program:
r0 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000000)={<r1=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r0, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000080)=[r1], 0x0, 0x40000031}) (async, rerun: 32)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_SYNC_FILE(r0, 0xc01064c1, &(0x7f0000000240)={r1, 0x1, <r2=>0xffffffffffffffff}) (async, rerun: 32)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
prctl$PR_GET_TSC(0x19, &(0x7f0000000100)) (async, rerun: 64)
mkdir(&(0x7f0000000300)='./bus\x00', 0x105) (async, rerun: 64)
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000200)={"afeebd5f0a70da27313395c84c35e4e15b9d9adb807a89e33329d66048dc2d2d", r2, <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r3, 0xc0383e04, &(0x7f0000000280)={""/32, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000540)=[{}, {}, {}]}) (async)
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000180)='./file0/file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
chdir(&(0x7f0000000140)='./bus\x00') (async, rerun: 32)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x83, 0x0) (async, rerun: 32)
ioctl$SYNC_IOC_FILE_INFO(r2, 0xc0383e04, &(0x7f0000000140)={""/32, 0x0, 0x0, 0x0, 0x700, 0x0})

[   68.770451][ T5304] Bluetooth: hci0: command tx timeout
[   68.811606][ T5318] ------------[ cut here ]------------
[   68.813642][ T5318] WARNING: CPU: 0 PID: 5318 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x3c5/0x710
[   68.820956][ T5318] Modules linked in:
[   68.825480][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00232-g4800575d8c0b #0
[   68.831279][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.834895][ T5318] RIP: 0010:__alloc_pages_noprof+0x3c5/0x710
[   68.837189][ T5318] Code: ff df 0f 85 09 01 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 f9 00 00 00 c6 05 c6 bb 0b 0e 01 90 <0f> 0b 90 41 83 fc 0a 0f 86 13 fd ff ff 45 31 e4 48 c7 44 24 20 0e
[   68.844320][ T5318] RSP: 0018:ffffc9000d457900 EFLAGS: 00010246
[   68.846561][ T5318] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[   68.849514][ T5318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d457988
[   68.852375][ T5318] RBP: ffffc9000d457a18 R08: ffffc9000d457987 R09: 0000000000000000
[   68.855331][ T5318] R10: ffffc9000d457960 R11: fffff52001a8af31 R12: 0000000000000015
[   68.858368][ T5318] R13: 0000000000040cc0 R14: 1ffff92001a8af28 R15: 1ffff92001a8af24
[   68.861311][ T5318] FS:  00007fd2208516c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   68.864426][ T5318] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.866679][ T5318] CR2: 00007fd22082ffe0 CR3: 0000000030f0c000 CR4: 0000000000352ef0
[   68.869504][ T5318] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   68.872644][ T5318] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   68.875639][ T5318] Call Trace:
[   68.877290][ T5318]  <TASK>
[   68.878474][ T5318]  ? __warn+0x165/0x4d0
[   68.880112][ T5318]  ? __alloc_pages_noprof+0x3c5/0x710
[   68.882026][ T5318]  ? report_bug+0x2b3/0x500
[   68.883853][ T5318]  ? __alloc_pages_noprof+0x3c5/0x710
[   68.885905][ T5318]  ? handle_bug+0x60/0x90
[   68.887805][ T5318]  ? exc_invalid_op+0x1a/0x50
[   68.889579][ T5318]  ? asm_exc_invalid_op+0x1a/0x20
[   68.891576][ T5318]  ? __alloc_pages_noprof+0x3c5/0x710
[   68.893635][ T5318]  ? kasan_save_track+0x51/0x80
[   68.895555][ T5318]  ? __pfx___alloc_pages_noprof+0x10/0x10
[   68.897874][ T5318]  ? __lock_acquire+0x1397/0x2100
[   68.899794][ T5318]  ___kmalloc_large_node+0x8b/0x1d0
[   68.901800][ T5318]  __kmalloc_large_node_noprof+0x1a/0x80
[   68.903961][ T5318]  __kmalloc_noprof+0x339/0x4c0
[   68.905878][ T5318]  ? drm_syncobj_array_find+0x3a/0x460
[   68.908150][ T5318]  drm_syncobj_array_find+0x3a/0x460
[   68.910113][ T5318]  drm_syncobj_timeline_signal_ioctl+0x1f2/0x880
[   68.912482][ T5318]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   68.915086][ T5318]  ? drm_dev_enter+0x48/0x160
[   68.916925][ T5318]  drm_ioctl_kernel+0x337/0x440
[   68.918951][ T5318]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   68.921567][ T5318]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   68.923572][ T5318]  ? __might_fault+0xc6/0x120
[   68.925344][ T5318]  drm_ioctl+0x60e/0xad0
[   68.927074][ T5318]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   68.929628][ T5318]  ? __pfx_drm_ioctl+0x10/0x10
[   68.931462][ T5318]  ? __fget_files+0x2a/0x410
[   68.933150][ T5318]  ? __pfx_drm_ioctl+0x10/0x10
[   68.934833][ T5318]  __se_sys_ioctl+0xf5/0x170
[   68.936708][ T5318]  do_syscall_64+0xf3/0x230
[   68.938269][ T5318]  ? clear_bhb_loop+0x35/0x90
[   68.939865][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.941856][ T5318] RIP: 0033:0x7fd21f985d19
[   68.943380][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.950675][ T5318] RSP: 002b:00007fd220851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.953952][ T5318] RAX: ffffffffffffffda RBX: 00007fd21fb75fa0 RCX: 00007fd21f985d19
[   68.957249][ T5318] RDX: 0000000020000180 RSI: 00000000c01864cd RDI: 0000000000000003
[   68.960223][ T5318] RBP: 00007fd21fa01a20 R08: 0000000000000000 R09: 0000000000000000
[   68.963236][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   68.966464][ T5318] R13: 0000000000000000 R14: 00007fd21fb75fa0 R15: 00007fffdf36fed8
[   68.969648][ T5318]  </TASK>
[   68.970871][ T5318] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   68.973639][ T5318] CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.13.0-rc2-syzkaller-00232-g4800575d8c0b #0
[   68.977446][ T5318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.981325][ T5318] Call Trace:
[   68.982518][ T5318]  <TASK>
[   68.983569][ T5318]  dump_stack_lvl+0x241/0x360
[   68.985307][ T5318]  ? __pfx_dump_stack_lvl+0x10/0x10
[   68.987176][ T5318]  ? __pfx__printk+0x10/0x10
[   68.988815][ T5318]  ? _printk+0xd5/0x120
[   68.990438][ T5318]  ? __init_begin+0x41000/0x41000
[   68.992398][ T5318]  ? vscnprintf+0x5d/0x90
[   68.994213][ T5318]  panic+0x349/0x880
[   68.995774][ T5318]  ? __warn+0x174/0x4d0
[   68.997288][ T5318]  ? __pfx_panic+0x10/0x10
[   68.998989][ T5318]  __warn+0x344/0x4d0
[   69.000482][ T5318]  ? __alloc_pages_noprof+0x3c5/0x710
[   69.002430][ T5318]  report_bug+0x2b3/0x500
[   69.004078][ T5318]  ? __alloc_pages_noprof+0x3c5/0x710
[   69.006115][ T5318]  handle_bug+0x60/0x90
[   69.007705][ T5318]  exc_invalid_op+0x1a/0x50
[   69.009485][ T5318]  asm_exc_invalid_op+0x1a/0x20
[   69.011322][ T5318] RIP: 0010:__alloc_pages_noprof+0x3c5/0x710
[   69.013614][ T5318] Code: ff df 0f 85 09 01 00 00 44 89 e9 81 e1 7f ff ff ff a9 00 00 04 00 41 0f 44 cd 41 89 cd e9 f9 00 00 00 c6 05 c6 bb 0b 0e 01 90 <0f> 0b 90 41 83 fc 0a 0f 86 13 fd ff ff 45 31 e4 48 c7 44 24 20 0e
[   69.020813][ T5318] RSP: 0018:ffffc9000d457900 EFLAGS: 00010246
[   69.022999][ T5318] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[   69.025867][ T5318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d457988
[   69.028874][ T5318] RBP: ffffc9000d457a18 R08: ffffc9000d457987 R09: 0000000000000000
[   69.031978][ T5318] R10: ffffc9000d457960 R11: fffff52001a8af31 R12: 0000000000000015
[   69.035001][ T5318] R13: 0000000000040cc0 R14: 1ffff92001a8af28 R15: 1ffff92001a8af24
[   69.038009][ T5318]  ? kasan_save_track+0x51/0x80
[   69.039863][ T5318]  ? __pfx___alloc_pages_noprof+0x10/0x10
[   69.041914][ T5318]  ? __lock_acquire+0x1397/0x2100
[   69.043724][ T5318]  ___kmalloc_large_node+0x8b/0x1d0
[   69.045660][ T5318]  __kmalloc_large_node_noprof+0x1a/0x80
[   69.047578][ T5318]  __kmalloc_noprof+0x339/0x4c0
[   69.049219][ T5318]  ? drm_syncobj_array_find+0x3a/0x460
[   69.051103][ T5318]  drm_syncobj_array_find+0x3a/0x460
[   69.052935][ T5318]  drm_syncobj_timeline_signal_ioctl+0x1f2/0x880
[   69.055107][ T5318]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   69.057404][ T5318]  ? drm_dev_enter+0x48/0x160
[   69.059144][ T5318]  drm_ioctl_kernel+0x337/0x440
[   69.060897][ T5318]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   69.063312][ T5318]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[   69.065161][ T5318]  ? __might_fault+0xc6/0x120
[   69.066842][ T5318]  drm_ioctl+0x60e/0xad0
[   69.068364][ T5318]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[   69.070806][ T5318]  ? __pfx_drm_ioctl+0x10/0x10
[   69.072570][ T5318]  ? __fget_files+0x2a/0x410
[   69.074217][ T5318]  ? __pfx_drm_ioctl+0x10/0x10
[   69.075970][ T5318]  __se_sys_ioctl+0xf5/0x170
[   69.077747][ T5318]  do_syscall_64+0xf3/0x230
[   69.079466][ T5318]  ? clear_bhb_loop+0x35/0x90
[   69.081155][ T5318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.083197][ T5318] RIP: 0033:0x7fd21f985d19
[   69.084866][ T5318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.091501][ T5318] RSP: 002b:00007fd220851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.094405][ T5318] RAX: ffffffffffffffda RBX: 00007fd21fb75fa0 RCX: 00007fd21f985d19
[   69.097252][ T5318] RDX: 0000000020000180 RSI: 00000000c01864cd RDI: 0000000000000003
[   69.100105][ T5318] RBP: 00007fd21fa01a20 R08: 0000000000000000 R09: 0000000000000000
[   69.102951][ T5318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.105903][ T5318] R13: 0000000000000000 R14: 00007fd21fb75fa0 R15: 00007fffdf36fed8
[   69.108894][ T5318]  </TASK>
[   69.110345][ T5318] Kernel Offset: disabled
[   69.111993][ T5318] Rebooting in 86400 seconds..