program:
syz_usb_connect$cdc_ecm(0x0, 0x59, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000020080082505a1a4400001020301090247000101000000090400000302060000052406000005240000000d240f0101000080ff0f0000000c241b08000700060608003e090582020000000000090503030800"], 0x0) (async)
r0 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000140)={<r1=>0x0, 0x1})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb4}}, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r0, 0xc01864cb, &(0x7f0000000180)={&(0x7f0000000080)=[r1], 0x0, 0x1, 0x1}) (async)
r3 = syz_open_dev$usbfs(&(0x7f0000000180), 0x10000001d, 0x8041)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200)=@usbdevfs_connect) (async)
syz_usb_connect$uac2(0x1, 0xfb, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x582, 0x7d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe9, 0x3, 0x1, 0x0, 0x80, 0x0, {0x8, 0xb, 0x0, 0x1, 0x1, 0x2, 0x20, 0x7f}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0xc1, 0x2, 0x2f, 0xf9}, [@multiply_unit={0x7, 0x24, 0xc, 0x9, 0x5, 0x10, 0x2}, @source_unit={0x8, 0x24, 0xa, 0x7f, 0x1, 0x7, 0x95}, @extension_unit={0xc, 0x24, 0x9, 0x6, 0x8, 0xf8, "d453be3679"}, @processing_unit={0xb, 0x24, 0x8, 0x5, 0x2, [0x0, 0x0, 0x0]}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_i_descriptor={0x6, 0x24, 0x2, 0x1, 0x4, 0x9}, @as_header={0x10, 0x24, 0x1, 0xf9, 0x2, 0x0, 0x2, 0x5, 0x5}, @format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0x9, 0x5, 0x1, "e39dec59da00e0"}, @format_type_i_ext={0x9, 0x24, 0x2, 0x1, 0xe, 0x8, 0xf, 0x8, 0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x0, 0x6, 0x7f, {0x8, 0x25, 0x1, 0x83, 0x33, 0x77, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {[@format_type_i_discrete={0xd, 0x24, 0x2, 0x1, 0xef, 0x4, 0x0, 0x2, "d88cf25716"}, @format_type_i_discrete={0x10, 0x24, 0x2, 0x1, 0x7, 0x3, 0x9, 0x0, "54da69708ac5c680"}, @format_type_i_descriptor={0x6, 0x24, 0x2, 0x1, 0x33afef19f9a4e444, 0xe4}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x9, 0x4, 0x7, 0x2}]}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0xa, 0xd, 0x9, {0x8, 0x25, 0x1, 0x83, 0xc, 0x7, 0x30}}}}}}}}]}}, &(0x7f00000001c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x250, 0x40, 0x9, 0x8, 0xff, 0xef}, 0x0, 0xfffffffffffffffd, 0x1, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x13}}]}) (async)
r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000003c0), 0x200, 0x0) (async)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r5, &(0x7f0000001e40)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0}}, {{&(0x7f00000003c0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@dstopts_2292={{0x12}}], 0x18}}], 0x2, 0x0) (async)
ioctl$CDROMREADMODE2(r4, 0x530c, 0x0)

[  102.202157][ T5294] Bluetooth: hci0: command tx timeout
[  102.429172][ T5334] ------------[ cut here ]------------
[  102.432021][ T5334] 1
[  102.432033][ T5334] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x2d1/0x380, CPU#0: syz.0.0/5334
[  102.437901][ T5334] Modules linked in:
[  102.439956][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  102.444354][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  102.449085][ T5334] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[  102.452182][ T5334] Code: 74 10 4c 89 e7 89 54 24 0c e8 fb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 5b 22 f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  102.460779][ T5334] RSP: 0018:ffffc9000d08f8a0 EFLAGS: 00010246
[  102.463689][ T5334] RAX: ffffc9000d08f800 RBX: 0000000000000014 RCX: 0000000000000000
[  102.467290][ T5334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d08f908
[  102.470879][ T5334] RBP: ffffc9000d08f990 R08: ffffc9000d08f907 R09: 0000000000000000
[  102.474444][ T5334] R10: ffffc9000d08f8e0 R11: fffff52001a11f21 R12: 0000000000000000
[  102.478041][ T5334] R13: 1ffff92001a11f18 R14: 0000000000040cc0 R15: dffffc0000000000
[  102.481718][ T5334] FS:  00007f2f56a386c0(0000) GS:ffff88808c87e000(0000) knlGS:0000000000000000
[  102.485832][ T5334] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  102.488818][ T5334] CR2: 00007f2f56a17d58 CR3: 0000000012f84000 CR4: 0000000000352ef0
[  102.492305][ T5334] Call Trace:
[  102.493845][ T5334]  <TASK>
[  102.495386][ T5334]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  102.498136][ T5334]  ? __pfx_policy_nodemask+0x10/0x10
[  102.500524][ T5334]  ? kasan_save_track+0x4f/0x80
[  102.502825][ T5334]  ? kasan_save_track+0x3e/0x80
[  102.504986][ T5334]  ? kasan_save_free_info+0x46/0x50
[  102.507154][ T5334]  ? kfree+0x1c5/0x640
[  102.508992][ T5334]  ? tomoyo_path_number_perm+0x501/0x630
[  102.511600][ T5334]  ? security_file_ioctl+0xc3/0x2a0
[  102.513906][ T5334]  ? __se_sys_ioctl+0x47/0x170
[  102.516044][ T5334]  alloc_pages_mpol+0x235/0x490
[  102.518160][ T5334]  ___kmalloc_large_node+0x4e/0x120
[  102.520596][ T5334]  __kmalloc_large_node_noprof+0x18/0x90
[  102.523108][ T5334]  __kmalloc_noprof+0x3e8/0x760
[  102.525235][ T5334]  ? drm_syncobj_array_find+0x3a/0x440
[  102.528016][ T5334]  drm_syncobj_array_find+0x3a/0x440
[  102.530497][ T5334]  drm_syncobj_query_ioctl+0x1c3/0xae0
[  102.533063][ T5334]  ? drm_dev_enter+0x49/0x150
[  102.535272][ T5334]  ? __pfx_drm_syncobj_query_ioctl+0x10/0x10
[  102.537762][ T5334]  drm_ioctl_kernel+0x2df/0x3b0
[  102.539822][ T5334]  ? __pfx_drm_syncobj_query_ioctl+0x10/0x10
[  102.542937][ T5334]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  102.545219][ T5334]  drm_ioctl+0x6ba/0xb80
[  102.546985][ T5334]  ? __fget_files+0x2a/0x420
[  102.549404][ T5334]  ? __pfx_drm_syncobj_query_ioctl+0x10/0x10
[  102.552300][ T5334]  ? __pfx_drm_ioctl+0x10/0x10
[  102.554465][ T5334]  ? __fget_files+0x2a/0x420
[  102.556516][ T5334]  ? bpf_lsm_file_ioctl+0x9/0x20
[  102.558778][ T5334]  ? __pfx_drm_ioctl+0x10/0x10
[  102.561014][ T5334]  __se_sys_ioctl+0xfc/0x170
[  102.563198][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.565840][ T5334]  do_syscall_64+0x15f/0xf80
[  102.567915][ T5334]  ? trace_irq_disable+0x3b/0x140
[  102.570167][ T5334]  ? clear_bhb_loop+0x40/0x90
[  102.572409][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.575141][ T5334] RIP: 0033:0x7f2f55b9ce59
[  102.577138][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.585274][ T5334] RSP: 002b:00007f2f56a37fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.589042][ T5334] RAX: ffffffffffffffda RBX: 00007f2f55e16090 RCX: 00007f2f55b9ce59
[  102.592565][ T5334] RDX: 0000200000000180 RSI: 00000000c01864cb RDI: 0000000000000004
[  102.595985][ T5334] RBP: 00007f2f55c32d6f R08: 0000000000000000 R09: 0000000000000000
[  102.599427][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.602963][ T5334] R13: 00007f2f55e16128 R14: 00007f2f55e16090 R15: 00007fffaaa04ac8
[  102.606439][ T5334]  </TASK>
[  102.607891][ T5334] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  102.611197][ T5334] CPU: 0 UID: 0 PID: 5334 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  102.615125][ T5334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  102.619618][ T5334] Call Trace:
[  102.621175][ T5334]  <TASK>
[  102.622527][ T5334]  vpanic+0x56c/0xa60
[  102.624331][ T5334]  ? __pfx__printk+0x10/0x10
[  102.626387][ T5334]  ? __pfx_vpanic+0x10/0x10
[  102.628412][ T5334]  ? is_bpf_text_address+0x292/0x2b0
[  102.630693][ T5334]  ? is_bpf_text_address+0x26/0x2b0
[  102.633012][ T5334]  panic+0xc5/0xd0
[  102.634733][ T5334]  ? __pfx_panic+0x10/0x10
[  102.636713][ T5334]  __warn+0x315/0x4c0
[  102.638557][ T5334]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  102.641294][ T5334]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  102.643984][ T5334]  __report_bug+0x29a/0x540
[  102.646077][ T5334]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  102.648721][ T5334]  ? __pfx___report_bug+0x10/0x10
[  102.650871][ T5334]  ? is_bpf_text_address+0x26/0x2b0
[  102.653149][ T5334]  ? is_bpf_text_address+0x292/0x2b0
[  102.656348][ T5334]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  102.659097][ T5334]  report_bug+0x16a/0x220
[  102.661008][ T5334]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  102.663434][ T5334]  ? __alloc_frozen_pages_noprof+0x2d3/0x380
[  102.665934][ T5334]  handle_bug+0x9c/0x200
[  102.667816][ T5334]  exc_invalid_op+0x1a/0x50
[  102.669888][ T5334]  asm_exc_invalid_op+0x1a/0x20
[  102.672126][ T5334] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[  102.675046][ T5334] Code: 74 10 4c 89 e7 89 54 24 0c e8 fb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 5b 22 f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  102.683470][ T5334] RSP: 0018:ffffc9000d08f8a0 EFLAGS: 00010246
[  102.686260][ T5334] RAX: ffffc9000d08f800 RBX: 0000000000000014 RCX: 0000000000000000
[  102.689690][ T5334] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d08f908
[  102.693372][ T5334] RBP: ffffc9000d08f990 R08: ffffc9000d08f907 R09: 0000000000000000
[  102.697027][ T5334] R10: ffffc9000d08f8e0 R11: fffff52001a11f21 R12: 0000000000000000
[  102.700651][ T5334] R13: 1ffff92001a11f18 R14: 0000000000040cc0 R15: dffffc0000000000
[  102.704207][ T5334]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  102.706879][ T5334]  ? __pfx_policy_nodemask+0x10/0x10
[  102.709220][ T5334]  ? kasan_save_track+0x4f/0x80
[  102.711352][ T5334]  ? kasan_save_track+0x3e/0x80
[  102.713481][ T5334]  ? kasan_save_free_info+0x46/0x50
[  102.715884][ T5334]  ? kfree+0x1c5/0x640
[  102.717808][ T5334]  ? tomoyo_path_number_perm+0x501/0x630
[  102.720384][ T5334]  ? security_file_ioctl+0xc3/0x2a0
[  102.722825][ T5334]  ? __se_sys_ioctl+0x47/0x170
[  102.724982][ T5334]  alloc_pages_mpol+0x235/0x490
[  102.727296][ T5334]  ___kmalloc_large_node+0x4e/0x120
[  102.729808][ T5334]  __kmalloc_large_node_noprof+0x18/0x90
[  102.732473][ T5334]  __kmalloc_noprof+0x3e8/0x760
[  102.734691][ T5334]  ? drm_syncobj_array_find+0x3a/0x440
[  102.737229][ T5334]  drm_syncobj_array_find+0x3a/0x440
[  102.739497][ T5334]  drm_syncobj_query_ioctl+0x1c3/0xae0
[  102.741889][ T5334]  ? drm_dev_enter+0x49/0x150
[  102.744041][ T5334]  ? __pfx_drm_syncobj_query_ioctl+0x10/0x10
[  102.746707][ T5334]  drm_ioctl_kernel+0x2df/0x3b0
[  102.748918][ T5334]  ? __pfx_drm_syncobj_query_ioctl+0x10/0x10
[  102.751503][ T5334]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  102.753782][ T5334]  drm_ioctl+0x6ba/0xb80
[  102.755616][ T5334]  ? __fget_files+0x2a/0x420
[  102.757649][ T5334]  ? __pfx_drm_syncobj_query_ioctl+0x10/0x10
[  102.760324][ T5334]  ? __pfx_drm_ioctl+0x10/0x10
[  102.762455][ T5334]  ? __fget_files+0x2a/0x420
[  102.764485][ T5334]  ? bpf_lsm_file_ioctl+0x9/0x20
[  102.766646][ T5334]  ? __pfx_drm_ioctl+0x10/0x10
[  102.768698][ T5334]  __se_sys_ioctl+0xfc/0x170
[  102.770726][ T5334]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.773410][ T5334]  do_syscall_64+0x15f/0xf80
[  102.775511][ T5334]  ? trace_irq_disable+0x3b/0x140
[  102.777683][ T5334]  ? clear_bhb_loop+0x40/0x90
[  102.779866][ T5334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.782372][ T5334] RIP: 0033:0x7f2f55b9ce59
[  102.784389][ T5334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.792476][ T5334] RSP: 002b:00007f2f56a37fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  102.796102][ T5334] RAX: ffffffffffffffda RBX: 00007f2f55e16090 RCX: 00007f2f55b9ce59
[  102.799589][ T5334] RDX: 0000200000000180 RSI: 00000000c01864cb RDI: 0000000000000004
[  102.803058][ T5334] RBP: 00007f2f55c32d6f R08: 0000000000000000 R09: 0000000000000000
[  102.806389][ T5334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.809893][ T5334] R13: 00007f2f55e16128 R14: 00007f2f55e16090 R15: 00007fffaaa04ac8
[  102.813369][ T5334]  </TASK>
[  102.815243][ T5334] Kernel Offset: disabled
[  102.817255][ T5334] Rebooting in 86400 seconds..