program:
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f000000b200)='/dev/comedi1\x00', 0x8040, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000100)={'das16m1\x00', [0x8001, 0x20, 0x3, 0x8, 0xfffffffb, 0x3ff, 0x4d7, 0x2, 0x4, 0x4, 0x0, 0x401, 0x3, 0x47, 0x9, 0x7ff, 0xa, 0x0, 0x1f29, 0x5, 0x7ffc, 0x8c, 0x6, 0x6, 0x54, 0x10001, 0x101, 0x5, 0x10001, 0x5, 0x1]})

[   75.184905][ T5316] Bluetooth: hci0: command tx timeout
[   75.241007][ T5335] ------------[ cut here ]------------
[   75.243477][ T5335] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/das16m1.c:525:9
[   75.275782][ T5335] shift exponent 32 is too large for 32-bit type 'int'
[   75.278558][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[   75.278573][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.278582][ T5335] Call Trace:
[   75.278588][ T5335]  <TASK>
[   75.278593][ T5335]  dump_stack_lvl+0x189/0x250
[   75.278680][ T5335]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.278695][ T5335]  ? __pfx__printk+0x10/0x10
[   75.278722][ T5335]  ubsan_epilogue+0xa/0x40
[   75.278740][ T5335]  __ubsan_handle_shift_out_of_bounds+0x386/0x410
[   75.278790][ T5335]  ? __comedi_request_region+0x74/0x140
[   75.278833][ T5335]  das16m1_attach+0x8ee/0xb20
[   75.278854][ T5335]  comedi_device_attach+0x51d/0x670
[   75.278872][ T5335]  comedi_unlocked_ioctl+0x686/0xf40
[   75.278896][ T5335]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.278931][ T5335]  ? __lock_acquire+0xab9/0xd20
[   75.278960][ T5335]  ? __fget_files+0x2a/0x420
[   75.278977][ T5335]  ? __fget_files+0x2a/0x420
[   75.278989][ T5335]  ? __fget_files+0x3a0/0x420
[   75.279002][ T5335]  ? __fget_files+0x2a/0x420
[   75.279016][ T5335]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.279029][ T5335]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.279043][ T5335]  __se_sys_ioctl+0xf9/0x170
[   75.279058][ T5335]  do_syscall_64+0xfa/0x3b0
[   75.279099][ T5335]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.279110][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.279121][ T5335]  ? clear_bhb_loop+0x60/0xb0
[   75.279137][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.279148][ T5335] RIP: 0033:0x7f395118e9a9
[   75.279161][ T5335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.279170][ T5335] RSP: 002b:00007f3951f48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.279184][ T5335] RAX: ffffffffffffffda RBX: 00007f39513b5fa0 RCX: 00007f395118e9a9
[   75.279192][ T5335] RDX: 0000200000000100 RSI: 0000000040946400 RDI: 0000000000000003
[   75.279201][ T5335] RBP: 00007f3951210ca1 R08: 0000000000000000 R09: 0000000000000000
[   75.279208][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.279214][ T5335] R13: 0000000000000000 R14: 00007f39513b5fa0 R15: 00007fff46fc2a18
[   75.279232][ T5335]  </TASK>
[   75.279237][ T5335] ---[ end trace ]---
[   75.437977][ T5335] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[   75.441120][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full) 
[   75.446235][ T5335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.450686][ T5335] Call Trace:
[   75.452100][ T5335]  <TASK>
[   75.453331][ T5335]  dump_stack_lvl+0x99/0x250
[   75.455328][ T5335]  ? __asan_memcpy+0x40/0x70
[   75.457302][ T5335]  ? __pfx_dump_stack_lvl+0x10/0x10
[   75.459555][ T5335]  ? __pfx__printk+0x10/0x10
[   75.461618][ T5335]  panic+0x2db/0x790
[   75.463372][ T5335]  ? __pfx_panic+0x10/0x10
[   75.465408][ T5335]  ? _printk+0xcf/0x120
[   75.467282][ T5335]  ? __pfx__printk+0x10/0x10
[   75.469297][ T5335]  check_panic_on_warn+0x89/0xb0
[   75.471228][ T5335]  __ubsan_handle_shift_out_of_bounds+0x386/0x410
[   75.473590][ T5335]  ? __comedi_request_region+0x74/0x140
[   75.475867][ T5335]  das16m1_attach+0x8ee/0xb20
[   75.477847][ T5335]  comedi_device_attach+0x51d/0x670
[   75.480054][ T5335]  comedi_unlocked_ioctl+0x686/0xf40
[   75.482093][ T5335]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.484202][ T5335]  ? __lock_acquire+0xab9/0xd20
[   75.486125][ T5335]  ? __fget_files+0x2a/0x420
[   75.487941][ T5335]  ? __fget_files+0x2a/0x420
[   75.489894][ T5335]  ? __fget_files+0x3a0/0x420
[   75.491908][ T5335]  ? __fget_files+0x2a/0x420
[   75.493920][ T5335]  ? bpf_lsm_file_ioctl+0x9/0x20
[   75.496174][ T5335]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   75.498669][ T5335]  __se_sys_ioctl+0xf9/0x170
[   75.500664][ T5335]  do_syscall_64+0xfa/0x3b0
[   75.502607][ T5335]  ? lockdep_hardirqs_on+0x9c/0x150
[   75.504790][ T5335]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.507388][ T5335]  ? clear_bhb_loop+0x60/0xb0
[   75.509490][ T5335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.512088][ T5335] RIP: 0033:0x7f395118e9a9
[   75.513986][ T5335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.521930][ T5335] RSP: 002b:00007f3951f48038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.525565][ T5335] RAX: ffffffffffffffda RBX: 00007f39513b5fa0 RCX: 00007f395118e9a9
[   75.529021][ T5335] RDX: 0000200000000100 RSI: 0000000040946400 RDI: 0000000000000003
[   75.532396][ T5335] RBP: 00007f3951210ca1 R08: 0000000000000000 R09: 0000000000000000
[   75.535750][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.539147][ T5335] R13: 0000000000000000 R14: 00007f39513b5fa0 R15: 00007fff46fc2a18
[   75.542638][ T5335]  </TASK>
[   75.544336][ T5335] Kernel Offset: disabled
[   75.546117][ T5335] Rebooting in 86400 seconds..