program:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000140)={<r1=>0x0}) (async)
ioctl$DRM_IOCTL_PANTHOR_BO_CREATE(0xffffffffffffffff, 0xc0186445, &(0x7f00000001c0)={0x6, 0x2, 0x0, <r2=>0x0})
r3 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x40502)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r3, 0xc00864bf, &(0x7f0000000100)={<r4=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r3, 0xc03064ca, &(0x7f0000000b40)={&(0x7f0000000ac0)=[r4], 0x0, 0x0, 0x1, 0x1}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000200)={<r5=>0x0}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000240)={<r6=>0x0}) (async)
r7 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r7)
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r9, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000600)={r10, 0x0, 0x0, 0x0, 0x0, [<r11=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r7, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xae, 0x3ff, 0x34325241, 0x3, [r11], [0x2b8]}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f00000002c0)={<r12=>0x0})
ioctl$DRM_IOCTL_PANTHOR_BO_QUERY_INFO(0xffffffffffffffff, 0xc0106450, &(0x7f0000000340)={<r13=>0x0, 0x0, 0x3}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000380)={<r14=>0x0})
r15 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x40502)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r15, 0xc00864bf, &(0x7f0000000000)={<r16=>0x0, 0x1})
r17 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r17, 0xc00864bf, &(0x7f0000000140)={<r18=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r17, 0xc03064ca, &(0x7f00000000c0)={&(0x7f0000000200)=[r16, r18], 0x0, 0xa00000000000, 0x2, 0x6}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_SIGNAL(r17, 0xc01064c5, &(0x7f00000003c0)={&(0x7f0000000540)=[r16], 0x1}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f00000003c0)={<r19=>0x0}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000400)={<r20=>0x0}) (async)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000440)={<r21=>0x0})
ioctl$DRM_IOCTL_PANTHOR_VM_BIND(0xffffffffffffffff, 0xc0186443, &(0x7f00000005c0)={0x0, 0x0, {0x30, 0x4, &(0x7f0000000500)=[{0x2, 0x0, 0x6, 0x1, 0x35, {0x10, 0x1, &(0x7f0000000180)=[{0x1, r1, 0x3}]}}, {0x20000000, r2, 0xffffffffffffffff, 0xc, 0x6, {0x10, 0x3, &(0x7f0000000280)=[{0x1, r4, 0x6}, {0x1, r5, 0x7f}, {0xff, r6, 0xf1}]}}, {0x1, r11, 0x0, 0xffffffff, 0x5, {0x10, 0x2, &(0x7f0000000040)=[{0x0, r12, 0xb37}, {0x0, r21, 0x7fff}]}}, {0xf0000003, r13, 0x1, 0xe9, 0xffffffffffffff2d, {0x10, 0x5, &(0x7f0000000480)=[{0x80000000, r14}, {0x1, r16, 0x5}, {0xff, r19, 0x5}, {0x0, r20, 0x1}, {0xff, r21, 0x8}]}}]}}) (async)
reboot(0xfee1dead, 0x28121969, 0x89abcdef, 0x0)

[   76.585090][ T5321] ------------[ cut here ]------------
[   76.587763][ T5321] 1
[   76.587777][ T5321] WARNING: mm/page_alloc.c:5226 at __alloc_frozen_pages_noprof+0x2d1/0x380, CPU#0: syz.0.0/5321
[   76.593552][ T5321] Modules linked in:
[   76.595316][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.599604][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.605279][ T5321] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[   76.607970][ T5321] Code: 74 10 4c 89 e7 89 54 24 0c e8 8b 4b 0e 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 c9 96 d8 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   76.615704][ T5321] RSP: 0018:ffffc9000e02f920 EFLAGS: 00010246
[   76.618423][ T5321] RAX: ffffc9000e02f900 RBX: 0000000000000016 RCX: 0000000000000000
[   76.622885][ T5321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000e02f988
[   76.627182][ T5321] RBP: ffffc9000e02fa20 R08: ffffc9000e02f987 R09: 0000000000000000
[   76.631089][ T5321] R10: ffffc9000e02f960 R11: fffff52001c05f31 R12: 0000000000000000
[   76.634696][ T5321] R13: 1ffff92001c05f28 R14: 0000000000040cc0 R15: dffffc0000000000
[   76.639592][ T5321] FS:  00007fc39fa736c0(0000) GS:ffff88808ca49000(0000) knlGS:0000000000000000
[   76.644022][ T5321] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.646817][ T5321] CR2: 00007fc39fa31d58 CR3: 000000003844b000 CR4: 0000000000352ef0
[   76.650607][ T5321] Call Trace:
[   76.652227][ T5321]  <TASK>
[   76.653650][ T5321]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   76.657219][ T5321]  ? __pfx_policy_nodemask+0x10/0x10
[   76.660229][ T5321]  alloc_pages_mpol+0x232/0x4a0
[   76.662394][ T5321]  ___kmalloc_large_node+0x4e/0x150
[   76.664974][ T5321]  __kmalloc_large_node_noprof+0x18/0x90
[   76.667565][ T5321]  __kmalloc_noprof+0x3e8/0x760
[   76.669971][ T5321]  ? drm_syncobj_array_find+0x3a/0x440
[   76.672871][ T5321]  drm_syncobj_array_find+0x3a/0x440
[   76.676005][ T5321]  drm_syncobj_signal_ioctl+0x179/0x570
[   76.678501][ T5321]  ? drm_dev_exit+0x3a/0x60
[   76.680611][ T5321]  drm_ioctl_kernel+0x2df/0x3b0
[   76.682787][ T5321]  ? __pfx_drm_syncobj_signal_ioctl+0x10/0x10
[   76.685863][ T5321]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   76.690139][ T5321]  drm_ioctl+0x6ba/0xb80
[   76.692043][ T5321]  ? __pfx_drm_syncobj_signal_ioctl+0x10/0x10
[   76.694684][ T5321]  ? __pfx_drm_ioctl+0x10/0x10
[   76.696782][ T5321]  ? __fget_files+0x2a/0x420
[   76.698867][ T5321]  ? bpf_lsm_file_ioctl+0x9/0x20
[   76.701105][ T5321]  ? __pfx_drm_ioctl+0x10/0x10
[   76.703202][ T5321]  __se_sys_ioctl+0xfc/0x170
[   76.705380][ T5321]  do_syscall_64+0x14d/0xf80
[   76.708189][ T5321]  ? trace_irq_disable+0x3b/0x150
[   76.711055][ T5321]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.713898][ T5321]  ? clear_bhb_loop+0x40/0x90
[   76.716068][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.718675][ T5321] RIP: 0033:0x7fc39eb9c819
[   76.720871][ T5321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.730637][ T5321] RSP: 002b:00007fc39fa72fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.734284][ T5321] RAX: ffffffffffffffda RBX: 00007fc39ee16090 RCX: 00007fc39eb9c819
[   76.739453][ T5321] RDX: 00002000000003c0 RSI: 00000000c01064c5 RDI: 0000000000000003
[   76.746295][ T5321] RBP: 00007fc39ec32c91 R08: 0000000000000000 R09: 0000000000000000
[   76.750006][ T5321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.753292][ T5321] R13: 00007fc39ee16128 R14: 00007fc39ee16090 R15: 00007ffeb37b8468
[   76.756717][ T5321]  </TASK>
[   76.758081][ T5321] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.761175][ T5321] CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   76.765059][ T5321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   76.769687][ T5321] Call Trace:
[   76.771204][ T5321]  <TASK>
[   76.772468][ T5321]  vpanic+0x56c/0xa60
[   76.774181][ T5321]  ? __pfx__printk+0x10/0x10
[   76.776238][ T5321]  ? __pfx_vpanic+0x10/0x10
[   76.778282][ T5321]  ? is_bpf_text_address+0x292/0x2b0
[   76.780728][ T5321]  ? is_bpf_text_address+0x26/0x2b0
[   76.783120][ T5321]  panic+0xc5/0xd0
[   76.784951][ T5321]  ? __pfx_panic+0x10/0x10
[   76.787214][ T5321]  __warn+0x315/0x4f0
[   76.789082][ T5321]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   76.791629][ T5321]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   76.794335][ T5321]  __report_bug+0x29a/0x540
[   76.796502][ T5321]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   76.799834][ T5321]  ? __pfx___report_bug+0x10/0x10
[   76.802751][ T5321]  ? is_bpf_text_address+0x292/0x2b0
[   76.805190][ T5321]  ? is_bpf_text_address+0x26/0x2b0
[   76.807638][ T5321]  ? kernel_text_address+0xa5/0xe0
[   76.809895][ T5321]  ? __kernel_text_address+0xd/0x30
[   76.811995][ T5321]  ? unwind_get_return_address+0x4d/0x90
[   76.814720][ T5321]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   76.817631][ T5321]  report_bug+0x16a/0x220
[   76.819494][ T5321]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[   76.821930][ T5321]  ? __alloc_frozen_pages_noprof+0x2d3/0x380
[   76.824492][ T5321]  handle_bug+0x9c/0x200
[   76.826470][ T5321]  exc_invalid_op+0x1a/0x50
[   76.828921][ T5321]  asm_exc_invalid_op+0x1a/0x20
[   76.831898][ T5321] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[   76.835345][ T5321] Code: 74 10 4c 89 e7 89 54 24 0c e8 8b 4b 0e 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 c9 96 d8 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[   76.843354][ T5321] RSP: 0018:ffffc9000e02f920 EFLAGS: 00010246
[   76.846258][ T5321] RAX: ffffc9000e02f900 RBX: 0000000000000016 RCX: 0000000000000000
[   76.850347][ T5321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000e02f988
[   76.854711][ T5321] RBP: ffffc9000e02fa20 R08: ffffc9000e02f987 R09: 0000000000000000
[   76.858516][ T5321] R10: ffffc9000e02f960 R11: fffff52001c05f31 R12: 0000000000000000
[   76.862116][ T5321] R13: 1ffff92001c05f28 R14: 0000000000040cc0 R15: dffffc0000000000
[   76.865801][ T5321]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   76.869049][ T5321]  ? __pfx_policy_nodemask+0x10/0x10
[   76.871936][ T5321]  alloc_pages_mpol+0x232/0x4a0
[   76.874610][ T5321]  ___kmalloc_large_node+0x4e/0x150
[   76.876947][ T5321]  __kmalloc_large_node_noprof+0x18/0x90
[   76.879393][ T5321]  __kmalloc_noprof+0x3e8/0x760
[   76.881549][ T5321]  ? drm_syncobj_array_find+0x3a/0x440
[   76.884014][ T5321]  drm_syncobj_array_find+0x3a/0x440
[   76.886860][ T5321]  drm_syncobj_signal_ioctl+0x179/0x570
[   76.889874][ T5321]  ? drm_dev_exit+0x3a/0x60
[   76.891989][ T5321]  drm_ioctl_kernel+0x2df/0x3b0
[   76.894004][ T5321]  ? __pfx_drm_syncobj_signal_ioctl+0x10/0x10
[   76.896549][ T5321]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   76.898923][ T5321]  drm_ioctl+0x6ba/0xb80
[   76.901155][ T5321]  ? __pfx_drm_syncobj_signal_ioctl+0x10/0x10
[   76.904669][ T5321]  ? __pfx_drm_ioctl+0x10/0x10
[   76.907649][ T5321]  ? __fget_files+0x2a/0x420
[   76.910342][ T5321]  ? bpf_lsm_file_ioctl+0x9/0x20
[   76.913029][ T5321]  ? __pfx_drm_ioctl+0x10/0x10
[   76.915470][ T5321]  __se_sys_ioctl+0xfc/0x170
[   76.917958][ T5321]  do_syscall_64+0x14d/0xf80
[   76.920508][ T5321]  ? trace_irq_disable+0x3b/0x150
[   76.922993][ T5321]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.925716][ T5321]  ? clear_bhb_loop+0x40/0x90
[   76.927828][ T5321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.930440][ T5321] RIP: 0033:0x7fc39eb9c819
[   76.932669][ T5321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.941945][ T5321] RSP: 002b:00007fc39fa72fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   76.945678][ T5321] RAX: ffffffffffffffda RBX: 00007fc39ee16090 RCX: 00007fc39eb9c819
[   76.949559][ T5321] RDX: 00002000000003c0 RSI: 00000000c01064c5 RDI: 0000000000000003
[   76.954011][ T5321] RBP: 00007fc39ec32c91 R08: 0000000000000000 R09: 0000000000000000
[   76.957606][ T5321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.960974][ T5321] R13: 00007fc39ee16128 R14: 00007fc39ee16090 R15: 00007ffeb37b8468
[   76.964457][ T5321]  </TASK>
[   76.966259][ T5321] Kernel Offset: disabled
[   76.968693][ T5321] Rebooting in 86400 seconds..