program:
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000300)=""/104, 0x68)
syz_mount_image$ext4(&(0x7f0000000200)='ext2\x00', &(0x7f0000000280)='./file0\x00', 0xc000, &(0x7f00000002c0)={[{@acl}]}, 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000380)={<r4=>0x0, 0xfff7, 0x5, [0xe55, 0xf2, 0xe8, 0x800, 0x81a7]}, &(0x7f0000000400)=0x12)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000006c0)={r4, 0x9}, &(0x7f0000000700)=0x8)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="4800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0125000000000000280012800b000100697036746e6c00001800028008000100"], 0x48}, 0x9}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="000086dd0000120000000000000060ec97000f982c00fb8000000000000000000000000000aaff02000000000000000000000000000189"], 0xfce)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f00000001c0))
r5 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000100)={'veth0_vlan\x00', &(0x7f0000000580)=@ethtool_gstrings={0x1b, 0x4}})
write$binfmt_script(r6, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r6, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'veth0_vlan\x00', 0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r5, 0xc00864bf, &(0x7f0000000000)={<r8=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r5, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000080)=[r8], 0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(r5, 0xc01864cb, &(0x7f0000000300)={&(0x7f0000000040)=[r8], &(0x7f00000002c0), 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f0000000080)={<r9=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01864c2, &(0x7f00000000c0)={<r10=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r0, 0xc02864c3, &(0x7f0000000140)={&(0x7f0000000100)=[r8, r9, r10], 0x80000001, 0x3, 0x4})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000061105000000000f63c0000000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x6}, 0x8, 0x10, &(0x7f0000000740), 0x10}, 0x94)

[  139.034347][ T5349] loop0: detected capacity change from 0 to 128
[  139.096069][ T5349] syz.0.0 uses obsolete (PF_INET,SOCK_PACKET)
[  139.114042][ T5349] netlink: 12 bytes leftover after parsing attributes in process `syz.0.0'.
[  139.143164][ T5349] ip6tnl1: entered promiscuous mode
[  139.180503][ T5349] ------------[ cut here ]------------
[  139.183814][ T5349] 1
[  139.183826][ T5349] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x2d1/0x380, CPU#0: syz.0.0/5349
[  139.189891][ T5349] Modules linked in:
[  139.191754][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  139.195544][ T5349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  139.200134][ T5349] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[  139.203111][ T5349] Code: 74 10 4c 89 e7 89 54 24 0c e8 eb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 88 1c f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  139.211579][ T5349] RSP: 0018:ffffc9000fdb7920 EFLAGS: 00010246
[  139.214411][ T5349] RAX: ffffc9000fdb7900 RBX: 000000000000000e RCX: 0000000000000000
[  139.218224][ T5349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000fdb7988
[  139.221742][ T5349] RBP: ffffc9000fdb7a20 R08: ffffc9000fdb7987 R09: 0000000000000000
[  139.224873][ T5349] R10: ffffc9000fdb7960 R11: fffff52001fb6f31 R12: 0000000000000000
[  139.228371][ T5349] R13: 1ffff92001fb6f28 R14: 0000000000040cc0 R15: dffffc0000000000
[  139.232115][ T5349] FS:  00007f5db07bc6c0(0000) GS:ffff88808c87f000(0000) knlGS:0000000000000000
[  139.236096][ T5349] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  139.239170][ T5349] CR2: 0000200000000194 CR3: 0000000012849000 CR4: 0000000000352ef0
[  139.242760][ T5349] Call Trace:
[  139.244236][ T5349]  <TASK>
[  139.245602][ T5349]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  139.248409][ T5349]  ? __pfx_policy_nodemask+0x10/0x10
[  139.250859][ T5349]  alloc_pages_mpol+0x235/0x490
[  139.252994][ T5349]  ___kmalloc_large_node+0x4e/0x120
[  139.255247][ T5349]  __kmalloc_large_node_noprof+0x18/0x90
[  139.257927][ T5349]  __kmalloc_noprof+0x3e8/0x760
[  139.260181][ T5349]  ? drm_syncobj_array_find+0x3a/0x440
[  139.262635][ T5349]  ? drm_dev_enter+0x49/0x150
[  139.264692][ T5349]  drm_syncobj_array_find+0x3a/0x440
[  139.267029][ T5349]  drm_syncobj_timeline_signal_ioctl+0x165/0x8a0
[  139.269879][ T5349]  ? drm_dev_exit+0x3a/0x60
[  139.271799][ T5349]  drm_ioctl_kernel+0x2df/0x3b0
[  139.273872][ T5349]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  139.276772][ T5349]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  139.279189][ T5349]  drm_ioctl+0x6ba/0xb80
[  139.281038][ T5349]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  139.284036][ T5349]  ? __pfx_drm_ioctl+0x10/0x10
[  139.286098][ T5349]  ? __fget_files+0x2a/0x420
[  139.288168][ T5349]  ? bpf_lsm_file_ioctl+0x9/0x20
[  139.290293][ T5349]  ? __pfx_drm_ioctl+0x10/0x10
[  139.292331][ T5349]  __se_sys_ioctl+0xfc/0x170
[  139.294326][ T5349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.296951][ T5349]  do_syscall_64+0x15f/0xf80
[  139.299100][ T5349]  ? clear_bhb_loop+0x40/0x90
[  139.301178][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.303716][ T5349] RIP: 0033:0x7f5daf99ce59
[  139.305730][ T5349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.314177][ T5349] RSP: 002b:00007f5db07bbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.318008][ T5349] RAX: ffffffffffffffda RBX: 00007f5dafc15fa0 RCX: 00007f5daf99ce59
[  139.321749][ T5349] RDX: 0000200000000180 RSI: 00000000c01864cd RDI: 0000000000000007
[  139.325532][ T5349] RBP: 00007f5dafa32d6f R08: 0000000000000000 R09: 0000000000000000
[  139.328883][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.332374][ T5349] R13: 00007f5dafc16038 R14: 00007f5dafc15fa0 R15: 00007ffc53ab79c8
[  139.335819][ T5349]  </TASK>
[  139.337299][ T5349] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  139.340503][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  139.344460][ T5349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  139.348720][ T5349] Call Trace:
[  139.350234][ T5349]  <TASK>
[  139.351553][ T5349]  vpanic+0x56c/0xa60
[  139.353390][ T5349]  ? __pfx__printk+0x10/0x10
[  139.355332][ T5349]  ? __pfx_vpanic+0x10/0x10
[  139.357241][ T5349]  ? is_bpf_text_address+0x292/0x2b0
[  139.359587][ T5349]  ? is_bpf_text_address+0x26/0x2b0
[  139.361904][ T5349]  panic+0xc5/0xd0
[  139.363609][ T5349]  ? __pfx_panic+0x10/0x10
[  139.365633][ T5349]  __warn+0x315/0x4c0
[  139.367321][ T5349]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  139.369942][ T5349]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  139.372520][ T5349]  __report_bug+0x29a/0x540
[  139.374592][ T5349]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  139.377353][ T5349]  ? __pfx___report_bug+0x10/0x10
[  139.379692][ T5349]  ? is_bpf_text_address+0x292/0x2b0
[  139.381888][ T5349]  ? is_bpf_text_address+0x26/0x2b0
[  139.384106][ T5349]  ? kernel_text_address+0xa5/0xe0
[  139.386363][ T5349]  ? __kernel_text_address+0xd/0x30
[  139.388553][ T5349]  ? unwind_get_return_address+0x4d/0x90
[  139.390968][ T5349]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  139.393598][ T5349]  report_bug+0x16a/0x220
[  139.395421][ T5349]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  139.398020][ T5349]  ? __alloc_frozen_pages_noprof+0x2d3/0x380
[  139.400580][ T5349]  handle_bug+0x9c/0x200
[  139.402366][ T5349]  exc_invalid_op+0x1a/0x50
[  139.404319][ T5349]  asm_exc_invalid_op+0x1a/0x20
[  139.406339][ T5349] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[  139.409216][ T5349] Code: 74 10 4c 89 e7 89 54 24 0c e8 eb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 88 1c f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  139.417250][ T5349] RSP: 0018:ffffc9000fdb7920 EFLAGS: 00010246
[  139.419894][ T5349] RAX: ffffc9000fdb7900 RBX: 000000000000000e RCX: 0000000000000000
[  139.423323][ T5349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000fdb7988
[  139.426737][ T5349] RBP: ffffc9000fdb7a20 R08: ffffc9000fdb7987 R09: 0000000000000000
[  139.430363][ T5349] R10: ffffc9000fdb7960 R11: fffff52001fb6f31 R12: 0000000000000000
[  139.433715][ T5349] R13: 1ffff92001fb6f28 R14: 0000000000040cc0 R15: dffffc0000000000
[  139.437046][ T5349]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  139.439700][ T5349]  ? __pfx_policy_nodemask+0x10/0x10
[  139.441978][ T5349]  alloc_pages_mpol+0x235/0x490
[  139.444141][ T5349]  ___kmalloc_large_node+0x4e/0x120
[  139.446454][ T5349]  __kmalloc_large_node_noprof+0x18/0x90
[  139.448888][ T5349]  __kmalloc_noprof+0x3e8/0x760
[  139.450980][ T5349]  ? drm_syncobj_array_find+0x3a/0x440
[  139.453298][ T5349]  ? drm_dev_enter+0x49/0x150
[  139.455294][ T5349]  drm_syncobj_array_find+0x3a/0x440
[  139.457586][ T5349]  drm_syncobj_timeline_signal_ioctl+0x165/0x8a0
[  139.460270][ T5349]  ? drm_dev_exit+0x3a/0x60
[  139.462327][ T5349]  drm_ioctl_kernel+0x2df/0x3b0
[  139.464402][ T5349]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  139.467291][ T5349]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  139.469681][ T5349]  drm_ioctl+0x6ba/0xb80
[  139.471446][ T5349]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  139.474592][ T5349]  ? __pfx_drm_ioctl+0x10/0x10
[  139.476847][ T5349]  ? __fget_files+0x2a/0x420
[  139.478881][ T5349]  ? bpf_lsm_file_ioctl+0x9/0x20
[  139.481045][ T5349]  ? __pfx_drm_ioctl+0x10/0x10
[  139.483089][ T5349]  __se_sys_ioctl+0xfc/0x170
[  139.485173][ T5349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.487808][ T5349]  do_syscall_64+0x15f/0xf80
[  139.489888][ T5349]  ? clear_bhb_loop+0x40/0x90
[  139.491913][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.494502][ T5349] RIP: 0033:0x7f5daf99ce59
[  139.496436][ T5349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.504957][ T5349] RSP: 002b:00007f5db07bbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  139.508569][ T5349] RAX: ffffffffffffffda RBX: 00007f5dafc15fa0 RCX: 00007f5daf99ce59
[  139.512081][ T5349] RDX: 0000200000000180 RSI: 00000000c01864cd RDI: 0000000000000007
[  139.515587][ T5349] RBP: 00007f5dafa32d6f R08: 0000000000000000 R09: 0000000000000000
[  139.519078][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.522566][ T5349] R13: 00007f5dafc16038 R14: 00007f5dafc15fa0 R15: 00007ffc53ab79c8
[  139.525995][ T5349]  </TASK>
[  139.527745][ T5349] Kernel Offset: disabled
[  139.529603][ T5349] Rebooting in 86400 seconds..