------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: kernel/locking/lockdep.c:238 at __lock_acquire+0xdec/0x1b70, CPU#1: syz-executor.4/88430
Modules linked in:
CPU: 1 UID: 0 PID: 88430 Comm: syz-executor.4 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:__lock_acquire+0xdec/0x1b70
Code: 85 e8 58 16 e8 ff 90 0f 0b 90 90 4c 8b 4c 24 10 e9 3c fa ff ff 90 48 c7 c6 e4 d6 74 85 48 c7 c7 f8 d3 74 85 e8 35 16 e8 ff 90 <0f> 0b 90 90 4c 8b 4c 24 10 e9 cd f9 ff ff 8b 3d 20 e1 e2 06 85 ff
RSP: 0018:ffff8880474c7780 EFLAGS: 00010086
RAX: 0000000000000000 RBX: ffff88804dee3700 RCX: ffffc90006620000
RDX: 0000000000040000 RSI: ffffffff8139de7e RDI: 0000000000000001
RBP: ffff88804dee4158 R08: 0000000000000001 R09: ffffed100d9e4801
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804dee41f8
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  00007f65090e4700(0000) GS:ffff8880e56d7000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f65090e3f78 CR3: 000000004c717000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 lock_acquire+0x15e/0x2f0
 _raw_spin_lock_irqsave+0x3a/0x60
 skb_dequeue+0x20/0x180
 audit_log_start.part.0+0x647/0x940
 audit_log+0xe8/0x180
 security_bounded_transition+0x655/0x6b0
 selinux_lsm_setattr+0x813/0x940
 selinux_setprocattr+0x43/0x70
 security_setprocattr+0x148/0x1a0
 proc_pid_attr_write+0x335/0x7a0
 vfs_write+0x2b7/0x1150
 ksys_write+0x121/0x240
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f650bb6eb19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f65090e4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f650bc81f60 RCX: 00007f650bb6eb19
RDX: 0000000000000022 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 00007f65090e41d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd5873161f R14: 00007f65090e4300 R15: 0000000000022000
 </TASK>
irq event stamp: 772
hardirqs last  enabled at (771): [<ffffffff84bbe1eb>] irqentry_exit+0x3b/0x90
hardirqs last disabled at (772): [<ffffffff84be3113>] _raw_spin_lock_irqsave+0x53/0x60
softirqs last  enabled at (770): [<ffffffff813bafcc>] handle_softirqs+0x50c/0x770
softirqs last disabled at (727): [<ffffffff813bb364>] __irq_exit_rcu+0xc4/0x100
---[ end trace 0000000000000000 ]---
BUG: kernel NULL pointer dereference, address: 00000000000000c4
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 4b14a067 P4D 4b14a067 PUD 4c6e3067 PMD 0 
Oops: Oops: 0000 [#1] SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 88430 Comm: syz-executor.4 Tainted: G        W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
RIP: 0010:__lock_acquire+0x22b/0x1b70
Code: 89 44 24 24 4c 89 c8 25 ff 1f 00 00 48 0f a3 05 6b d2 57 06 0f 83 76 05 00 00 48 8d 04 80 48 8d 04 80 48 8d 04 c5 60 91 a9 87 <44> 0f b6 a8 c4 00 00 00 41 0f b7 44 24 20 66 25 ff 1f 0f b7 c0 48
RSP: 0018:ffff8880474c7780 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff88804dee3700 RCX: ffffc90006620000
RDX: 0000000000040000 RSI: ffffffff8139de7e RDI: 0000000000000001
RBP: ffff88804dee4158 R08: 0000000000000001 R09: 0a3d700ae1f3df04
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804dee41f8
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  00007f65090e4700(0000) GS:ffff8880e56d7000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000000c4 CR3: 000000004c717000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 lock_acquire+0x15e/0x2f0
 _raw_spin_lock_irqsave+0x3a/0x60
 skb_dequeue+0x20/0x180
 audit_log_start.part.0+0x647/0x940
 audit_log+0xe8/0x180
 security_bounded_transition+0x655/0x6b0
 selinux_lsm_setattr+0x813/0x940
 selinux_setprocattr+0x43/0x70
 security_setprocattr+0x148/0x1a0
 proc_pid_attr_write+0x335/0x7a0
 vfs_write+0x2b7/0x1150
 ksys_write+0x121/0x240
 do_syscall_64+0xbf/0x360
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f650bb6eb19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f65090e4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f650bc81f60 RCX: 00007f650bb6eb19
RDX: 0000000000000022 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 00007f65090e41d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd5873161f R14: 00007f65090e4300 R15: 0000000000022000
 </TASK>
Modules linked in:
CR2: 00000000000000c4
---[ end trace 0000000000000000 ]---
RIP: 0010:__lock_acquire+0x22b/0x1b70
Code: 89 44 24 24 4c 89 c8 25 ff 1f 00 00 48 0f a3 05 6b d2 57 06 0f 83 76 05 00 00 48 8d 04 80 48 8d 04 80 48 8d 04 c5 60 91 a9 87 <44> 0f b6 a8 c4 00 00 00 41 0f b7 44 24 20 66 25 ff 1f 0f b7 c0 48
RSP: 0018:ffff8880474c7780 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff88804dee3700 RCX: ffffc90006620000
RDX: 0000000000040000 RSI: ffffffff8139de7e RDI: 0000000000000001
RBP: ffff88804dee4158 R08: 0000000000000001 R09: 0a3d700ae1f3df04
R10: 0000000000000000 R11: 0000000000000001 R12: ffff88804dee41f8
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  00007f65090e4700(0000) GS:ffff8880e56d7000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000000c4 CR3: 000000004c717000 CR4: 0000000000350ef0
note: syz-executor.4[88430] exited with irqs disabled
note: syz-executor.4[88430] exited with preempt_count 1
BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:51
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 88430, name: syz-executor.4
preempt_count: 0, expected: 0
RCU nest depth: 1, expected: 0
INFO: lockdep is turned off.
CPU: 1 UID: 0 PID: 88430 Comm: syz-executor.4 Tainted: G      D W           6.17.0-rc4-next-20250902 #1 PREEMPT(voluntary) 
Tainted: [D]=DIE, [W]=WARN
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
Call Trace:
 <TASK>
 dump_stack_lvl+0xfa/0x120
 __might_resched+0x2f3/0x510
 exit_signals+0x25/0x940
 do_exit+0x2db/0x2970
 make_task_dead+0x174/0x3b0
 rewind_stack_and_make_dead+0x16/0x20
RIP: 0033:0x7f650bb6eb19
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f65090e4188 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f650bc81f60 RCX: 00007f650bb6eb19
RDX: 0000000000000022 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 00007f65090e41d0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd5873161f R14: 00007f65090e4300 R15: 0000000000022000
 </TASK>
----------------
Code disassembly (best guess):
   0:	89 44 24 24          	mov    %eax,0x24(%rsp)
   4:	4c 89 c8             	mov    %r9,%rax
   7:	25 ff 1f 00 00       	and    $0x1fff,%eax
   c:	48 0f a3 05 6b d2 57 	bt     %rax,0x657d26b(%rip)        # 0x657d27f
  13:	06
  14:	0f 83 76 05 00 00    	jae    0x590
  1a:	48 8d 04 80          	lea    (%rax,%rax,4),%rax
  1e:	48 8d 04 80          	lea    (%rax,%rax,4),%rax
  22:	48 8d 04 c5 60 91 a9 	lea    -0x78566ea0(,%rax,8),%rax
  29:	87
* 2a:	44 0f b6 a8 c4 00 00 	movzbl 0xc4(%rax),%r13d <-- trapping instruction
  31:	00
  32:	41 0f b7 44 24 20    	movzwl 0x20(%r12),%eax
  38:	66 25 ff 1f          	and    $0x1fff,%ax
  3c:	0f b7 c0             	movzwl %ax,%eax
  3f:	48                   	rex.W