program:
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000140)={'comedi_test\x00', [0x9e1, 0x2166, 0x0, 0x100000, 0x88d6, 0x8f, 0xfffffffd, 0x10, 0x2, 0xffffffff, 0x200, 0x8, 0x344, 0x1, 0x7, 0x1, 0x9, 0x3, 0x9, 0xe, 0x100, 0x3, 0x80, 0x7ff, 0x1, 0x1, 0xb0c4, 0x7df, 0x8, 0x7, 0x1]}) (fail_nth: 5)

[   67.836135][ T5337] FAULT_INJECTION: forcing a failure.
[   67.836135][ T5337] name failslab, interval 1, probability 0, space 0, times 1
[   67.842506][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[   67.842524][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.842531][ T5337] Call Trace:
[   67.842540][ T5337]  <TASK>
[   67.842548][ T5337]  dump_stack_lvl+0x189/0x250
[   67.842650][ T5337]  ? __pfx____ratelimit+0x10/0x10
[   67.842698][ T5337]  ? __pfx_dump_stack_lvl+0x10/0x10
[   67.842711][ T5337]  ? __pfx__printk+0x10/0x10
[   67.842728][ T5337]  ? __pfx___might_resched+0x10/0x10
[   67.842741][ T5337]  ? fs_reclaim_acquire+0x7d/0x100
[   67.842792][ T5337]  should_fail_ex+0x414/0x560
[   67.842813][ T5337]  should_failslab+0xa8/0x100
[   67.842828][ T5337]  __kmalloc_noprof+0xcb/0x4f0
[   67.842840][ T5337]  ? rcu_is_watching+0x15/0xb0
[   67.842851][ T5337]  ? comedi_alloc_subdevices+0x4a/0x240
[   67.842900][ T5337]  comedi_alloc_subdevices+0x4a/0x240
[   67.842913][ T5337]  waveform_common_attach+0x89/0x800
[   67.842935][ T5337]  comedi_device_attach+0x51d/0x670
[   67.842950][ T5337]  comedi_unlocked_ioctl+0x686/0xf40
[   67.842969][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   67.842999][ T5337]  ? __lock_acquire+0xab9/0xd20
[   67.843023][ T5337]  ? __fget_files+0x2a/0x420
[   67.843038][ T5337]  ? __fget_files+0x2a/0x420
[   67.843050][ T5337]  ? __fget_files+0x3a0/0x420
[   67.843062][ T5337]  ? __fget_files+0x2a/0x420
[   67.843077][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   67.843088][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   67.843102][ T5337]  __se_sys_ioctl+0xf9/0x170
[   67.843114][ T5337]  do_syscall_64+0xfa/0x3b0
[   67.843124][ T5337]  ? lockdep_hardirqs_on+0x9c/0x150
[   67.843140][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.843150][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   67.843162][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.843173][ T5337] RIP: 0033:0x7f896fb8e929
[   67.843186][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.843194][ T5337] RSP: 002b:00007f897099c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   67.843206][ T5337] RAX: ffffffffffffffda RBX: 00007f896fdb5fa0 RCX: 00007f896fb8e929
[   67.843212][ T5337] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000003
[   67.843218][ T5337] RBP: 00007f897099c090 R08: 0000000000000000 R09: 0000000000000000
[   67.843224][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.843230][ T5337] R13: 0000000000000000 R14: 00007f896fdb5fa0 R15: 00007ffee8cc4db8
[   67.843254][ T5337]  </TASK>
[   67.843281][ T5337] INFO: trying to register non-static key.
[   67.973134][ T5337] The code is fine but needs lockdep annotation, or maybe
[   67.976283][ T5337] you didn't initialize this object before use?
[   67.979235][ T5337] turning off the locking correctness validator.
[   67.983285][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[   67.983308][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   67.983317][ T5337] Call Trace:
[   67.983327][ T5337]  <TASK>
[   67.983334][ T5337]  dump_stack_lvl+0x189/0x250
[   67.983359][ T5337]  ? rcu_is_watching+0x15/0xb0
[   67.983376][ T5337]  ? __pfx_dump_stack_lvl+0x10/0x10
[   67.983390][ T5337]  ? __pfx__printk+0x10/0x10
[   67.983409][ T5337]  ? __is_module_percpu_address+0x39b/0x3f0
[   67.983425][ T5337]  ? is_module_address+0x17/0xf0
[   67.983445][ T5337]  assign_lock_key+0x133/0x150
[   67.983463][ T5337]  register_lock_class+0x105/0x320
[   67.983479][ T5337]  __lock_acquire+0x99/0xd20
[   67.983495][ T5337]  ? __timer_delete_sync+0x106/0x2d0
[   67.983513][ T5337]  lock_acquire+0x120/0x360
[   67.983525][ T5337]  ? __timer_delete_sync+0x106/0x2d0
[   67.983546][ T5337]  ? __timer_delete_sync+0x106/0x2d0
[   67.983563][ T5337]  __timer_delete_sync+0x11f/0x2d0
[   67.983579][ T5337]  ? __timer_delete_sync+0x106/0x2d0
[   67.983595][ T5337]  ? __pfx___timer_delete_sync+0x10/0x10
[   67.983613][ T5337]  ? down_write+0x162/0x1f0
[   67.983628][ T5337]  ? __pfx_down_write+0x10/0x10
[   67.983645][ T5337]  waveform_detach+0x45/0x60
[   67.983665][ T5337]  comedi_device_detach+0x137/0x720
[   67.983676][ T5337]  ? waveform_common_attach+0x9d/0x800
[   67.983695][ T5337]  comedi_device_attach+0x568/0x670
[   67.983712][ T5337]  comedi_unlocked_ioctl+0x686/0xf40
[   67.983736][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   67.983761][ T5337]  ? __lock_acquire+0xab9/0xd20
[   67.983775][ T5337]  ? __fget_files+0x2a/0x420
[   67.983787][ T5337]  ? __fget_files+0x2a/0x420
[   67.983798][ T5337]  ? __fget_files+0x3a0/0x420
[   67.983810][ T5337]  ? __fget_files+0x2a/0x420
[   67.983822][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   67.983832][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   67.983843][ T5337]  __se_sys_ioctl+0xf9/0x170
[   67.983854][ T5337]  do_syscall_64+0xfa/0x3b0
[   67.983864][ T5337]  ? lockdep_hardirqs_on+0x9c/0x150
[   67.983877][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.983886][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   67.983901][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.983914][ T5337] RIP: 0033:0x7f896fb8e929
[   67.983928][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.983940][ T5337] RSP: 002b:00007f897099c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   67.983954][ T5337] RAX: ffffffffffffffda RBX: 00007f896fdb5fa0 RCX: 00007f896fb8e929
[   67.984003][ T5337] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000003
[   67.984013][ T5337] RBP: 00007f897099c090 R08: 0000000000000000 R09: 0000000000000000
[   67.984021][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.984028][ T5337] R13: 0000000000000000 R14: 00007f896fdb5fa0 R15: 00007ffee8cc4db8
[   67.984037][ T5337]  </TASK>
[   68.144288][   T45] Bluetooth: hci0: command tx timeout
[   68.152612][ T5337] ------------[ cut here ]------------
[   68.155598][ T5337] ODEBUG: assert_init not available (active state 0) object: ffff888040f81e00 object type: timer_list hint: 0x0
[   68.160938][ T5337] WARNING: CPU: 0 PID: 5337 at lib/debugobjects.c:615 debug_print_object+0x16b/0x1e0
[   68.164846][ T5337] Modules linked in:
[   68.166262][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[   68.171952][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.177924][ T5337] RIP: 0010:debug_print_object+0x16b/0x1e0
[   68.180617][ T5337] Code: 4c 89 ff e8 27 c2 5b fd 4d 8b 0f 48 c7 c7 60 99 e2 8b 48 8b 34 24 4c 89 ea 89 e9 4d 89 f0 41 54 e8 ca e7 bb fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 c7 ef d9 0a 48 83 c4 08 5b 41 5c 41 5d 41 5e 41
[   68.190474][ T5337] RSP: 0018:ffffc9000d447858 EFLAGS: 00010282
[   68.194032][ T5337] RAX: f6a8835fe62b5a00 RBX: dffffc0000000000 RCX: ffff88803defc880
[   68.200191][ T5337] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   68.204026][ T5337] RBP: 0000000000000000 R08: ffff88801fc24293 R09: 1ffff11003f84852
[   68.208080][ T5337] R10: dffffc0000000000 R11: ffffed1003f84853 R12: 0000000000000000
[   68.211753][ T5337] R13: ffffffff8be29b20 R14: ffff888040f81e00 R15: ffffffff8b8ce0a0
[   68.216436][ T5337] FS:  00007f897099c6c0(0000) GS:ffff88808d21c000(0000) knlGS:0000000000000000
[   68.220495][ T5337] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   68.223066][ T5337] CR2: 00007f897099bfc8 CR3: 000000003f9be000 CR4: 0000000000352ef0
[   68.226862][ T5337] Call Trace:
[   68.228398][ T5337]  <TASK>
[   68.229692][ T5337]  debug_object_assert_init+0x2db/0x380
[   68.232197][ T5337]  __try_to_del_timer_sync+0x29/0x3a0
[   68.235412][ T5337]  __timer_delete_sync+0x1fe/0x2d0
[   68.238847][ T5337]  ? __pfx___timer_delete_sync+0x10/0x10
[   68.241415][ T5337]  ? down_write+0x162/0x1f0
[   68.243519][ T5337]  ? __pfx_down_write+0x10/0x10
[   68.246101][ T5337]  waveform_detach+0x45/0x60
[   68.248257][ T5337]  comedi_device_detach+0x137/0x720
[   68.250649][ T5337]  ? waveform_common_attach+0x9d/0x800
[   68.253262][ T5337]  comedi_device_attach+0x568/0x670
[   68.256379][ T5337]  comedi_unlocked_ioctl+0x686/0xf40
[   68.258926][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   68.261704][ T5337]  ? __lock_acquire+0xab9/0xd20
[   68.263918][ T5337]  ? __fget_files+0x2a/0x420
[   68.266933][ T5337]  ? __fget_files+0x2a/0x420
[   68.269444][ T5337]  ? __fget_files+0x3a0/0x420
[   68.271747][ T5337]  ? __fget_files+0x2a/0x420
[   68.274056][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   68.278313][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   68.281185][ T5337]  __se_sys_ioctl+0xf9/0x170
[   68.285424][ T5337]  do_syscall_64+0xfa/0x3b0
[   68.287928][ T5337]  ? lockdep_hardirqs_on+0x9c/0x150
[   68.290503][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.293395][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   68.295703][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.298256][ T5337] RIP: 0033:0x7f896fb8e929
[   68.300180][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.309942][ T5337] RSP: 002b:00007f897099c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.313591][ T5337] RAX: ffffffffffffffda RBX: 00007f896fdb5fa0 RCX: 00007f896fb8e929
[   68.317214][ T5337] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000003
[   68.320645][ T5337] RBP: 00007f897099c090 R08: 0000000000000000 R09: 0000000000000000
[   68.324543][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.328649][ T5337] R13: 0000000000000000 R14: 00007f896fdb5fa0 R15: 00007ffee8cc4db8
[   68.332589][ T5337]  </TASK>
[   68.333962][ T5337] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   68.337212][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full) 
[   68.342263][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   68.346783][ T5337] Call Trace:
[   68.348223][ T5337]  <TASK>
[   68.349754][ T5337]  dump_stack_lvl+0x99/0x250
[   68.352169][ T5337]  ? __asan_memcpy+0x40/0x70
[   68.354577][ T5337]  ? __pfx_dump_stack_lvl+0x10/0x10
[   68.356892][ T5337]  ? __pfx__printk+0x10/0x10
[   68.358880][ T5337]  panic+0x2db/0x790
[   68.360603][ T5337]  ? __pfx_panic+0x10/0x10
[   68.362434][ T5337]  __warn+0x31b/0x4b0
[   68.364155][ T5337]  ? debug_print_object+0x16b/0x1e0
[   68.366384][ T5337]  ? debug_print_object+0x16b/0x1e0
[   68.368799][ T5337]  report_bug+0x2be/0x4f0
[   68.371652][ T5337]  ? debug_print_object+0x16b/0x1e0
[   68.374657][ T5337]  ? debug_print_object+0x16b/0x1e0
[   68.376908][ T5337]  ? debug_print_object+0x16d/0x1e0
[   68.379320][ T5337]  handle_bug+0x84/0x160
[   68.381249][ T5337]  exc_invalid_op+0x1a/0x50
[   68.383339][ T5337]  asm_exc_invalid_op+0x1a/0x20
[   68.385531][ T5337] RIP: 0010:debug_print_object+0x16b/0x1e0
[   68.388156][ T5337] Code: 4c 89 ff e8 27 c2 5b fd 4d 8b 0f 48 c7 c7 60 99 e2 8b 48 8b 34 24 4c 89 ea 89 e9 4d 89 f0 41 54 e8 ca e7 bb fc 48 83 c4 08 90 <0f> 0b 90 90 ff 05 c7 ef d9 0a 48 83 c4 08 5b 41 5c 41 5d 41 5e 41
[   68.398477][ T5337] RSP: 0018:ffffc9000d447858 EFLAGS: 00010282
[   68.401426][ T5337] RAX: f6a8835fe62b5a00 RBX: dffffc0000000000 RCX: ffff88803defc880
[   68.404929][ T5337] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[   68.408582][ T5337] RBP: 0000000000000000 R08: ffff88801fc24293 R09: 1ffff11003f84852
[   68.412645][ T5337] R10: dffffc0000000000 R11: ffffed1003f84853 R12: 0000000000000000
[   68.416859][ T5337] R13: ffffffff8be29b20 R14: ffff888040f81e00 R15: ffffffff8b8ce0a0
[   68.420627][ T5337]  debug_object_assert_init+0x2db/0x380
[   68.423181][ T5337]  __try_to_del_timer_sync+0x29/0x3a0
[   68.425686][ T5337]  __timer_delete_sync+0x1fe/0x2d0
[   68.427888][ T5337]  ? __pfx___timer_delete_sync+0x10/0x10
[   68.430538][ T5337]  ? down_write+0x162/0x1f0
[   68.432758][ T5337]  ? __pfx_down_write+0x10/0x10
[   68.435027][ T5337]  waveform_detach+0x45/0x60
[   68.437338][ T5337]  comedi_device_detach+0x137/0x720
[   68.439787][ T5337]  ? waveform_common_attach+0x9d/0x800
[   68.442320][ T5337]  comedi_device_attach+0x568/0x670
[   68.445220][ T5337]  comedi_unlocked_ioctl+0x686/0xf40
[   68.447660][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   68.450101][ T5337]  ? __lock_acquire+0xab9/0xd20
[   68.452225][ T5337]  ? __fget_files+0x2a/0x420
[   68.454088][ T5337]  ? __fget_files+0x2a/0x420
[   68.456166][ T5337]  ? __fget_files+0x3a0/0x420
[   68.458239][ T5337]  ? __fget_files+0x2a/0x420
[   68.460537][ T5337]  ? bpf_lsm_file_ioctl+0x9/0x20
[   68.463019][ T5337]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   68.465680][ T5337]  __se_sys_ioctl+0xf9/0x170
[   68.467639][ T5337]  do_syscall_64+0xfa/0x3b0
[   68.469618][ T5337]  ? lockdep_hardirqs_on+0x9c/0x150
[   68.471697][ T5337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.474207][ T5337]  ? clear_bhb_loop+0x60/0xb0
[   68.476243][ T5337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.478763][ T5337] RIP: 0033:0x7f896fb8e929
[   68.480630][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.488809][ T5337] RSP: 002b:00007f897099c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.492376][ T5337] RAX: ffffffffffffffda RBX: 00007f896fdb5fa0 RCX: 00007f896fb8e929
[   68.495593][ T5337] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000003
[   68.498823][ T5337] RBP: 00007f897099c090 R08: 0000000000000000 R09: 0000000000000000
[   68.502240][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.505804][ T5337] R13: 0000000000000000 R14: 00007f896fdb5fa0 R15: 00007ffee8cc4db8
[   68.509244][ T5337]  </TASK>
[   68.510791][ T5337] Kernel Offset: disabled
[   68.512637][ T5337] Rebooting in 86400 seconds..