program:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00002c5000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00002c6000/0x2000)=nil, &(0x7f0000bff000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1978, &(0x7f0000000040)={0x0, 0xca72, 0x1cc90, 0x0, 0x20002fb})
timer_create(0x2, 0x0, &(0x7f0000000040)=<r1=>0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x1, &(0x7f0000000100)={{}, {r2, r3+10000000}}, 0x0)
timer_delete(r1)
r4 = socket$inet(0x2, 0x80001, 0x84)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x130, 0x0, 0x3, {0x100000000, 0x5, 0x0, '\x00', {0x9ca7a16b958dcf33, 0x8003, 0xffffffffffffffff, 0xfffffff3, 0x0, 0x0, 0x2000, '\x00', 0xfffffffffffffffe, 0x0, 0xffffffffffffc2f3, 0x0, {0xfffffffffffffffd}, {0x5}, {0x0, 0x4}, {0x5}, 0x61, 0x0, 0x7fff}}}})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)=""/174, 0xae}], 0x1)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffa)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000340), 0x2, 0xc8d03)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r5, 0xc00864bf, &(0x7f0000000000)={<r6=>0x0})
syz_open_dev$dri(&(0x7f0000000040), 0x7f, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r5, 0xc01864cd, &(0x7f0000000380)={&(0x7f0000000140)=[r6, r6], 0x0, 0x3ffffee4})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r5, 0xc03064ca, &(0x7f00000000c0)={&(0x7f00000001c0)=[r6, r6], &(0x7f0000000100)=[0x11], 0xfffffffffffefffe, 0x2, 0xb})

[  104.747789][ T5325] ------------[ cut here ]------------
[  104.750305][ T5325] 1
[  104.750315][ T5325] WARNING: mm/page_alloc.c:5202 at __alloc_frozen_pages_noprof+0x2d1/0x380, CPU#0: syz.0.0/5325
[  104.756017][ T5325] Modules linked in:
[  104.758498][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  104.762291][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.766695][ T5325] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[  104.772592][ T5325] Code: 74 10 4c 89 e7 89 54 24 0c e8 fb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 5b 22 f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  104.787451][ T5325] RSP: 0018:ffffc90003b0f920 EFLAGS: 00010246
[  104.790145][ T5325] RAX: ffffc90003b0f900 RBX: 0000000000000014 RCX: 0000000000000000
[  104.793619][ T5325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003b0f988
[  104.797100][ T5325] RBP: ffffc90003b0fa20 R08: ffffc90003b0f987 R09: 0000000000000000
[  104.800591][ T5325] R10: ffffc90003b0f960 R11: fffff52000761f31 R12: 0000000000000000
[  104.804043][ T5325] R13: 1ffff92000761f28 R14: 0000000000040cc0 R15: dffffc0000000000
[  104.807441][ T5325] FS:  00007fbc5d4176c0(0000) GS:ffff88808c87e000(0000) knlGS:0000000000000000
[  104.811593][ T5325] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  104.814373][ T5325] CR2: 00007fbc5c586480 CR3: 0000000012df1000 CR4: 0000000000352ef0
[  104.817716][ T5325] Call Trace:
[  104.820551][ T5325]  <TASK>
[  104.822022][ T5325]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  104.824811][ T5325]  ? __pfx_policy_nodemask+0x10/0x10
[  104.827180][ T5325]  alloc_pages_mpol+0x235/0x490
[  104.829374][ T5325]  ___kmalloc_large_node+0x4e/0x120
[  104.831537][ T5325]  __kmalloc_large_node_noprof+0x18/0x90
[  104.833904][ T5325]  __kmalloc_noprof+0x3e8/0x760
[  104.835965][ T5325]  ? drm_syncobj_array_find+0x3a/0x440
[  104.838354][ T5325]  ? drm_dev_enter+0x49/0x150
[  104.840290][ T5325]  drm_syncobj_array_find+0x3a/0x440
[  104.842626][ T5325]  drm_syncobj_timeline_signal_ioctl+0x165/0x8a0
[  104.845348][ T5325]  ? drm_dev_exit+0x3a/0x60
[  104.847283][ T5325]  drm_ioctl_kernel+0x2df/0x3b0
[  104.849061][ T5325]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  104.851873][ T5325]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  104.854124][ T5325]  drm_ioctl+0x6ba/0xb80
[  104.855799][ T5325]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  104.858773][ T5325]  ? __pfx_drm_ioctl+0x10/0x10
[  104.860924][ T5325]  ? __fget_files+0x2a/0x420
[  104.862933][ T5325]  ? bpf_lsm_file_ioctl+0x9/0x20
[  104.864977][ T5325]  ? __pfx_drm_ioctl+0x10/0x10
[  104.867145][ T5325]  __se_sys_ioctl+0xfc/0x170
[  104.868947][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.871646][ T5325]  do_syscall_64+0x15f/0xf80
[  104.873649][ T5325]  ? trace_irq_disable+0x3b/0x140
[  104.875859][ T5325]  ? clear_bhb_loop+0x40/0x90
[  104.877901][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.880501][ T5325] RIP: 0033:0x7fbc5c59ce59
[  104.882456][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.891740][ T5325] RSP: 002b:00007fbc5d416fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  104.895433][ T5325] RAX: ffffffffffffffda RBX: 00007fbc5c815fa0 RCX: 00007fbc5c59ce59
[  104.898834][ T5325] RDX: 0000200000000380 RSI: 00000000c01864cd RDI: 0000000000000006
[  104.902413][ T5325] RBP: 00007fbc5c632d6f R08: 0000000000000000 R09: 0000000000000000
[  104.905826][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.909076][ T5325] R13: 00007fbc5c816038 R14: 00007fbc5c815fa0 R15: 00007ffe05d81698
[  104.912523][ T5325]  </TASK>
[  104.915028][ T5325] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  104.918055][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[  104.922549][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  104.927884][ T5325] Call Trace:
[  104.929388][ T5325]  <TASK>
[  104.930674][ T5325]  vpanic+0x56c/0xa60
[  104.932407][ T5325]  ? __pfx__printk+0x10/0x10
[  104.934512][ T5325]  ? __pfx_vpanic+0x10/0x10
[  104.936516][ T5325]  ? is_bpf_text_address+0x292/0x2b0
[  104.938824][ T5325]  ? is_bpf_text_address+0x26/0x2b0
[  104.941427][ T5325]  panic+0xc5/0xd0
[  104.943262][ T5325]  ? __pfx_panic+0x10/0x10
[  104.945291][ T5325]  __warn+0x315/0x4c0
[  104.947070][ T5325]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  104.949702][ T5325]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  104.952351][ T5325]  __report_bug+0x29a/0x540
[  104.954426][ T5325]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  104.957054][ T5325]  ? __pfx___report_bug+0x10/0x10
[  104.959220][ T5325]  ? is_bpf_text_address+0x292/0x2b0
[  104.961539][ T5325]  ? is_bpf_text_address+0x26/0x2b0
[  104.963928][ T5325]  ? kernel_text_address+0xa5/0xe0
[  104.966194][ T5325]  ? __kernel_text_address+0xd/0x30
[  104.968464][ T5325]  ? unwind_get_return_address+0x4d/0x90
[  104.970937][ T5325]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  104.973762][ T5325]  report_bug+0x16a/0x220
[  104.975672][ T5325]  ? __alloc_frozen_pages_noprof+0x2d1/0x380
[  104.978169][ T5325]  ? __alloc_frozen_pages_noprof+0x2d3/0x380
[  104.980737][ T5325]  handle_bug+0x9c/0x200
[  104.982878][ T5325]  exc_invalid_op+0x1a/0x50
[  104.984940][ T5325]  asm_exc_invalid_op+0x1a/0x20
[  104.987003][ T5325] RIP: 0010:__alloc_frozen_pages_noprof+0x2d1/0x380
[  104.989657][ T5325] Code: 74 10 4c 89 e7 89 54 24 0c e8 fb db 0d 00 8b 54 24 0c 49 83 3c 24 00 0f 85 a8 fe ff ff e9 a9 fe ff ff c6 05 5b 22 f6 0d 01 90 <0f> 0b 90 e9 17 ff ff ff a9 00 00 08 00 48 8b 4c 24 10 4c 8d 44 24
[  104.997841][ T5325] RSP: 0018:ffffc90003b0f920 EFLAGS: 00010246
[  105.000502][ T5325] RAX: ffffc90003b0f900 RBX: 0000000000000014 RCX: 0000000000000000
[  105.004041][ T5325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90003b0f988
[  105.007605][ T5325] RBP: ffffc90003b0fa20 R08: ffffc90003b0f987 R09: 0000000000000000
[  105.011133][ T5325] R10: ffffc90003b0f960 R11: fffff52000761f31 R12: 0000000000000000
[  105.014536][ T5325] R13: 1ffff92000761f28 R14: 0000000000040cc0 R15: dffffc0000000000
[  105.017969][ T5325]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  105.020777][ T5325]  ? __pfx_policy_nodemask+0x10/0x10
[  105.023402][ T5325]  alloc_pages_mpol+0x235/0x490
[  105.025533][ T5325]  ___kmalloc_large_node+0x4e/0x120
[  105.027747][ T5325]  __kmalloc_large_node_noprof+0x18/0x90
[  105.030156][ T5325]  __kmalloc_noprof+0x3e8/0x760
[  105.032402][ T5325]  ? drm_syncobj_array_find+0x3a/0x440
[  105.034768][ T5325]  ? drm_dev_enter+0x49/0x150
[  105.036849][ T5325]  drm_syncobj_array_find+0x3a/0x440
[  105.039222][ T5325]  drm_syncobj_timeline_signal_ioctl+0x165/0x8a0
[  105.042153][ T5325]  ? drm_dev_exit+0x3a/0x60
[  105.044180][ T5325]  drm_ioctl_kernel+0x2df/0x3b0
[  105.046310][ T5325]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  105.049150][ T5325]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  105.051464][ T5325]  drm_ioctl+0x6ba/0xb80
[  105.053259][ T5325]  ? __pfx_drm_syncobj_timeline_signal_ioctl+0x10/0x10
[  105.056161][ T5325]  ? __pfx_drm_ioctl+0x10/0x10
[  105.058275][ T5325]  ? __fget_files+0x2a/0x420
[  105.060278][ T5325]  ? bpf_lsm_file_ioctl+0x9/0x20
[  105.062428][ T5325]  ? __pfx_drm_ioctl+0x10/0x10
[  105.064520][ T5325]  __se_sys_ioctl+0xfc/0x170
[  105.066544][ T5325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.069198][ T5325]  do_syscall_64+0x15f/0xf80
[  105.071269][ T5325]  ? trace_irq_disable+0x3b/0x140
[  105.074366][ T5325]  ? clear_bhb_loop+0x40/0x90
[  105.076465][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.079181][ T5325] RIP: 0033:0x7fbc5c59ce59
[  105.081299][ T5325] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  105.089720][ T5325] RSP: 002b:00007fbc5d416fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  105.093434][ T5325] RAX: ffffffffffffffda RBX: 00007fbc5c815fa0 RCX: 00007fbc5c59ce59
[  105.096966][ T5325] RDX: 0000200000000380 RSI: 00000000c01864cd RDI: 0000000000000006
[  105.100315][ T5325] RBP: 00007fbc5c632d6f R08: 0000000000000000 R09: 0000000000000000
[  105.103746][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  105.106911][ T5325] R13: 00007fbc5c816038 R14: 00007fbc5c815fa0 R15: 00007ffe05d81698
[  105.110154][ T5325]  </TASK>
[  105.111862][ T5325] Kernel Offset: disabled
[  105.113770][ T5325] Rebooting in 86400 seconds..