Warning: Permanently added '10.128.0.11' (ECDSA) to the list of known hosts.
executing program
[   24.853882] audit: type=1400 audit(1519135071.624:7): avc:  denied  { map } for  pid=4170 comm="syzkaller112453" path="/root/syzkaller112453341" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   24.880381] 
[   24.882017] =====================================
[   24.886828] WARNING: bad unlock balance detected!
[   24.891642] 4.16.0-rc2+ #322 Not tainted
[   24.895669] -------------------------------------
[   24.900480] syzkaller112453/4170 is trying to release lock (rcu_read_lock_bh) at:
[   24.908081] [<ffffffff8478edcb>] hashlimit_mt_common.isra.10+0x1beb/0x2610
[   24.915064] but there are no more locks to release!
[   24.920048] 
[   24.920048] other info that might help us debug this:
[   24.926682] 3 locks held by syzkaller112453/4170:
[   24.931491]  #0:  (sk_lock-AF_INET6){+.+.}, at: [<000000009751db4a>] inet_stream_connect+0x44/0xa0
[   24.940568]  #1:  (rcu_read_lock){....}, at: [<0000000041c03df0>] inet6_csk_xmit+0x114/0x580
[   24.949123]  #2:  (rcu_read_lock){....}, at: [<00000000e0dd5dbf>] ip6_xmit+0xe9d/0x2260
[   24.957240] 
[   24.957240] stack backtrace:
[   24.961708] CPU: 0 PID: 4170 Comm: syzkaller112453 Not tainted 4.16.0-rc2+ #322
[   24.969124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   24.978460] Call Trace:
[   24.981024]  dump_stack+0x194/0x257
[   24.984623]  ? arch_local_irq_restore+0x53/0x53
[   24.989265]  ? hashlimit_mt_common.isra.10+0x1beb/0x2610
[   24.994690]  print_unlock_imbalance_bug+0x12f/0x140
[   24.999681]  lock_release+0x6fe/0xa40
[   25.003451]  ? hashlimit_mt_common.isra.10+0x1beb/0x2610
[   25.008872]  ? lock_downgrade+0x980/0x980
[   25.013007]  ? lock_release+0xa40/0xa40
[   25.016954]  ? __raw_spin_lock_init+0x1c/0x100
[   25.021510]  ? do_raw_spin_trylock+0x190/0x190
[   25.026071]  hashlimit_mt_common.isra.10+0x1c08/0x2610
[   25.031321]  ? __lock_acquire+0x664/0x3e00
[   25.035527]  ? dsthash_find+0x5b0/0x5b0
[   25.039471]  ? __lock_acquire+0x664/0x3e00
[   25.043676]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.048835]  ? __lock_acquire+0x664/0x3e00
[   25.053042]  ? __lock_acquire+0x664/0x3e00
[   25.057247]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.062405]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[   25.067565]  ? check_noncircular+0x20/0x20
[   25.071774]  ? print_irqtrace_events+0x270/0x270
[   25.076499]  hashlimit_mt+0x78/0x90
[   25.080094]  ? hashlimit_mt+0x78/0x90
[   25.083867]  ip6t_do_table+0x98d/0x1a30
[   25.087814]  ? rt6_check+0x199/0x310
[   25.091497]  ? __lock_acquire+0x664/0x3e00
[   25.095703]  ? ip6t_error+0x60/0x60
[   25.099298]  ? rt6_check+0x1e2/0x310
[   25.102979]  ? check_noncircular+0x20/0x20
[   25.107182]  ? lock_acquire+0x1d5/0x580
[   25.111125]  ? lock_acquire+0x1d5/0x580
[   25.115068]  ? ip6_xmit+0xe9d/0x2260
[   25.118752]  ? lock_release+0xa40/0xa40
[   25.122707]  ip6table_raw_hook+0x65/0x80
[   25.126746]  nf_hook_slow+0xba/0x1a0
[   25.130428]  ip6_xmit+0x10ec/0x2260
[   25.134028]  ? __sk_dst_check+0x1a5/0x380
[   25.138152]  ? ip6_finish_output2+0x23a0/0x23a0
[   25.142791]  ? fl6_update_dst+0x127/0x2b0
[   25.146919]  ? inet6_csk_route_socket+0x691/0xe80
[   25.151734]  ? check_noncircular+0x20/0x20
[   25.155940]  ? lock_acquire+0x1d5/0x580
[   25.159883]  ? lock_acquire+0x1d5/0x580
[   25.163827]  ? inet6_csk_xmit+0x114/0x580
[   25.167949]  ? ip6_forward_finish+0x140/0x140
[   25.172412]  ? lock_release+0xa40/0xa40
[   25.176356]  ? __lock_is_held+0xb6/0x140
[   25.180390]  inet6_csk_xmit+0x2fc/0x580
[   25.184335]  ? inet6_csk_update_pmtu+0x160/0x160
[   25.189065]  ? refcount_add_not_zero+0x133/0x200
[   25.193804]  tcp_transmit_skb+0x1b12/0x38b0
[   25.198104]  ? memset+0x31/0x40
[   25.201352]  ? __tcp_select_window+0x900/0x900
[   25.205907]  ? ip6_mtu+0x369/0x4d0
[   25.209417]  ? lock_downgrade+0x980/0x980
[   25.213535]  ? lock_release+0xa40/0xa40
[   25.217479]  ? __lock_is_held+0xb6/0x140
[   25.221507]  ? check_noncircular+0x20/0x20
[   25.225714]  ? pvclock_read_flags+0x160/0x160
[   25.230185]  ? tcp_init_transfer+0x3e0/0x3e0
[   25.234565]  ? tcp_rbtree_insert+0x135/0x190
[   25.238943]  tcp_connect+0x2d1e/0x40f0
[   25.242802]  ? tcp_push_one+0x100/0x100
[   25.246745]  ? lock_downgrade+0x927/0x980
[   25.250861]  ? do_raw_spin_trylock+0x190/0x190
[   25.255414]  ? __inet_hash_connect+0x8b1/0xed0
[   25.259973]  ? pvclock_read_flags+0x160/0x160
[   25.264440]  ? mark_held_locks+0xaf/0x100
[   25.268560]  ? ktime_get_with_offset+0x188/0x420
[   25.273287]  ? kvm_clock_get_cycles+0x25/0x30
[   25.277752]  ? ktime_get_with_offset+0x2c1/0x420
[   25.282479]  ? do_gettimeofday+0x190/0x190
[   25.286687]  ? __siphash_aligned+0x1b9/0x330
[   25.291075]  ? siphash_4u64+0x25/0x3a0
[   25.294934]  ? secure_tcpv6_ts_off+0x1e0/0x420
[   25.299486]  ? secure_tcpv6_seq+0x23c/0x350
[   25.303777]  ? secure_tcpv6_seq+0x350/0x350
[   25.308068]  ? tcp_fastopen_defer_connect+0x163/0x4a0
[   25.313226]  ? secure_dccpv6_sequence_number+0x360/0x360
[   25.318652]  tcp_v6_connect+0x2083/0x26c0
[   25.322773]  ? tcp_v6_syn_recv_sock+0x23f0/0x23f0
[   25.327589]  ? avc_has_perm+0x43e/0x680
[   25.331533]  ? avc_has_perm_noaudit+0x520/0x520
[   25.336173]  ? __lockdep_init_map+0xe4/0x650
[   25.340552]  ? check_noncircular+0x20/0x20
[   25.344764]  ? sock_has_perm+0x2a4/0x420
[   25.348797]  ? selinux_secmark_relabel_packet+0xc0/0xc0
[   25.354133]  __inet_stream_connect+0x2d4/0xf00
[   25.358683]  ? __inet_stream_connect+0x2d4/0xf00
[   25.363410]  ? lock_acquire+0x1d5/0x580
[   25.367356]  ? lock_sock_nested+0xa3/0x110
[   25.371559]  ? lock_acquire+0x1d5/0x580
[   25.375501]  ? inet_bind+0x930/0x930
[   25.379186]  ? mark_held_locks+0xaf/0x100
[   25.383304]  ? do_raw_spin_trylock+0x190/0x190
[   25.387859]  ? __local_bh_enable_ip+0x121/0x230
[   25.392499]  ? trace_hardirqs_on_caller+0x421/0x5c0
[   25.397484]  ? lock_sock_nested+0x91/0x110
[   25.401690]  ? trace_hardirqs_on+0xd/0x10
[   25.405808]  ? __local_bh_enable_ip+0x121/0x230
[   25.410447]  inet_stream_connect+0x58/0xa0
[   25.414657]  SYSC_connect+0x213/0x4a0
[   25.418432]  ? SYSC_bind+0x410/0x410
[   25.422122]  ? __handle_mm_fault+0x3ce0/0x3ce0
[   25.426676]  ? vmacache_find+0x5f/0x280
[   25.430625]  ? mm_fault_error+0x2c0/0x2c0
[   25.434754]  ? move_addr_to_kernel+0x60/0x60
[   25.439141]  ? SyS_accept+0x30/0x30
[   25.442738]  SyS_connect+0x24/0x30
[   25.446252]  do_syscall_64+0x280/0x940
[   25.450118]  ? __do_page_fault+0xc90/0xc90
[   25.454323]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   25.459049]  ? syscall_return_slowpath+0x550/0x550
[   25.463958]  ? syscall_return_slowpath+0x2ac/0x550
[   25.468856]  ? prepare_exit_to_usermode+0x350/0x350
[   25.473847]  ? retint_user+0x18/0x18
[   25.477533]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[   25.482346]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[   25.487506] RIP: 0033:0x4411a9
[   25.490664] RSP: 002b:00007ffdb0ba15c8 EFLAGS: 00000207 ORIG_RAX: 000000000000002a
[   25.498349] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00000000004411a9
[   25.505588]