program:
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f0000000140)={0x0, 0xffffffffffffffe4})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x42}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 64)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000240)={0x0, <r3=>0x0})
ioctl$DRM_IOCTL_GEM_CLOSE(r0, 0x40086409, &(0x7f0000000340)={r3})
r4 = socket$xdp(0x2c, 0x3, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (rerun: 64)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000000180)=0x120, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x28}}, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0802000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r7, @ANYBLOB="66dd00aa0fff00"/20, @ANYRES32=r7, @ANYBLOB], 0x44}}, 0x0)

[   84.425524][ T4650] Bluetooth: hci0: command tx timeout
[   84.483775][ T5320] ------------[ cut here ]------------
[   84.486383][ T5320] 1
[   84.486396][ T5320] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x2d1/0x380, CPU#0: syz.0.0/5320
[   84.492885][ T5320] Modules linked in:
[   84.495408][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   84.499771][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   84.504821][ T5320] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[   84.508299][ T5320] Code: 74 10 4c 89 e7 89 54 24 0c e8 bb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 19 0d f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   84.517824][ T5320] RSP: 0018:ffffc9000378f940 EFLAGS: 00010246
[   84.520158][ T5320] RAX: ffffc9000378f900 RBX: 0000000000000016 RCX: 0000000000000000
[   84.523750][ T5320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000378f9a8
[   84.527359][ T5320] RBP: ffffc9000378fa38 R08: ffffc9000378f9a7 R09: 0000000000000000
[   84.531569][ T5320] R10: ffffc9000378f980 R11: fffff520006f1f35 R12: 0000000000000000
[   84.536401][ T5320] R13: 1ffff920006f1f2c R14: 0000000000040cc0 R15: dffffc0000000000
[   84.539811][ T5320] FS:  00007f727349a6c0(0000) GS:ffff88808c888000(0000) knlGS:0000000000000000
[   84.543510][ T5320] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.546463][ T5320] CR2: 00007f7272586400 CR3: 0000000012244000 CR4: 0000000000352ef0
[   84.550357][ T5320] Call Trace:
[   84.552276][ T5320]  <TASK>
[   84.553992][ T5320]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   84.557090][ T5320]  ? __pfx_policy_nodemask+0x10/0x10
[   84.559390][ T5320]  ? __lock_acquire+0x6b5/0x2cf0
[   84.561545][ T5320]  alloc_pages_mpol+0x235/0x490
[   84.563902][ T5320]  ___kmalloc_large_node+0x4e/0x120
[   84.566473][ T5320]  __kmalloc_large_node_noprof+0x18/0x90
[   84.569996][ T5320]  __kmalloc_noprof+0x3e8/0x760
[   84.572917][ T5320]  ? drm_dev_enter+0x49/0x150
[   84.574982][ T5320]  ? drm_syncobj_array_find+0x3a/0x440
[   84.577405][ T5320]  drm_syncobj_array_find+0x3a/0x440
[   84.579860][ T5320]  drm_syncobj_reset_ioctl+0x17b/0x450
[   84.582333][ T5320]  drm_ioctl_kernel+0x2df/0x3b0
[   84.584887][ T5320]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   84.588012][ T5320]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   84.590587][ T5320]  drm_ioctl+0x6ba/0xb80
[   84.592649][ T5320]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   84.595650][ T5320]  ? __pfx_drm_ioctl+0x10/0x10
[   84.598235][ T5320]  ? __fget_files+0x2a/0x420
[   84.601210][ T5320]  ? bpf_lsm_file_ioctl+0x9/0x20
[   84.604198][ T5320]  ? __pfx_drm_ioctl+0x10/0x10
[   84.606489][ T5320]  __se_sys_ioctl+0xfc/0x170
[   84.608582][ T5320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.611367][ T5320]  do_syscall_64+0x15f/0xf80
[   84.613617][ T5320]  ? trace_irq_disable+0x3b/0x140
[   84.616161][ T5320]  ? clear_bhb_loop+0x40/0x90
[   84.619143][ T5320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.622145][ T5320] RIP: 0033:0x7f727259cdd9
[   84.625219][ T5320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.634519][ T5320] RSP: 002b:00007f7273499fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   84.638782][ T5320] RAX: ffffffffffffffda RBX: 00007f7272815fa0 RCX: 00007f727259cdd9
[   84.642231][ T5320] RDX: 0000200000000140 RSI: 00000000c01064c4 RDI: 0000000000000003
[   84.645716][ T5320] RBP: 00007f7272632d69 R08: 0000000000000000 R09: 0000000000000000
[   84.649075][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.653323][ T5320] R13: 00007f7272816038 R14: 00007f7272815fa0 R15: 00007ffd241a3508
[   84.657575][ T5320]  </TASK>
[   84.659169][ T5320] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   84.662518][ T5320] CPU: 0 UID: 0 PID: 5320 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   84.666342][ T5320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   84.670883][ T5320] Call Trace:
[   84.672699][ T5320]  <TASK>
[   84.674300][ T5320]  vpanic+0x56c/0xa60
[   84.676369][ T5320]  ? __pfx__printk+0x10/0x10
[   84.678496][ T5320]  ? __pfx_vpanic+0x10/0x10
[   84.680563][ T5320]  ? is_bpf_text_address+0x292/0x2b0
[   84.683049][ T5320]  ? is_bpf_text_address+0x26/0x2b0
[   84.686034][ T5320]  panic+0xc5/0xd0
[   84.688268][ T5320]  ? __pfx_panic+0x10/0x10
[   84.690538][ T5320]  __warn+0x315/0x4c0
[   84.692424][ T5320]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   84.695127][ T5320]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   84.697811][ T5320]  __report_bug+0x29a/0x540
[   84.699808][ T5320]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   84.702933][ T5320]  ? __pfx___report_bug+0x10/0x10
[   84.705885][ T5320]  ? is_bpf_text_address+0x292/0x2b0
[   84.708265][ T5320]  ? is_bpf_text_address+0x26/0x2b0
[   84.710536][ T5320]  ? kernel_text_address+0xa5/0xe0
[   84.713090][ T5320]  ? __kernel_text_address+0xd/0x30
[   84.716171][ T5320]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[   84.720078][ T5320]  ? arch_stack_walk+0xfb/0x150
[   84.722553][ T5320]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   84.725439][ T5320]  report_bug+0x16a/0x220
[   84.727279][ T5320]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   84.730258][ T5320]  ? __alloc_frozen_pages_noprof+0x2d3/0x380
[   84.733028][ T5320]  handle_bug+0x9c/0x200
[   84.735058][ T5320]  exc_invalid_op+0x1a/0x50
[   84.737161][ T5320]  asm_exc_invalid_op+0x1a/0x20
[   84.739439][ T5320] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[   84.742507][ T5320] Code: 74 10 4c 89 e7 89 54 24 0c e8 bb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 19 0d f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   84.751745][ T5320] RSP: 0018:ffffc9000378f940 EFLAGS: 00010246
[   84.754381][ T5320] RAX: ffffc9000378f900 RBX: 0000000000000016 RCX: 0000000000000000
[   84.758727][ T5320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000378f9a8
[   84.763559][ T5320] RBP: ffffc9000378fa38 R08: ffffc9000378f9a7 R09: 0000000000000000
[   84.767420][ T5320] R10: ffffc9000378f980 R11: fffff520006f1f35 R12: 0000000000000000
[   84.770985][ T5320] R13: 1ffff920006f1f2c R14: 0000000000040cc0 R15: dffffc0000000000
[   84.774503][ T5320]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   84.777342][ T5320]  ? __pfx_policy_nodemask+0x10/0x10
[   84.779966][ T5320]  ? __lock_acquire+0x6b5/0x2cf0
[   84.782785][ T5320]  alloc_pages_mpol+0x235/0x490
[   84.785260][ T5320]  ___kmalloc_large_node+0x4e/0x120
[   84.787626][ T5320]  __kmalloc_large_node_noprof+0x18/0x90
[   84.790031][ T5320]  __kmalloc_noprof+0x3e8/0x760
[   84.792069][ T5320]  ? drm_dev_enter+0x49/0x150
[   84.794205][ T5320]  ? drm_syncobj_array_find+0x3a/0x440
[   84.797370][ T5320]  drm_syncobj_array_find+0x3a/0x440
[   84.800440][ T5320]  drm_syncobj_reset_ioctl+0x17b/0x450
[   84.803237][ T5320]  drm_ioctl_kernel+0x2df/0x3b0
[   84.805327][ T5320]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   84.807824][ T5320]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   84.810126][ T5320]  drm_ioctl+0x6ba/0xb80
[   84.811947][ T5320]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   84.814991][ T5320]  ? __pfx_drm_ioctl+0x10/0x10
[   84.817390][ T5320]  ? __fget_files+0x2a/0x420
[   84.819594][ T5320]  ? bpf_lsm_file_ioctl+0x9/0x20
[   84.821846][ T5320]  ? __pfx_drm_ioctl+0x10/0x10
[   84.823839][ T5320]  __se_sys_ioctl+0xfc/0x170
[   84.825960][ T5320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.829092][ T5320]  do_syscall_64+0x15f/0xf80
[   84.831383][ T5320]  ? trace_irq_disable+0x3b/0x140
[   84.833910][ T5320]  ? clear_bhb_loop+0x40/0x90
[   84.836098][ T5320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.838512][ T5320] RIP: 0033:0x7f727259cdd9
[   84.840330][ T5320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.849447][ T5320] RSP: 002b:00007f7273499fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   84.853315][ T5320] RAX: ffffffffffffffda RBX: 00007f7272815fa0 RCX: 00007f727259cdd9
[   84.856888][ T5320] RDX: 0000200000000140 RSI: 00000000c01064c4 RDI: 0000000000000003
[   84.860387][ T5320] RBP: 00007f7272632d69 R08: 0000000000000000 R09: 0000000000000000
[   84.864207][ T5320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.867779][ T5320] R13: 00007f7272816038 R14: 00007f7272815fa0 R15: 00007ffd241a3508
[   84.871211][ T5320]  </TASK>
[   84.873049][ T5320] Kernel Offset: disabled
[   84.875326][ T5320] Rebooting in 86400 seconds..