program: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000061104d000000000063011800000000008400090000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52) r0 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f0000000240)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r0, 0xc02864c3, &(0x7f0000000400)={&(0x7f0000000440)=[r1], 0x67bce64f, 0xfffffffffffffd37, 0x9}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000180)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000240)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000300)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000340)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000400)={0x0}) r9 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r9, 0xc00864bf, &(0x7f0000000000)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r9, 0xc03064ca, &(0x7f00000000c0)={&(0x7f00000004c0)=[r10, r10], &(0x7f0000000100)=[0xd], 0xfffffffffffeffff, 0x2, 0x2}) r11 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0x40502) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r11, 0xc00864bf, &(0x7f0000000000)={0x0, 0x1}) r13 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r13, 0xc00864bf, &(0x7f0000000140)) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r13, 0xc03064ca, &(0x7f00000000c0)={&(0x7f0000000040)=[r12], 0x0, 0xa00000000000, 0x1, 0x6}) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f00000004c0)={0x0, 0x1}) r15 = syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x2000) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r15, 0xc00864bf, &(0x7f00000000c0)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r15, 0xc02064cc, &(0x7f00000001c0)={r16, r16, 0x1, 0x8000000000000001, 0x2}) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r15, 0xc00864c0, &(0x7f0000000140)={r16}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000500)={0x0}) r18 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r18, 0xc00864bf, &(0x7f0000000140)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r18, 0xc01864cd, &(0x7f0000000340)={&(0x7f00000001c0)=[r19], 0x0, 0x1}) ioctl$DRM_IOCTL_PANTHOR_GROUP_SUBMIT(0xffffffffffffffff, 0xc0186449, &(0x7f0000000680)={0x0, 0x0, {0x28, 0x4, &(0x7f00000005c0)=[{0x40, 0x1e4ee510, 0x410f0e9012011bc0, 0x0, 0x0, {0x10, 0x6, &(0x7f0000000280)=[{0x0, 0x0, 0xffffffff}, {0x80000000, r1, 0xffffffffffffffff}, {0x80000000, r2, 0xffffffffffffff81}, {0x0, r3, 0x4}, {0xff, r4, 0xfffffffffffffffb}, {0xff, r5, 0x7}]}}, {0x5, 0x361f1f18, 0xbc588b9310b61200, 0x1ff, 0x0, {0x10, 0x4, &(0x7f0000000380)=[{0x0, r6, 0x4}, {0x0, r7, 0x8}, {0x80000000, 0x0, 0x101}, {0x1, 0x0, 0xbb6}]}}, {0x5c40, 0x5d2231e0, 0xb9d45ffa4b3ac040, 0xfffffff8, 0x0, {0x10, 0x5, &(0x7f0000000440)=[{0xff, 0x0, 0x8}, {0x80000000, 0x0, 0x61}, {0xff, r8, 0x3ce8}, {0x1, r10, 0xf1}, {0x800000ff, r12, 0x5}]}}, {0x4, 0xcbcbea8, 0x6aca36caee3be180, 0x8, 0x0, {0x10, 0x5, &(0x7f0000000540)=[{0x1, r14, 0x4}, {0xff, 0x0, 0x800}, {0x797dfe5d1c454857, r16, 0x4}, {0x0, r17, 0x4cbb}, {0x80000000, r19, 0x80000000}]}}]}}) [ 85.171832][ T5329] ------------[ cut here ]------------ [ 85.174219][ T5329] 1 [ 85.174230][ T5329] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x2d1/0x380, CPU#0: syz.0.0/5329 [ 85.179645][ T5329] Modules linked in: [ 85.182220][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.186427][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 85.190733][ T5329] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.193664][ T5329] Code: 74 10 4c 89 e7 89 54 24 0c e8 0b dc 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 b4 38 f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 85.202143][ T5329] RSP: 0018:ffffc900032cf8c0 EFLAGS: 00010246 [ 85.204775][ T5329] RAX: ffffc900032cf900 RBX: 0000000000000016 RCX: 0000000000000000 [ 85.208191][ T5329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900032cf928 [ 85.211837][ T5329] RBP: ffffc900032cf9b0 R08: ffffc900032cf927 R09: 0000000000000000 [ 85.215367][ T5329] R10: ffffc900032cf900 R11: fffff52000659f25 R12: 0000000000000000 [ 85.219142][ T5329] R13: 1ffff92000659f1c R14: 0000000000040cc0 R15: dffffc0000000000 [ 85.222989][ T5329] FS: 00007f63dd7f56c0(0000) GS:ffff88808c87c000(0000) knlGS:0000000000000000 [ 85.226916][ T5329] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.229971][ T5329] CR2: 00007f744d25c708 CR3: 000000001f42a000 CR4: 0000000000352ef0 [ 85.234111][ T5329] Call Trace: [ 85.235868][ T5329] [ 85.237194][ T5329] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 85.240049][ T5329] ? __pfx_policy_nodemask+0x10/0x10 [ 85.242397][ T5329] ? kasan_save_free_info+0x46/0x50 [ 85.244643][ T5329] ? __kasan_slab_free+0x5c/0x80 [ 85.246777][ T5329] ? kfree+0x1c5/0x640 [ 85.248577][ T5329] ? tomoyo_path_number_perm+0x501/0x630 [ 85.251426][ T5329] ? security_file_ioctl+0xc3/0x2a0 [ 85.254594][ T5329] ? do_syscall_64+0x15f/0xf80 [ 85.256855][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.259523][ T5329] alloc_pages_mpol+0x235/0x490 [ 85.261876][ T5329] ___kmalloc_large_node+0x4e/0x120 [ 85.264319][ T5329] __kmalloc_large_node_noprof+0x18/0x90 [ 85.266853][ T5329] __kmalloc_noprof+0x3e8/0x760 [ 85.268958][ T5329] ? drm_syncobj_array_find+0x3a/0x440 [ 85.271486][ T5329] drm_syncobj_array_find+0x3a/0x440 [ 85.273992][ T5329] drm_syncobj_wait_ioctl+0x200/0x690 [ 85.276847][ T5329] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.280236][ T5329] drm_ioctl_kernel+0x2df/0x3b0 [ 85.283242][ T5329] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.286495][ T5329] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 85.289444][ T5329] drm_ioctl+0x6ba/0xb80 [ 85.291504][ T5329] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.294012][ T5329] ? __pfx_drm_ioctl+0x10/0x10 [ 85.296039][ T5329] ? __fget_files+0x2a/0x420 [ 85.297955][ T5329] ? bpf_lsm_file_ioctl+0x9/0x20 [ 85.300032][ T5329] ? __pfx_drm_ioctl+0x10/0x10 [ 85.302256][ T5329] __se_sys_ioctl+0xfc/0x170 [ 85.304265][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.307018][ T5329] do_syscall_64+0x15f/0xf80 [ 85.309122][ T5329] ? trace_irq_disable+0x3b/0x140 [ 85.311499][ T5329] ? clear_bhb_loop+0x40/0x90 [ 85.313630][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.316372][ T5329] RIP: 0033:0x7f63e139ce59 [ 85.318484][ T5329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 85.327071][ T5329] RSP: 002b:00007f63dd7f4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.330873][ T5329] RAX: ffffffffffffffda RBX: 00007f63e1615fa0 RCX: 00007f63e139ce59 [ 85.334246][ T5329] RDX: 0000200000000400 RSI: 00000000c02864c3 RDI: 0000000000000003 [ 85.337555][ T5329] RBP: 00007f63e1432d6f R08: 0000000000000000 R09: 0000000000000000 [ 85.341008][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.345233][ T5329] R13: 00007f63e1616038 R14: 00007f63e1615fa0 R15: 00007ffcbe387808 [ 85.348357][ T5329] [ 85.349757][ T5329] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 85.352960][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.356840][ T5329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 85.361126][ T5329] Call Trace: [ 85.362632][ T5329] [ 85.364002][ T5329] vpanic+0x56c/0xa60 [ 85.365772][ T5329] ? __pfx__printk+0x10/0x10 [ 85.367756][ T5329] ? __pfx_vpanic+0x10/0x10 [ 85.369712][ T5329] ? is_bpf_text_address+0x292/0x2b0 [ 85.371953][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 85.374409][ T5329] panic+0xc5/0xd0 [ 85.376040][ T5329] ? __pfx_panic+0x10/0x10 [ 85.378134][ T5329] __warn+0x315/0x4c0 [ 85.379926][ T5329] ? __alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.382484][ T5329] ? __alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.385399][ T5329] __report_bug+0x29a/0x540 [ 85.387322][ T5329] ? unwind_next_frame+0xa6/0x2550 [ 85.389567][ T5329] ? __alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.392454][ T5329] ? __pfx___report_bug+0x10/0x10 [ 85.394804][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 85.397336][ T5329] ? is_bpf_text_address+0x292/0x2b0 [ 85.399522][ T5329] ? is_bpf_text_address+0x26/0x2b0 [ 85.401680][ T5329] ? __alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.404199][ T5329] report_bug+0x16a/0x220 [ 85.405888][ T5329] ? __alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.408387][ T5329] ? __alloc_frozen_pages_noprof+0x2d3/0x380 [ 85.411157][ T5329] handle_bug+0x9c/0x200 [ 85.413206][ T5329] exc_invalid_op+0x1a/0x50 [ 85.415219][ T5329] asm_exc_invalid_op+0x1a/0x20 [ 85.417320][ T5329] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380 [ 85.420051][ T5329] Code: 74 10 4c 89 e7 89 54 24 0c e8 0b dc 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 b4 38 f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 85.428309][ T5329] RSP: 0018:ffffc900032cf8c0 EFLAGS: 00010246 [ 85.431010][ T5329] RAX: ffffc900032cf900 RBX: 0000000000000016 RCX: 0000000000000000 [ 85.435202][ T5329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc900032cf928 [ 85.438738][ T5329] RBP: ffffc900032cf9b0 R08: ffffc900032cf927 R09: 0000000000000000 [ 85.442289][ T5329] R10: ffffc900032cf900 R11: fffff52000659f25 R12: 0000000000000000 [ 85.446291][ T5329] R13: 1ffff92000659f1c R14: 0000000000040cc0 R15: dffffc0000000000 [ 85.449583][ T5329] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 85.452372][ T5329] ? __pfx_policy_nodemask+0x10/0x10 [ 85.454815][ T5329] ? kasan_save_free_info+0x46/0x50 [ 85.457212][ T5329] ? __kasan_slab_free+0x5c/0x80 [ 85.459505][ T5329] ? kfree+0x1c5/0x640 [ 85.461392][ T5329] ? tomoyo_path_number_perm+0x501/0x630 [ 85.464092][ T5329] ? security_file_ioctl+0xc3/0x2a0 [ 85.466546][ T5329] ? do_syscall_64+0x15f/0xf80 [ 85.468741][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.471496][ T5329] alloc_pages_mpol+0x235/0x490 [ 85.473617][ T5329] ___kmalloc_large_node+0x4e/0x120 [ 85.475993][ T5329] __kmalloc_large_node_noprof+0x18/0x90 [ 85.478560][ T5329] __kmalloc_noprof+0x3e8/0x760 [ 85.480751][ T5329] ? drm_syncobj_array_find+0x3a/0x440 [ 85.483243][ T5329] drm_syncobj_array_find+0x3a/0x440 [ 85.485582][ T5329] drm_syncobj_wait_ioctl+0x200/0x690 [ 85.488016][ T5329] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.491421][ T5329] drm_ioctl_kernel+0x2df/0x3b0 [ 85.493858][ T5329] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.496637][ T5329] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 85.498925][ T5329] drm_ioctl+0x6ba/0xb80 [ 85.500806][ T5329] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.503459][ T5329] ? __pfx_drm_ioctl+0x10/0x10 [ 85.505656][ T5329] ? __fget_files+0x2a/0x420 [ 85.507592][ T5329] ? bpf_lsm_file_ioctl+0x9/0x20 [ 85.509854][ T5329] ? __pfx_drm_ioctl+0x10/0x10 [ 85.512240][ T5329] __se_sys_ioctl+0xfc/0x170 [ 85.514532][ T5329] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.517240][ T5329] do_syscall_64+0x15f/0xf80 [ 85.519219][ T5329] ? trace_irq_disable+0x3b/0x140 [ 85.521459][ T5329] ? clear_bhb_loop+0x40/0x90 [ 85.524040][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.527252][ T5329] RIP: 0033:0x7f63e139ce59 [ 85.529405][ T5329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 85.537308][ T5329] RSP: 002b:00007f63dd7f4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.541079][ T5329] RAX: ffffffffffffffda RBX: 00007f63e1615fa0 RCX: 00007f63e139ce59 [ 85.544512][ T5329] RDX: 0000200000000400 RSI: 00000000c02864c3 RDI: 0000000000000003 [ 85.547965][ T5329] RBP: 00007f63e1432d6f R08: 0000000000000000 R09: 0000000000000000 [ 85.551309][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.554851][ T5329] R13: 00007f63e1616038 R14: 00007f63e1615fa0 R15: 00007ffcbe387808 [ 85.558522][ T5329] [ 85.560243][ T5329] Kernel Offset: disabled [ 85.562210][ T5329] Rebooting in 86400 seconds..