program:
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xb43, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x3, 0x2800, 0x2800, 0x440, 0xd1, 0xc, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}})
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xb43, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x2800, 0x3, 0x2800, 0x2800, 0x440, 0xd1, 0xc, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}})

[   58.812396][ T5325] syz.0.0: vmalloc error: size 2038794240, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   58.819428][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.12.0-rc5-syzkaller #0
[   58.822587][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   58.826555][ T5325] Call Trace:
[   58.827899][ T5325]  <TASK>
[   58.828983][ T5325]  dump_stack_lvl+0x241/0x360
[   58.830891][ T5325]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.832931][ T5325]  ? __pfx__printk+0x10/0x10
[   58.834726][ T5325]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[   58.837053][ T5325]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[   58.839660][ T5325]  warn_alloc+0x278/0x410
[   58.841202][ T5325]  ? __vmalloc_node_range_noprof+0x106/0x13f0
[   58.843679][ T5325]  ? __pfx_warn_alloc+0x10/0x10
[   58.845630][ T5325]  ? __asan_memset+0x23/0x50
[   58.847374][ T5325]  __vmalloc_node_range_noprof+0x126/0x13f0
[   58.849478][ T5325]  ? __pfx___alloc_pages_noprof+0x10/0x10
[   58.851531][ T5325]  ? __mutex_trylock_common+0x183/0x2e0
[   58.853530][ T5325]  ? __pfx___might_resched+0x10/0x10
[   58.855509][ T5325]  ? __pfx___mutex_trylock_common+0x10/0x10
[   58.857847][ T5325]  ? __kasan_kmalloc_large+0x1a/0xa0
[   58.859871][ T5325]  ? rcu_is_watching+0x15/0xb0
[   58.861688][ T5325]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   58.864085][ T5325]  ? rcu_is_watching+0x15/0xb0
[   58.865956][ T5325]  ? trace_kmalloc+0x1f/0xd0
[   58.867721][ T5325]  ? __kmalloc_node_noprof+0x247/0x440
[   58.869746][ T5325]  ? __kvmalloc_node_noprof+0x72/0x190
[   58.871898][ T5325]  __kvmalloc_node_noprof+0x142/0x190
[   58.873946][ T5325]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[   58.876330][ T5325]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[   58.878681][ T5325]  ? tpg_update_mv_step+0x361/0x4f0
[   58.880694][ T5325]  vivid_update_format_cap+0x133c/0x2090
[   58.882891][ T5325]  ? __pfx_vivid_update_format_cap+0x10/0x10
[   58.885189][ T5325]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[   58.887482][ T5325]  __video_do_ioctl+0xc23/0xdd0
[   58.889363][ T5325]  ? __pfx___video_do_ioctl+0x10/0x10
[   58.891407][ T5325]  ? __might_fault+0xc6/0x120
[   58.893209][ T5325]  video_usercopy+0x89b/0x1180
[   58.895067][ T5325]  ? __pfx___video_do_ioctl+0x10/0x10
[   58.897191][ T5325]  ? __pfx_video_usercopy+0x10/0x10
[   58.899343][ T5325]  ? __fget_files+0x29/0x470
[   58.901110][ T5325]  ? __fget_files+0x3f3/0x470
[   58.902865][ T5325]  v4l2_ioctl+0x189/0x1e0
[   58.904468][ T5325]  ? __pfx_v4l2_ioctl+0x10/0x10
[   58.906237][ T5325]  __se_sys_ioctl+0xf9/0x170
[   58.907910][ T5325]  do_syscall_64+0xf3/0x230
[   58.909648][ T5325]  ? clear_bhb_loop+0x35/0x90
[   58.911439][ T5325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.913609][ T5325] RIP: 0033:0x7f440377e719
[   58.915178][ T5325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.922311][ T5325] RSP: 002b:00007f4404498038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   58.925414][ T5325] RAX: ffffffffffffffda RBX: 00007f4403935f80 RCX: 00007f440377e719
[   58.928319][ T5325] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000004
[   58.931265][ T5325] RBP: 00007f44037f132e R08: 0000000000000000 R09: 0000000000000000
[   58.934214][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   58.937164][ T5325] R13: 0000000000000000 R14: 00007f4403935f80 R15: 00007ffc323c5838
[   58.940120][ T5325]  </TASK>
[   58.947784][ T5325] Mem-Info:
[   58.948937][ T5325] active_anon:2817 inactive_anon:0 isolated_anon:0
[   58.948937][ T5325]  active_file:0 inactive_file:38078 isolated_file:0
[   58.948937][ T5325]  unevictable:1768 dirty:17 writeback:0
[   58.948937][ T5325]  slab_reclaimable:6991 slab_unreclaimable:33634
[   58.948937][ T5325]  mapped:5268 shmem:2305 pagetables:456
[   58.948937][ T5325]  sec_pagetables:293 bounce:0
[   58.948937][ T5325]  kernel_misc_reclaimable:0
[   58.948937][ T5325]  free:46012 free_pcp:658 free_cma:0
[   58.965946][ T4673] Bluetooth: hci0: command tx timeout
[   58.969409][ T5325] Node 0 active_anon:1784kB inactive_anon:0kB active_file:0kB inactive_file:6992kB unevictable:2104kB isolated(anon):0kB isolated(file):0kB mapped:3472kB dirty:28kB writeback:0kB shmem:2368kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2856kB pagetables:468kB sec_pagetables:1120kB all_unreclaimable? yes
[   58.980717][ T5325] Node 1 active_anon:9484kB inactive_anon:0kB active_file:0kB inactive_file:145320kB unevictable:4968kB isolated(anon):0kB isolated(file):0kB mapped:17600kB dirty:40kB writeback:0kB shmem:6852kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6552kB pagetables:1356kB sec_pagetables:52kB all_unreclaimable? no
[   58.993044][ T5325] Node 0 DMA free:2992kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:168kB inactive_anon:0kB active_file:0kB inactive_file:2064kB unevictable:568kB writepending:8kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:188kB local_pcp:188kB free_cma:0kB
[   59.003308][ T5325] lowmem_reserve[]: 0 86 0 0 0
[   59.005172][ T5325] Node 0 DMA32 free:15412kB boost:9912kB min:14320kB low:15420kB high:16520kB reserved_highatomic:0KB active_anon:1616kB inactive_anon:0kB active_file:0kB inactive_file:4928kB unevictable:1536kB writepending:20kB present:770052kB managed:116620kB mlocked:0kB bounce:0kB free_pcp:88kB local_pcp:88kB free_cma:0kB
[   59.017106][ T5325] lowmem_reserve[]: 0 0 0 0 0
[   59.019017][ T5325] Node 1 DMA32 free:165580kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB active_anon:9484kB inactive_anon:0kB active_file:0kB inactive_file:145320kB unevictable:4968kB writepending:40kB present:786288kB managed:690876kB mlocked:0kB bounce:0kB free_pcp:2364kB local_pcp:2364kB free_cma:0kB
[   59.030536][ T5325] lowmem_reserve[]: 0 0 0 0 0
[   59.032400][ T5325] Node 0 DMA: 6*4kB (U) 19*8kB (U) 62*16kB (U) 57*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2992kB
[   59.038256][ T5325] Node 0 DMA32: 181*4kB (UME) 100*8kB (UM) 30*16kB (UM) 133*32kB (UME) 67*64kB (UME) 20*128kB (UME) 7*256kB (UME) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 15412kB
[   59.045636][ T5325] Node 1 DMA32: 1*4kB (U) 1*8kB (E) 2*16kB (UE) 2*32kB (UE) 1*64kB (U) 2*128kB (UE) 1*256kB (M) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (E) 39*4096kB (M) = 165548kB
[   59.052259][ T5325] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   59.058724][ T5325] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   59.062239][ T5325] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   59.066405][ T5325] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   59.069918][ T5325] 40383 total pagecache pages
[   59.071746][ T5325] 0 pages in swap cache
[   59.074350][ T5325] Free swap  = 124996kB
[   59.075928][ T5325] Total swap = 124996kB
[   59.077541][ T5325] 393083 pages RAM
[   59.078958][ T5325] 0 pages HighMem/MovableOnly
[   59.080744][ T5325] 187369 pages reserved
[   59.082353][ T5325] 0 pages cma reserved
[   59.084856][ T5326] ------------[ cut here ]------------
[   59.086875][ T5326] WARNING: CPU: 0 PID: 5326 at mm/util.c:670 __kvmalloc_node_noprof+0x17a/0x190
[   59.090107][ T5326] Modules linked in:
[   59.091680][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted 6.12.0-rc5-syzkaller #0
[   59.094910][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.098886][ T5326] RIP: 0010:__kvmalloc_node_noprof+0x17a/0x190
[   59.101151][ T5326] Code: cc 44 89 fe 81 e6 00 20 00 00 31 ff e8 ef e5 b9 ff 41 81 e7 00 20 00 00 74 0a e8 a1 e1 b9 ff e9 3b ff ff ff e8 97 e1 b9 ff 90 <0f> 0b 90 e9 2d ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00
[   59.107973][ T5326] RSP: 0018:ffffc9000d257930 EFLAGS: 00010283
[   59.110172][ T5326] RAX: ffffffff81daf6f9 RBX: 00000000f7b0cc00 RCX: 0000000000040000
[   59.113205][ T5326] RDX: ffffc9000de2b000 RSI: 00000000000007bb RDI: 00000000000007bc
[   59.115890][ T5326] RBP: 0000000000000000 R08: ffffffff81daf6e1 R09: 00000000ffffffff
[   59.118812][ T5326] R10: ffffc9000d2577a0 R11: fffff52001a4aef9 R12: 00000000f7b0cc00
[   59.121671][ T5326] R13: ffffc9000d257a60 R14: 00000000ffffffff R15: 0000000000000000
[   59.124658][ T5326] FS:  00007f44035ff6c0(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
[   59.127841][ T5326] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   59.130265][ T5326] CR2: 0000556afd93b028 CR3: 000000004fe0c000 CR4: 0000000000352ef0
[   59.133308][ T5326] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   59.136259][ T5326] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   59.139253][ T5326] Call Trace:
[   59.140465][ T5326]  <TASK>
[   59.141632][ T5326]  ? __warn+0x168/0x4e0
[   59.143319][ T5326]  ? __kvmalloc_node_noprof+0x17a/0x190
[   59.145432][ T5326]  ? report_bug+0x2b3/0x500
[   59.147100][ T5326]  ? __kvmalloc_node_noprof+0x17a/0x190
[   59.149217][ T5326]  ? handle_bug+0x60/0x90
[   59.150816][ T5326]  ? exc_invalid_op+0x1a/0x50
[   59.152346][ T5326]  ? asm_exc_invalid_op+0x1a/0x20
[   59.154324][ T5326]  ? __kvmalloc_node_noprof+0x161/0x190
[   59.156152][ T5326]  ? __kvmalloc_node_noprof+0x179/0x190
[   59.158188][ T5326]  ? __kvmalloc_node_noprof+0x17a/0x190
[   59.160292][ T5326]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[   59.162605][ T5326]  ? tpg_update_mv_step+0x361/0x4f0
[   59.164757][ T5326]  vivid_update_format_cap+0x133c/0x2090
[   59.166845][ T5326]  ? __pfx_vivid_update_format_cap+0x10/0x10
[   59.168871][ T5326]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[   59.170933][ T5326]  __video_do_ioctl+0xc23/0xdd0
[   59.172803][ T5326]  ? __pfx___video_do_ioctl+0x10/0x10
[   59.174748][ T5326]  ? __might_fault+0xc6/0x120
[   59.176478][ T5326]  video_usercopy+0x89b/0x1180
[   59.178307][ T5326]  ? __pfx___video_do_ioctl+0x10/0x10
[   59.180278][ T5326]  ? __pfx_video_usercopy+0x10/0x10
[   59.182220][ T5326]  ? __fget_files+0x29/0x470
[   59.184045][ T5326]  ? __fget_files+0x3f3/0x470
[   59.185790][ T5326]  v4l2_ioctl+0x189/0x1e0
[   59.187460][ T5326]  ? __pfx_v4l2_ioctl+0x10/0x10
[   59.189328][ T5326]  __se_sys_ioctl+0xf9/0x170
[   59.191031][ T5326]  do_syscall_64+0xf3/0x230
[   59.192783][ T5326]  ? clear_bhb_loop+0x35/0x90
[   59.194470][ T5326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.196654][ T5326] RIP: 0033:0x7f440377e719
[   59.198328][ T5326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.205361][ T5326] RSP: 002b:00007f44035ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   59.208519][ T5326] RAX: ffffffffffffffda RBX: 00007f4403936058 RCX: 00007f440377e719
[   59.211447][ T5326] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003
[   59.214366][ T5326] RBP: 00007f44037f132e R08: 0000000000000000 R09: 0000000000000000
[   59.217605][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   59.220429][ T5326] R13: 0000000000000001 R14: 00007f4403936058 R15: 00007ffc323c5838
[   59.223678][ T5326]  </TASK>
[   59.224847][ T5326] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   59.227430][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.0.0 Not tainted 6.12.0-rc5-syzkaller #0
[   59.230526][ T5326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   59.234424][ T5326] Call Trace:
[   59.235601][ T5326]  <TASK>
[   59.236640][ T5326]  dump_stack_lvl+0x241/0x360
[   59.238344][ T5326]  ? __pfx_dump_stack_lvl+0x10/0x10
[   59.240189][ T5326]  ? __pfx__printk+0x10/0x10
[   59.241819][ T5326]  ? _printk+0xd5/0x120
[   59.243344][ T5326]  ? __init_begin+0x41000/0x41000
[   59.245142][ T5326]  ? vscnprintf+0x5d/0x90
[   59.246632][ T5326]  panic+0x349/0x880
[   59.248054][ T5326]  ? __warn+0x177/0x4e0
[   59.249555][ T5326]  ? __pfx_panic+0x10/0x10
[   59.251150][ T5326]  ? show_trace_log_lvl+0x3b2/0x410
[   59.253041][ T5326]  __warn+0x34b/0x4e0
[   59.254476][ T5326]  ? __kvmalloc_node_noprof+0x17a/0x190
[   59.256490][ T5326]  report_bug+0x2b3/0x500
[   59.258119][ T5326]  ? __kvmalloc_node_noprof+0x17a/0x190
[   59.260179][ T5326]  handle_bug+0x60/0x90
[   59.261781][ T5326]  exc_invalid_op+0x1a/0x50
[   59.263439][ T5326]  asm_exc_invalid_op+0x1a/0x20
[   59.265162][ T5326] RIP: 0010:__kvmalloc_node_noprof+0x17a/0x190
[   59.267428][ T5326] Code: cc 44 89 fe 81 e6 00 20 00 00 31 ff e8 ef e5 b9 ff 41 81 e7 00 20 00 00 74 0a e8 a1 e1 b9 ff e9 3b ff ff ff e8 97 e1 b9 ff 90 <0f> 0b 90 e9 2d ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00
[   59.274114][ T5326] RSP: 0018:ffffc9000d257930 EFLAGS: 00010283
[   59.276130][ T5326] RAX: ffffffff81daf6f9 RBX: 00000000f7b0cc00 RCX: 0000000000040000
[   59.279085][ T5326] RDX: ffffc9000de2b000 RSI: 00000000000007bb RDI: 00000000000007bc
[   59.281941][ T5326] RBP: 0000000000000000 R08: ffffffff81daf6e1 R09: 00000000ffffffff
[   59.284832][ T5326] R10: ffffc9000d2577a0 R11: fffff52001a4aef9 R12: 00000000f7b0cc00
[   59.287711][ T5326] R13: ffffc9000d257a60 R14: 00000000ffffffff R15: 0000000000000000
[   59.290552][ T5326]  ? __kvmalloc_node_noprof+0x161/0x190
[   59.292473][ T5326]  ? __kvmalloc_node_noprof+0x179/0x190
[   59.294375][ T5326]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[   59.296499][ T5326]  ? tpg_update_mv_step+0x361/0x4f0
[   59.298367][ T5326]  vivid_update_format_cap+0x133c/0x2090
[   59.300413][ T5326]  ? __pfx_vivid_update_format_cap+0x10/0x10
[   59.302692][ T5326]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[   59.304781][ T5326]  __video_do_ioctl+0xc23/0xdd0
[   59.306512][ T5326]  ? __pfx___video_do_ioctl+0x10/0x10
[   59.308117][ T5326]  ? __might_fault+0xc6/0x120
[   59.309625][ T5326]  video_usercopy+0x89b/0x1180
[   59.311273][ T5326]  ? __pfx___video_do_ioctl+0x10/0x10
[   59.313110][ T5326]  ? __pfx_video_usercopy+0x10/0x10
[   59.314937][ T5326]  ? __fget_files+0x29/0x470
[   59.316573][ T5326]  ? __fget_files+0x3f3/0x470
[   59.318304][ T5326]  v4l2_ioctl+0x189/0x1e0
[   59.319833][ T5326]  ? __pfx_v4l2_ioctl+0x10/0x10
[   59.321694][ T5326]  __se_sys_ioctl+0xf9/0x170
[   59.323319][ T5326]  do_syscall_64+0xf3/0x230
[   59.325003][ T5326]  ? clear_bhb_loop+0x35/0x90
[   59.326679][ T5326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.328791][ T5326] RIP: 0033:0x7f440377e719
[   59.330441][ T5326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.337074][ T5326] RSP: 002b:00007f44035ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   59.340090][ T5326] RAX: ffffffffffffffda RBX: 00007f4403936058 RCX: 00007f440377e719
[   59.342927][ T5326] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003
[   59.345610][ T5326] RBP: 00007f44037f132e R08: 0000000000000000 R09: 0000000000000000
[   59.348263][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   59.351025][ T5326] R13: 0000000000000001 R14: 00007f4403936058 R15: 00007ffc323c5838
[   59.353827][ T5326]  </TASK>
[   59.355219][ T5326] Kernel Offset: disabled
[   59.356822][ T5326] Rebooting in 86400 seconds..