program:
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'aio_iiro_16\x00', [0x4f27, 0x20, 0x10000, 0x10000004, 0x5, 0xcc7, 0xfff, 0x0, 0x3, 0x100, 0x2, 0x1, 0x1, 0x1, 0x4, 0xe1cb, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xfffffffd, 0x0, 0x20001e56, 0xb, 0xe69, 0x3c, 0x8, 0x106, 0x8000000, 0xfffffff8]})
[ 68.352803][ T5321] Bluetooth: hci0: command tx timeout
[ 68.391794][ T5342] ------------[ cut here ]------------
[ 68.394017][ T5342] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/aio_iiro_16.c:180:9
[ 68.423405][ T5342] shift exponent 32 is too large for 32-bit type 'int'
[ 68.427059][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full)
[ 68.427076][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.427090][ T5342] Call Trace:
[ 68.427094][ T5342]
[ 68.427097][ T5342] dump_stack_lvl+0x189/0x250
[ 68.427187][ T5342] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.427203][ T5342] ? __pfx__printk+0x10/0x10
[ 68.427222][ T5342] ? __pfx___request_region_locked+0x10/0x10
[ 68.427243][ T5342] ubsan_epilogue+0xa/0x40
[ 68.427258][ T5342] __ubsan_handle_shift_out_of_bounds+0x386/0x410
[ 68.427309][ T5342] ? __request_region+0xc2/0xe0
[ 68.427328][ T5342] ? comedi_request_region+0x7b/0x180
[ 68.427372][ T5342] aio_iiro_16_attach+0x5e8/0x790
[ 68.427390][ T5342] comedi_device_attach+0x51d/0x670
[ 68.427407][ T5342] comedi_unlocked_ioctl+0x686/0xf40
[ 68.427427][ T5342] ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 68.427461][ T5342] ? __lock_acquire+0xab9/0xd20
[ 68.427486][ T5342] ? __fget_files+0x2a/0x420
[ 68.427499][ T5342] ? __fget_files+0x2a/0x420
[ 68.427507][ T5342] ? __fget_files+0x3a0/0x420
[ 68.427515][ T5342] ? __fget_files+0x2a/0x420
[ 68.427529][ T5342] ? bpf_lsm_file_ioctl+0x9/0x20
[ 68.427542][ T5342] ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 68.427556][ T5342] __se_sys_ioctl+0xf9/0x170
[ 68.427569][ T5342] do_syscall_64+0xfa/0x3b0
[ 68.427614][ T5342] ? lockdep_hardirqs_on+0x9c/0x150
[ 68.427625][ T5342] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.427637][ T5342] ? clear_bhb_loop+0x60/0xb0
[ 68.427650][ T5342] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.427661][ T5342] RIP: 0033:0x7f79f538e9a9
[ 68.427672][ T5342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 68.427680][ T5342] RSP: 002b:00007f79f17ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 68.427692][ T5342] RAX: ffffffffffffffda RBX: 00007f79f55b5fa0 RCX: 00007f79f538e9a9
[ 68.427699][ T5342] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[ 68.427707][ T5342] RBP: 00007f79f5410d69 R08: 0000000000000000 R09: 0000000000000000
[ 68.427713][ T5342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 68.427721][ T5342] R13: 0000000000000000 R14: 00007f79f55b5fa0 R15: 00007ffd8ba6f468
[ 68.427739][ T5342]
[ 68.427743][ T5342] ---[ end trace ]---
[ 68.550966][ T5342] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 68.554279][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00121-g6832a9317eee #0 PREEMPT(full)
[ 68.559247][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 68.563776][ T5342] Call Trace:
[ 68.565278][ T5342]
[ 68.566561][ T5342] dump_stack_lvl+0x99/0x250
[ 68.568649][ T5342] ? __asan_memcpy+0x40/0x70
[ 68.570626][ T5342] ? __pfx_dump_stack_lvl+0x10/0x10
[ 68.572930][ T5342] ? __pfx__printk+0x10/0x10
[ 68.574970][ T5342] panic+0x2db/0x790
[ 68.576690][ T5342] ? __pfx_panic+0x10/0x10
[ 68.578614][ T5342] ? _printk+0xcf/0x120
[ 68.580546][ T5342] ? __pfx__printk+0x10/0x10
[ 68.582609][ T5342] check_panic_on_warn+0x89/0xb0
[ 68.584785][ T5342] __ubsan_handle_shift_out_of_bounds+0x386/0x410
[ 68.587589][ T5342] ? __request_region+0xc2/0xe0
[ 68.589740][ T5342] ? comedi_request_region+0x7b/0x180
[ 68.592080][ T5342] aio_iiro_16_attach+0x5e8/0x790
[ 68.594241][ T5342] comedi_device_attach+0x51d/0x670
[ 68.596503][ T5342] comedi_unlocked_ioctl+0x686/0xf40
[ 68.598874][ T5342] ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 68.601436][ T5342] ? __lock_acquire+0xab9/0xd20
[ 68.603589][ T5342] ? __fget_files+0x2a/0x420
[ 68.605655][ T5342] ? __fget_files+0x2a/0x420
[ 68.607763][ T5342] ? __fget_files+0x3a0/0x420
[ 68.609832][ T5342] ? __fget_files+0x2a/0x420
[ 68.611903][ T5342] ? bpf_lsm_file_ioctl+0x9/0x20
[ 68.614044][ T5342] ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 68.616535][ T5342] __se_sys_ioctl+0xf9/0x170
[ 68.618542][ T5342] do_syscall_64+0xfa/0x3b0
[ 68.620505][ T5342] ? lockdep_hardirqs_on+0x9c/0x150
[ 68.622808][ T5342] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.625557][ T5342] ? clear_bhb_loop+0x60/0xb0
[ 68.627718][ T5342] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 68.630348][ T5342] RIP: 0033:0x7f79f538e9a9
[ 68.632328][ T5342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 68.640626][ T5342] RSP: 002b:00007f79f17ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 68.644282][ T5342] RAX: ffffffffffffffda RBX: 00007f79f55b5fa0 RCX: 00007f79f538e9a9
[ 68.647953][ T5342] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[ 68.651232][ T5342] RBP: 00007f79f5410d69 R08: 0000000000000000 R09: 0000000000000000
[ 68.654287][ T5342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 68.657449][ T5342] R13: 0000000000000000 R14: 00007f79f55b5fa0 R15: 00007ffd8ba6f468
[ 68.660648][ T5342]
[ 68.662273][ T5342] Kernel Offset: disabled
[ 68.664101][ T5342] Rebooting in 86400 seconds..