/0xe0
[   48.720647]  ? rcu_lockdep_current_cpu_online+0xed/0x140
[   48.726087]  ? rcu_read_lock_sched_held+0x10a/0x130
[   48.731110]  ? do_open_execat+0xf7/0x5c0
[   48.735255]  ? setup_arg_pages+0x710/0x710
[   48.739475]  ? do_execveat_common.isra.0+0x674/0x1c30
[   48.744660]  ? lock_acquire+0x10f/0x380
[   48.748634]  ? do_execveat_common.isra.0+0x422/0x1c30
[   48.754129]  ? check_preemption_disabled+0x35/0x1f0
[   48.759136]  ? do_execveat_common.isra.0+0x6b3/0x1c30
[   48.764329]  ? prepare_bprm_creds+0x110/0x110
[   48.768871]  ? getname_flags+0x22e/0x550
[   48.772922]  ? SyS_execve+0x34/0x40
[   48.776621]  ? setup_new_exec+0x770/0x770
[   48.780843]  ? do_syscall_64+0x19b/0x4b0
[   48.784894]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7