program:
r0 = socket(0x29, 0x6, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0) (async)
syz_emit_ethernet(0x4e, &(0x7f0000002e40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd607418dd02183afffe8000000000000000000000000000bbff0200000000000000000000000000018900907800000000fe880000000000000000000000000001"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xfff3}, {0xb, 0xffff}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0x6}}]}, 0x38}}, 0x44080) (async)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x2, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000000140)={0x0, 0x40, 0x4, {0x2, @raw_data="3d924b8271394fa4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae50511ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed33147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc3310200970349a3c1374ffec96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a7"}}) (async)
r5 = syz_open_dev$ndb(&(0x7f0000000300), 0x0, 0x128400)
r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
poll(&(0x7f0000000780)=[{r5, 0x80}, {r6, 0xc112}], 0x2, 0x4) (async, rerun: 32)
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000004c0)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "0004f42d"}, 0x0, 0x4, {<r7=>0xffffffffffffffff}, 0x0, 0x0, <r8=>0xffffffffffffffff}) (rerun: 32)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'lo\x00', <r11=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r5, 0xc01064c2, &(0x7f0000000540)={<r12=>0x0}) (async, rerun: 64)
r13 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03) (rerun: 64)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r13, 0xc00864bf, &(0x7f0000000000)={<r14=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r13, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000440)=[0x0, 0x0, 0x0, r14, r14, 0x0, 0x0, 0x0, 0x0], 0x0, 0x3ffffe9e}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r13, 0xc01864cb, &(0x7f0000000500)={&(0x7f0000000300)=[r14, r14], &(0x7f0000000480), 0x2}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r7, 0xc01064c2, &(0x7f0000000580)={<r15=>0x0, 0x0, r8}) (async)
r16 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r16, 0xc00864bf, &(0x7f0000000000)={<r17=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r16, 0xc03064ca, &(0x7f00000000c0)={&(0x7f0000000040)=[r17], 0xfffffffffffffffe, 0xfffffffffffeffff, 0x1, 0xb}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(0xffffffffffffffff, 0xc03064ca, &(0x7f0000000640)={&(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r12, r14, r15, r17], &(0x7f0000000600)=[0xffffffffffffffca, 0x9, 0x0, 0xfffffffffffffffc, 0x10001], 0xe, 0xa, 0x3}) (async)
r18 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x9, 0x0, 0x40, 0xfff}, {0x8001, 0x3, 0x6, 0xffff}, {0xfffb, 0x7, 0x3c, 0x1ff}, {0x0, 0x6, 0x2, 0x10}, {0x5, 0x7f, 0x80, 0xd}, {0x6, 0x2, 0x3, 0x6}, {0x0, 0x63, 0xa, 0xffffbae6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r18, 0xc0502100, &(0x7f0000000340))
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0xfc, 0x0, 0x1, 0xffffffff}}}}]}, 0x4c}}, 0x0)

[   76.272689][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[   76.275531][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[   74.825943][ T5336] Bluetooth: hci0: command tx timeout
[   74.964750][ T5358] ------------[ cut here ]------------
[   74.967161][ T5358] WARNING: CPU: 0 PID: 5358 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370
[   74.971904][ T5358] Modules linked in:
[   74.973705][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   74.977639][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.982585][ T5358] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   74.985482][ T5358] Code: 74 10 4c 89 e7 89 54 24 0c e8 64 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 a9 0c 96 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   74.993818][ T5358] RSP: 0018:ffffc9000d547940 EFLAGS: 00010246
[   74.996956][ T5358] RAX: ffffc9000d547900 RBX: 0000000000000014 RCX: 0000000000000000
[   75.000912][ T5358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d5479a8
[   75.004449][ T5358] RBP: ffffc9000d547a40 R08: ffffc9000d5479a7 R09: 0000000000000000
[   75.007933][ T5358] R10: ffffc9000d547980 R11: fffff52001aa8f35 R12: 0000000000000000
[   75.011504][ T5358] R13: 1ffff92001aa8f2c R14: 0000000000040cc0 R15: dffffc0000000000
[   75.014942][ T5358] FS:  00007fd8314e06c0(0000) GS:ffff88808d00a000(0000) knlGS:0000000000000000
[   75.018746][ T5358] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   75.021408][ T5358] CR2: 00007fd83149ed58 CR3: 0000000033e49000 CR4: 0000000000352ef0
[   75.024663][ T5358] Call Trace:
[   75.026043][ T5358]  <TASK>
[   75.027285][ T5358]  ? kasan_save_track+0x3e/0x80
[   75.029546][ T5358]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   75.032380][ T5358]  ? security_file_ioctl+0xcb/0x2d0
[   75.034729][ T5358]  ? policy_nodemask+0x27c/0x720
[   75.036994][ T5358]  alloc_pages_mpol+0x232/0x4a0
[   75.039293][ T5358]  ___kmalloc_large_node+0x5f/0x1b0
[   75.041687][ T5358]  __kmalloc_large_node_noprof+0x18/0x90
[   75.044233][ T5358]  __kmalloc_noprof+0x36f/0x4f0
[   75.046388][ T5358]  ? drm_syncobj_array_find+0x3a/0x450
[   75.048891][ T5358]  drm_syncobj_array_find+0x3a/0x450
[   75.051118][ T5358]  drm_syncobj_timeline_signal_ioctl+0x14e/0x7d0
[   75.053897][ T5358]  ? drm_dev_exit+0x3a/0x60
[   75.055983][ T5358]  drm_ioctl_kernel+0x2cf/0x390
[   75.058377][ T5358]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   75.061442][ T5358]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   75.063856][ T5358]  drm_ioctl+0x67f/0xb10
[   75.065752][ T5358]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   75.068853][ T5358]  ? __pfx_drm_ioctl+0x10/0x10
[   75.070925][ T5358]  ? __fget_files+0x2a/0x420
[   75.072920][ T5358]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.075143][ T5358]  ? __pfx_drm_ioctl+0x10/0x10
[   75.077310][ T5358]  __se_sys_ioctl+0xf9/0x170
[   75.079652][ T5358]  do_syscall_64+0xfa/0x3b0
[   75.081759][ T5358]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.084138][ T5358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.086870][ T5358]  ? clear_bhb_loop+0x60/0xb0
[   75.088956][ T5358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.091360][ T5358] RIP: 0033:0x7fd83058eba9
[   75.093176][ T5358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.101603][ T5358] RSP: 002b:00007fd8314e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.105319][ T5358] RAX: ffffffffffffffda RBX: 00007fd8307d6090 RCX: 00007fd83058eba9
[   75.109226][ T5358] RDX: 0000200000000180 RSI: 00000000c01864cd RDI: 000000000000000c
[   75.112781][ T5358] RBP: 00007fd830611e19 R08: 0000000000000000 R09: 0000000000000000
[   75.116304][ T5358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.119911][ T5358] R13: 00007fd8307d6128 R14: 00007fd8307d6090 R15: 00007ffc66fc8618
[   75.123421][ T5358]  </TASK>
[   75.124822][ T5358] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   75.127929][ T5358] CPU: 0 UID: 0 PID: 5358 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   75.131907][ T5358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.136518][ T5358] Call Trace:
[   75.138010][ T5358]  <TASK>
[   75.139327][ T5358]  dump_stack_lvl+0x99/0x250
[   75.141402][ T5358]  ? __asan_memcpy+0x40/0x70
[   75.143485][ T5358]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.145821][ T5358]  ? __pfx__printk+0x10/0x10
[   75.147908][ T5358]  vpanic+0x281/0x750
[   75.149746][ T5358]  ? __pfx__printk+0x10/0x10
[   75.151854][ T5358]  ? __pfx_vpanic+0x10/0x10
[   75.153914][ T5358]  ? is_bpf_text_address+0x26/0x2b0
[   75.156242][ T5358]  panic+0xb9/0xc0
[   75.157893][ T5358]  ? __pfx_panic+0x10/0x10
[   75.159945][ T5358]  __warn+0x31b/0x4b0
[   75.161625][ T5358]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   75.164312][ T5358]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   75.166987][ T5358]  report_bug+0x2be/0x4f0
[   75.168922][ T5358]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   75.171648][ T5358]  ? __alloc_frozen_pages_noprof+0x2c8/0x370
[   75.174305][ T5358]  ? __alloc_frozen_pages_noprof+0x2ca/0x370
[   75.176982][ T5358]  handle_bug+0x84/0x160
[   75.178859][ T5358]  exc_invalid_op+0x1a/0x50
[   75.180973][ T5358]  asm_exc_invalid_op+0x1a/0x20
[   75.183180][ T5358] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370
[   75.186080][ T5358] Code: 74 10 4c 89 e7 89 54 24 0c e8 64 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 a9 0c 96 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   75.194716][ T5358] RSP: 0018:ffffc9000d547940 EFLAGS: 00010246
[   75.197450][ T5358] RAX: ffffc9000d547900 RBX: 0000000000000014 RCX: 0000000000000000
[   75.201064][ T5358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d5479a8
[   75.204591][ T5358] RBP: ffffc9000d547a40 R08: ffffc9000d5479a7 R09: 0000000000000000
[   75.208111][ T5358] R10: ffffc9000d547980 R11: fffff52001aa8f35 R12: 0000000000000000
[   75.211663][ T5358] R13: 1ffff92001aa8f2c R14: 0000000000040cc0 R15: dffffc0000000000
[   75.215136][ T5358]  ? kasan_save_track+0x3e/0x80
[   75.217222][ T5358]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   75.219946][ T5358]  ? security_file_ioctl+0xcb/0x2d0
[   75.222221][ T5358]  ? policy_nodemask+0x27c/0x720
[   75.224476][ T5358]  alloc_pages_mpol+0x232/0x4a0
[   75.226643][ T5358]  ___kmalloc_large_node+0x5f/0x1b0
[   75.229010][ T5358]  __kmalloc_large_node_noprof+0x18/0x90
[   75.231561][ T5358]  __kmalloc_noprof+0x36f/0x4f0
[   75.233797][ T5358]  ? drm_syncobj_array_find+0x3a/0x450
[   75.236263][ T5358]  drm_syncobj_array_find+0x3a/0x450
[   75.238547][ T5358]  drm_syncobj_timeline_signal_ioctl+0x14e/0x7d0
[   75.241326][ T5358]  ? drm_dev_exit+0x3a/0x60
[   75.243380][ T5358]  drm_ioctl_kernel+0x2cf/0x390
[   75.245569][ T5358]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   75.248559][ T5358]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   75.250977][ T5358]  drm_ioctl+0x67f/0xb10
[   75.252919][ T5358]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   75.255972][ T5358]  ? __pfx_drm_ioctl+0x10/0x10
[   75.258081][ T5358]  ? __fget_files+0x2a/0x420
[   75.260120][ T5358]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.262233][ T5358]  ? __pfx_drm_ioctl+0x10/0x10
[   75.264309][ T5358]  __se_sys_ioctl+0xf9/0x170
[   75.266350][ T5358]  do_syscall_64+0xfa/0x3b0
[   75.268356][ T5358]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.270734][ T5358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.273462][ T5358]  ? clear_bhb_loop+0x60/0xb0
[   75.275589][ T5358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.278228][ T5358] RIP: 0033:0x7fd83058eba9
[   75.280281][ T5358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.288742][ T5358] RSP: 002b:00007fd8314e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.292477][ T5358] RAX: ffffffffffffffda RBX: 00007fd8307d6090 RCX: 00007fd83058eba9
[   75.295977][ T5358] RDX: 0000200000000180 RSI: 00000000c01864cd RDI: 000000000000000c
[   75.299462][ T5358] RBP: 00007fd830611e19 R08: 0000000000000000 R09: 0000000000000000
[   75.302915][ T5358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.306404][ T5358] R13: 00007fd8307d6128 R14: 00007fd8307d6090 R15: 00007ffc66fc8618
[   75.309956][ T5358]  </TASK>
[   75.311711][ T5358] Kernel Offset: disabled
[   75.313607][ T5358] Rebooting in 86400 seconds..