program: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0xd, 0x0, 0x8, 0x1224a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0, 0x7}, 0x100408, 0x7, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1c0000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_MODE_DIRTYFB(0xffffffffffffffff, 0xc01864b1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}) r0 = socket$unix(0x1, 0x1, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000300), 0x1, 0x400200) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000640)={&(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0], &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x1, 0x2, 0x5}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000680)={&(0x7f0000000340)=[0x0], &(0x7f0000000380)=[{}], &(0x7f0000000440)=[0x0], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1, 0x1, 0x1, 0x0, r2}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000000)={0x0}) r4 = syz_open_dev$dri(&(0x7f0000000040), 0x20, 0x0) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0106401, &(0x7f00000002c0)={0x22, &(0x7f0000000280)=""/34}) ioctl$TIOCL_BLANKSCREEN(r5, 0x5608, &(0x7f0000000000)) ioctl$DRM_IOCTL_GET_SAREA_CTX(r1, 0xc010641d, &(0x7f0000000840)={0x0, &(0x7f00000007c0)=""/87}) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000240)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r4, 0xc00864bf, &(0x7f0000000000)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(r4, 0xc02864c3, &(0x7f0000000400)={&(0x7f00000001c0)=[r6], 0x800000000000002, 0x82f87506b907dd1b, 0xb}) ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r4, 0xc01864cd, &(0x7f0000000180)={&(0x7f0000000080)=[r6], 0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r1, 0xc01064c1, &(0x7f0000000780)={r6, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r0, 0xc01064c2, &(0x7f0000000140)={0x0, 0x0, r9}) ioctl$BTRFS_IOC_LOGICAL_INO(0xffffffffffffffff, 0xc0389424, &(0x7f0000000740)={0xffffffffffffffff, 0x28, '\x00', 0x0, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000180)={0x0, 0x1}) ioctl$DRM_IOCTL_SYNCOBJ_WAIT(0xffffffffffffffff, 0xc02864c3, &(0x7f0000000200)={&(0x7f00000001c0)=[r3, 0x0, r6, r7, r8, r10, r11], 0x1, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) ioctl$sock_proto_private(r0, 0x8b19, &(0x7f0000000080)) syz_clone(0x91a0200, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)="24ab3f9fadf08a2bff49ec2208104e0c6339b39cda51a6b76683d93f1ad6a9b71cb8184fda55f020976ab9417b4afb12") r12 = syz_open_dev$sg(&(0x7f0000001600), 0x80000001, 0x40) write$binfmt_aout(r12, &(0x7f0000000480)=ANY=[@ANYBLOB="0000000000000000000000800080000014000091ff0f00004500f5ff06ff00010100fc5e15f4c3d3fbd80dad000008"], 0x125) [ 85.431976][ T5338] Bluetooth: hci0: command tx timeout [ 85.537204][ T5363] ------------[ cut here ]------------ [ 85.539859][ T5363] WARNING: CPU: 0 PID: 5363 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.544209][ T5363] Modules linked in: [ 85.546011][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.550741][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.555121][ T5363] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.558089][ T5363] Code: 74 10 4c 89 e7 89 54 24 0c e8 64 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 2a 14 96 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 85.566470][ T5363] RSP: 0018:ffffc9000d22f8e0 EFLAGS: 00010246 [ 85.569321][ T5363] RAX: ffffc9000d22f900 RBX: 0000000000000016 RCX: 0000000000000000 [ 85.572672][ T5363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d22f948 [ 85.576059][ T5363] RBP: ffffc9000d22f9c8 R08: ffffc9000d22f947 R09: 0000000000000000 [ 85.579499][ T5363] R10: ffffc9000d22f920 R11: fffff52001a45f29 R12: 0000000000000000 [ 85.582738][ T5363] R13: 1ffff92001a45f20 R14: 0000000000040cc0 R15: dffffc0000000000 [ 85.585991][ T5363] FS: 00007fb8bb9706c0(0000) GS:ffff88808d007000(0000) knlGS:0000000000000000 [ 85.589649][ T5363] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.592207][ T5363] CR2: 00007fb8bb90d9b8 CR3: 000000003e193000 CR4: 0000000000352ef0 [ 85.595235][ T5363] Call Trace: [ 85.596597][ T5363] [ 85.597856][ T5363] ? stack_depot_save_flags+0x40/0x860 [ 85.600240][ T5363] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 85.602936][ T5363] ? kasan_save_track+0x4f/0x80 [ 85.605094][ T5363] ? kasan_save_track+0x3e/0x80 [ 85.607212][ T5363] ? policy_nodemask+0x27c/0x720 [ 85.609528][ T5363] ? do_syscall_64+0xfa/0x3b0 [ 85.611593][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.614132][ T5363] alloc_pages_mpol+0x232/0x4a0 [ 85.616131][ T5363] ___kmalloc_large_node+0x5f/0x1b0 [ 85.618324][ T5363] __kmalloc_large_node_noprof+0x18/0x90 [ 85.620910][ T5363] __kmalloc_noprof+0x36f/0x4f0 [ 85.623027][ T5363] ? drm_syncobj_array_find+0x3a/0x450 [ 85.625521][ T5363] drm_syncobj_array_find+0x3a/0x450 [ 85.628353][ T5363] drm_syncobj_wait_ioctl+0x208/0x520 [ 85.631453][ T5363] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.634043][ T5363] drm_ioctl_kernel+0x2cf/0x390 [ 85.636168][ T5363] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.638756][ T5363] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 85.641396][ T5363] drm_ioctl+0x67f/0xb10 [ 85.643244][ T5363] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.645775][ T5363] ? __pfx_drm_ioctl+0x10/0x10 [ 85.647850][ T5363] ? __fget_files+0x2a/0x420 [ 85.650054][ T5363] ? bpf_lsm_file_ioctl+0x9/0x20 [ 85.652214][ T5363] ? __pfx_drm_ioctl+0x10/0x10 [ 85.654280][ T5363] __se_sys_ioctl+0xfc/0x170 [ 85.656216][ T5363] do_syscall_64+0xfa/0x3b0 [ 85.658227][ T5363] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.660959][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.663411][ T5363] ? clear_bhb_loop+0x60/0xb0 [ 85.665452][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.668028][ T5363] RIP: 0033:0x7fb8bab8ec29 [ 85.670200][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.678322][ T5363] RSP: 002b:00007fb8bb970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.681846][ T5363] RAX: ffffffffffffffda RBX: 00007fb8badd5fa0 RCX: 00007fb8bab8ec29 [ 85.685134][ T5363] RDX: 0000200000000400 RSI: 00000000c02864c3 RDI: 0000000000000004 [ 85.688688][ T5363] RBP: 00007fb8bac11e41 R08: 0000000000000000 R09: 0000000000000000 [ 85.692349][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.695813][ T5363] R13: 00007fb8badd6038 R14: 00007fb8badd5fa0 R15: 00007fff8151f518 [ 85.699249][ T5363] [ 85.700444][ T5363] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 85.703572][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 85.707449][ T5363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.711811][ T5363] Call Trace: [ 85.713181][ T5363] [ 85.714590][ T5363] dump_stack_lvl+0x99/0x250 [ 85.716555][ T5363] ? __asan_memcpy+0x40/0x70 [ 85.718474][ T5363] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.720699][ T5363] ? __pfx__printk+0x10/0x10 [ 85.722638][ T5363] vpanic+0x281/0x750 [ 85.724484][ T5363] ? __pfx__printk+0x10/0x10 [ 85.726827][ T5363] ? __pfx_vpanic+0x10/0x10 [ 85.729223][ T5363] ? is_bpf_text_address+0x26/0x2b0 [ 85.731995][ T5363] panic+0xb9/0xc0 [ 85.733846][ T5363] ? __pfx_panic+0x10/0x10 [ 85.735966][ T5363] __warn+0x31b/0x4b0 [ 85.737691][ T5363] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.740350][ T5363] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.742932][ T5363] report_bug+0x2be/0x4f0 [ 85.744704][ T5363] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.747179][ T5363] ? __alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.749693][ T5363] ? __alloc_frozen_pages_noprof+0x2ca/0x370 [ 85.752116][ T5363] handle_bug+0x84/0x160 [ 85.753910][ T5363] exc_invalid_op+0x1a/0x50 [ 85.755829][ T5363] asm_exc_invalid_op+0x1a/0x20 [ 85.757927][ T5363] RIP: 0010:__alloc_frozen_pages_noprof+0x2c8/0x370 [ 85.760715][ T5363] Code: 74 10 4c 89 e7 89 54 24 0c e8 64 1e 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a5 fe ff ff e9 a6 fe ff ff c6 05 2a 14 96 0d 01 90 <0f> 0b 90 e9 18 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24 [ 85.769325][ T5363] RSP: 0018:ffffc9000d22f8e0 EFLAGS: 00010246 [ 85.771724][ T5363] RAX: ffffc9000d22f900 RBX: 0000000000000016 RCX: 0000000000000000 [ 85.774976][ T5363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000d22f948 [ 85.778238][ T5363] RBP: ffffc9000d22f9c8 R08: ffffc9000d22f947 R09: 0000000000000000 [ 85.781585][ T5363] R10: ffffc9000d22f920 R11: fffff52001a45f29 R12: 0000000000000000 [ 85.784722][ T5363] R13: 1ffff92001a45f20 R14: 0000000000040cc0 R15: dffffc0000000000 [ 85.787835][ T5363] ? stack_depot_save_flags+0x40/0x860 [ 85.790077][ T5363] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 85.792634][ T5363] ? kasan_save_track+0x4f/0x80 [ 85.794637][ T5363] ? kasan_save_track+0x3e/0x80 [ 85.796642][ T5363] ? policy_nodemask+0x27c/0x720 [ 85.798682][ T5363] ? do_syscall_64+0xfa/0x3b0 [ 85.800915][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.803446][ T5363] alloc_pages_mpol+0x232/0x4a0 [ 85.805487][ T5363] ___kmalloc_large_node+0x5f/0x1b0 [ 85.807719][ T5363] __kmalloc_large_node_noprof+0x18/0x90 [ 85.810186][ T5363] __kmalloc_noprof+0x36f/0x4f0 [ 85.812232][ T5363] ? drm_syncobj_array_find+0x3a/0x450 [ 85.814539][ T5363] drm_syncobj_array_find+0x3a/0x450 [ 85.816652][ T5363] drm_syncobj_wait_ioctl+0x208/0x520 [ 85.818963][ T5363] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.821316][ T5363] drm_ioctl_kernel+0x2cf/0x390 [ 85.823454][ T5363] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.825990][ T5363] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 85.828276][ T5363] drm_ioctl+0x67f/0xb10 [ 85.830237][ T5363] ? __pfx_drm_syncobj_wait_ioctl+0x10/0x10 [ 85.832822][ T5363] ? __pfx_drm_ioctl+0x10/0x10 [ 85.834893][ T5363] ? __fget_files+0x2a/0x420 [ 85.836883][ T5363] ? bpf_lsm_file_ioctl+0x9/0x20 [ 85.839125][ T5363] ? __pfx_drm_ioctl+0x10/0x10 [ 85.841144][ T5363] __se_sys_ioctl+0xfc/0x170 [ 85.843153][ T5363] do_syscall_64+0xfa/0x3b0 [ 85.845082][ T5363] ? lockdep_hardirqs_on+0x9c/0x150 [ 85.847224][ T5363] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.849914][ T5363] ? clear_bhb_loop+0x60/0xb0 [ 85.851858][ T5363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.854336][ T5363] RIP: 0033:0x7fb8bab8ec29 [ 85.856206][ T5363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.864277][ T5363] RSP: 002b:00007fb8bb970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.867813][ T5363] RAX: ffffffffffffffda RBX: 00007fb8badd5fa0 RCX: 00007fb8bab8ec29 [ 85.871239][ T5363] RDX: 0000200000000400 RSI: 00000000c02864c3 RDI: 0000000000000004 [ 85.874489][ T5363] RBP: 00007fb8bac11e41 R08: 0000000000000000 R09: 0000000000000000 [ 85.877495][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.880474][ T5363] R13: 00007fb8badd6038 R14: 00007fb8badd5fa0 R15: 00007fff8151f518 [ 85.883507][ T5363] [ 85.885026][ T5363] Kernel Offset: disabled [ 85.886760][ T5363] Rebooting in 86400 seconds..