program:
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000)
ioctl$DRM_IOCTL_SYNCOBJ_RESET(r0, 0xc01064c4, &(0x7f0000000080)={0x0, 0xffffffffffffff6f})
r1 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
ioctl$FIONCLEX(r1, 0x5450)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x34}}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2800, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
getsockopt$EBT_SO_GET_INFO(r5, 0x0, 0x80, &(0x7f00000001c0)={'broute\x00', 0x0, 0x0, 0x0, [0x1000, 0x9, 0x10000, 0x1, 0xe6b, 0x5]}, &(0x7f0000000240)=0x78)

[   68.845015][ T5334] Bluetooth: hci0: command tx timeout
[   68.881952][ T5354] ------------[ cut here ]------------
[   68.884384][ T5354] WARNING: CPU: 0 PID: 5354 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370
[   68.889626][ T5354] Modules linked in:
[   68.892653][ T5354] CPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   68.906299][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.911652][ T5354] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   68.914466][ T5354] Code: 74 10 4c 89 e7 89 54 24 0c e8 c4 1d 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 8e 07 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   68.923755][ T5354] RSP: 0018:ffffc9000d607960 EFLAGS: 00010246
[   68.926715][ T5354] RAX: ffffc9000d607900 RBX: 0000000000000016 RCX: 0000000000000000
[   68.930654][ T5354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d6079c8
[   68.934150][ T5354] RBP: ffffc9000d607a60 R08: ffffc9000d6079c7 R09: 0000000000000000
[   68.937647][ T5354] R10: ffffc9000d6079a0 R11: fffff52001ac0f39 R12: 0000000000000000
[   68.941509][ T5354] R13: 1ffff92001ac0f30 R14: 0000000000040cc0 R15: dffffc0000000000
[   68.945227][ T5354] FS:  00007fa37b3ed6c0(0000) GS:ffff88808d210000(0000) knlGS:0000000000000000
[   68.949346][ T5354] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.952339][ T5354] CR2: 00007fa37f1a7148 CR3: 0000000043679000 CR4: 0000000000352ef0
[   68.955815][ T5354] Call Trace:
[   68.957470][ T5354]  <TASK>
[   68.958944][ T5354]  ? __kasan_slab_free+0x5b/0x80
[   68.961240][ T5354]  ? tomoyo_path_number_perm+0x47a/0x5a0
[   68.964079][ T5354]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   68.967210][ T5354]  ? policy_nodemask+0x27c/0x720
[   68.969691][ T5354]  alloc_pages_mpol+0x232/0x4a0
[   68.971854][ T5354]  ___kmalloc_large_node+0x5f/0x1b0
[   68.974214][ T5354]  __kmalloc_large_node_noprof+0x18/0x90
[   68.976687][ T5354]  __kmalloc_noprof+0x36f/0x4f0
[   68.978949][ T5354]  ? drm_syncobj_array_find+0x3a/0x450
[   68.981291][ T5354]  drm_syncobj_array_find+0x3a/0x450
[   68.983550][ T5354]  drm_syncobj_reset_ioctl+0x16b/0x2f0
[   68.986058][ T5354]  drm_ioctl_kernel+0x2cf/0x390
[   68.988192][ T5354]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   68.991000][ T5354]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   68.993496][ T5354]  drm_ioctl+0x67f/0xb10
[   68.995764][ T5354]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   68.998804][ T5354]  ? __pfx_drm_ioctl+0x10/0x10
[   69.000774][ T5354]  ? __fget_files+0x2a/0x420
[   69.002735][ T5354]  ? bpf_lsm_file_ioctl+0x9/0x20
[   69.004800][ T5354]  ? __pfx_drm_ioctl+0x10/0x10
[   69.006845][ T5354]  __se_sys_ioctl+0xf9/0x170
[   69.008895][ T5354]  do_syscall_64+0xfa/0x3b0
[   69.010907][ T5354]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.013155][ T5354]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.015938][ T5354]  ? clear_bhb_loop+0x60/0xb0
[   69.018281][ T5354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.021003][ T5354] RIP: 0033:0x7fa37ef8ebe9
[   69.023024][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.031431][ T5354] RSP: 002b:00007fa37b3ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.035029][ T5354] RAX: ffffffffffffffda RBX: 00007fa37f1b5fa0 RCX: 00007fa37ef8ebe9
[   69.038483][ T5354] RDX: 0000200000000080 RSI: 00000000c01064c4 RDI: 0000000000000003
[   69.042048][ T5354] RBP: 00007fa37f011e19 R08: 0000000000000000 R09: 0000000000000000
[   69.045404][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.049189][ T5354] R13: 00007fa37f1b6038 R14: 00007fa37f1b5fa0 R15: 00007ffdfc0c3f28
[   69.052839][ T5354]  </TASK>
[   69.054248][ T5354] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   69.057228][ T5354] CPU: 0 UID: 0 PID: 5354 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   69.060882][ T5354] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   69.065393][ T5354] Call Trace:
[   69.066842][ T5354]  <TASK>
[   69.068138][ T5354]  dump_stack_lvl+0x99/0x250
[   69.070183][ T5354]  ? __asan_memcpy+0x40/0x70
[   69.072242][ T5354]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.074409][ T5354]  ? __pfx__printk+0x10/0x10
[   69.076478][ T5354]  vpanic+0x281/0x750
[   69.078302][ T5354]  ? __pfx__printk+0x10/0x10
[   69.080161][ T5354]  ? __pfx_vpanic+0x10/0x10
[   69.082051][ T5354]  ? is_bpf_text_address+0x26/0x2b0
[   69.084305][ T5354]  panic+0xb9/0xc0
[   69.085952][ T5354]  ? __pfx_panic+0x10/0x10
[   69.087898][ T5354]  __warn+0x31b/0x4b0
[   69.089636][ T5354]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.092088][ T5354]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.094649][ T5354]  report_bug+0x2be/0x4f0
[   69.096484][ T5354]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.099275][ T5354]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   69.101976][ T5354]  ? __alloc_frozen_pages_noprof+0x2ca/0x370
[   69.104557][ T5354]  handle_bug+0x84/0x160
[   69.106352][ T5354]  exc_invalid_op+0x1a/0x50
[   69.108311][ T5354]  asm_exc_invalid_op+0x1a/0x20
[   69.110366][ T5354] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   69.113208][ T5354] Code: 74 10 4c 89 e7 89 54 24 0c e8 c4 1d 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 8e 07 76 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   69.121841][ T5354] RSP: 0018:ffffc9000d607960 EFLAGS: 00010246
[   69.124512][ T5354] RAX: ffffc9000d607900 RBX: 0000000000000016 RCX: 0000000000000000
[   69.127816][ T5354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d6079c8
[   69.131098][ T5354] RBP: ffffc9000d607a60 R08: ffffc9000d6079c7 R09: 0000000000000000
[   69.134433][ T5354] R10: ffffc9000d6079a0 R11: fffff52001ac0f39 R12: 0000000000000000
[   69.137674][ T5354] R13: 1ffff92001ac0f30 R14: 0000000000040cc0 R15: dffffc0000000000
[   69.141125][ T5354]  ? __kasan_slab_free+0x5b/0x80
[   69.143370][ T5354]  ? tomoyo_path_number_perm+0x47a/0x5a0
[   69.146048][ T5354]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   69.148894][ T5354]  ? policy_nodemask+0x27c/0x720
[   69.151091][ T5354]  alloc_pages_mpol+0x232/0x4a0
[   69.153296][ T5354]  ___kmalloc_large_node+0x5f/0x1b0
[   69.155628][ T5354]  __kmalloc_large_node_noprof+0x18/0x90
[   69.158066][ T5354]  __kmalloc_noprof+0x36f/0x4f0
[   69.159999][ T5354]  ? drm_syncobj_array_find+0x3a/0x450
[   69.161987][ T5354]  drm_syncobj_array_find+0x3a/0x450
[   69.164239][ T5354]  drm_syncobj_reset_ioctl+0x16b/0x2f0
[   69.166437][ T5354]  drm_ioctl_kernel+0x2cf/0x390
[   69.168825][ T5354]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   69.171467][ T5354]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   69.173796][ T5354]  drm_ioctl+0x67f/0xb10
[   69.175722][ T5354]  ? __pfx_drm_syncobj_reset_ioctl+0x10/0x10
[   69.178116][ T5354]  ? __pfx_drm_ioctl+0x10/0x10
[   69.179912][ T5354]  ? __fget_files+0x2a/0x420
[   69.181938][ T5354]  ? bpf_lsm_file_ioctl+0x9/0x20
[   69.184165][ T5354]  ? __pfx_drm_ioctl+0x10/0x10
[   69.186270][ T5354]  __se_sys_ioctl+0xf9/0x170
[   69.188157][ T5354]  do_syscall_64+0xfa/0x3b0
[   69.190154][ T5354]  ? lockdep_hardirqs_on+0x9c/0x150
[   69.192366][ T5354]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.194638][ T5354]  ? clear_bhb_loop+0x60/0xb0
[   69.196624][ T5354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.199360][ T5354] RIP: 0033:0x7fa37ef8ebe9
[   69.201542][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.209833][ T5354] RSP: 002b:00007fa37b3ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.213498][ T5354] RAX: ffffffffffffffda RBX: 00007fa37f1b5fa0 RCX: 00007fa37ef8ebe9
[   69.216951][ T5354] RDX: 0000200000000080 RSI: 00000000c01064c4 RDI: 0000000000000003
[   69.220510][ T5354] RBP: 00007fa37f011e19 R08: 0000000000000000 R09: 0000000000000000
[   69.224226][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.227913][ T5354] R13: 00007fa37f1b6038 R14: 00007fa37f1b5fa0 R15: 00007ffdfc0c3f28
[   69.231398][ T5354]  </TASK>
[   69.233166][ T5354] Kernel Offset: disabled
[   69.235028][ T5354] Rebooting in 86400 seconds..