program: r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000380)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa10812, &(0x7f0000000d40)=ANY=[@ANYBLOB='dmask=00000000000000000002621,utf8,umask=00000000000000000200000,namecase=1,discard,errors=remount-ro,umask=00000000000000000200004,umask=00000000000000000003377,namecase=1,utf8,iocharset=iso8859-4,iocharset=cp874,dmask=01777777777777777777770,errors=remount-ro,uid=', @ANYRESOCT=0x0, @ANYRES16, @ANYRESDEC=0x0, @ANYRES8=0x0, @ANYRESDEC=0x0, @ANYRES8=0x0, @ANYRESDEC, @ANYBLOB="49440fb4005cba20653d2326292c265c2c00e79feca4a2e1053fdd2c84e7a89aa4ee02cbb47695d7ade8fd4362d0e37fbbb365b529e3d4cfa7ec78bc709784cc24ff7cfd3accb1a53fcd27bcb1794fcc15fc6eeae6dd85887fec609d9df9eb63c1eb27e9a7e7c87e551a878ce3db471a5a29b9509986d21054cc6d2e9be1e16b9e2e6e9df5b4b95e1b", @ANYRES16=0x0, @ANYBLOB="bdc3431c9da13b91fe44b13626dc250440d97b1d7b383c38c083c1c6716e836772a33640a6a075db845dea3b0d7f2f96bc9f9f4a2bb54c58d5c376a3799a230c7469c1f819f58a378b914f2676904a776b09c138307a4afd9c5ea327a9bde666812ce42e7c51e72698a2da24bb4b118bbf23f5bfe72852a834ba083ebba4da259bd186b6936176a008073b6ae9fcf2bac230665f3aafdfda02823a69030b19126f82a4", @ANYRES8=0x0, @ANYRESOCT=r1], 0x21, 0x1508, &(0x7f0000002080)="$eJzs3AvYTdX2MPAx5pyLl6Sd5D7HHIudXkySJJckuSRJcuRIbglJkiRJ5X5LckvIPck9JLeQ3O+33JMkSZKE5JbM79Hf+XRO53yd8/+f/+P5zjt+z7Oed4691phrrD3286619n72/q7dgEp1KpevxczwP4L/9aczAKQAQG8AuA4AIgAonqV4lkvrM2js/D/bifj3enjK1a5AXE3S/7RN+p+2Sf/TNul/2ib9T9uk/2mb9D9tk/4LkZZtmZrzelnS7iLv/6dlcv7/D3Ko8Kiv1hW+sf2/kCL9T9uk/2mb9D9tk/6nbdL/tE36n7ZJ/9M26b8Qadl//71j+ezgP2G52q8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBpw9lwhQGAv4yvdl1CCCGEEEIIIYT49wnpr3YFQgghhBBCCCGE+N+HoECDgQjSQXpIgQyQEa6BTHAtZIbrIAHXQxa4AbLCjZANskMOyAm5IDfkAQsEDhhiyAv5IAk3QX64GVKhABSEQuChMBSBW6Ao3ArF4DYoDrdDCbgDSkIpKA1l4E4oC3dBObgbysM9UAEqQiWoDPdCFbgPqsL9UA0egOrwINSAh6Am/AlqwcNQG/4MdeARqAuPQj2oDw2gITT6b+W/BC/DK9AROkFn6AJdoRt0hx7QE3pBb3gV+kDK5eemPwyAgTAI3oDB8CYMgaEwDN6C4TACRsIoGA1jYCy8DePgHRgP78IEmAiTYDJMgakwDd6D6TADZsL7MAs+gNkwB+bCPJgPH8ICWAiL4CNYDB/DElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW+AS2wjbYDjtgJ+yC3fAp7IHPYC98Dvvgi38x/8zf5LdHQECFCg0aTIfpMAVTMCNmxEyYCTNjZkxgArNgFsyKWTEbZrs5B+bAXJgL82AeJCQAZMyLeTGJScyP+TEVU7EgFkSPHotgESyKt2IxLIbFsTiWwBJYEkthKSyDZbAslsVyWA7LY3msgBWwElbCe/FevA+rYlWshtWwOlbHGlgDD+WuibWwFtbG2lgH62BdrIv1sB42wAbYCBthY2yMTbAJNsNm2BybYwtsgS2xJbbCVtgaW2MbbINtsS22w3bYHl/EF/ElfAlfwVewE1ZQXbArdsXu2B17Yi/sha9iH3wNX8PXsR/2xwE4EAfiGzgYT+MQHIrDcBiWVSNwJI5CVmNwLI7FcTgOx+N4nIATcSJOxik4FafhNJyOM3AGvo+z8AP8AOfgHJyH83E+LsCFAy+/wnAJLsVluBxX4EpcgatxDa7Gdbge1+FG3IibcTN+gp/gNtyGO3AH7kIDgJ/iZ/gZ9sN9uA/34348gAfwIB7EQ3gID+NhPIJH8CgexWN4DI/jCTyJJ/AUnsLTeAbP4lk8j+fxAj6f65vauwqs7QfqEqOMSqfSqRSVojKqjCqTyqQyq8wqoRIqi8qisqqsKpvKpnKoHCqXyqXyqHOKFClWscqr8qqkSqr8Kr9KVamqoCqovPKqiCqiiqqiqpgqpoqr21UJdYcqqUqppr6MKqPKqma+nLpblVflVQVVUVVSlVVlVUVVUVVVVVVNVVPVVXVVQz2kaqou2BMfVpc6U0f1x7pqANZT9VUD1VC9gY+pxmowNlFNVTP1hBqKQ7CFauxbqqdVKzUSW6tn1Sh8TrVVY7CdekG1Vy+qDipSL6smvqPqpCZgF9VVTcbuqofqqXqp6VhRXepYJfW66qf6qwFqoJqHb6jB6k01RA1Vw9RbargaoUaqUWq0GqPGqrfVOPWOGq/eVRPURDVJTVZT1FQ1Tb2npqsZaqZ6X81SH6jZao6aq+ap+epDtUAtVIvUR2qx+lgtUUvVMrVcrVAr1Sq1Wq1Ra9U6tV5tUBvVJrVZbVGfqK1qm9qudqidapfarT5Ve9Rnaq/6XO1TX6j96kt1QH2lDqqv1SH1jTqsvlVH1HfqqPpeHVM/qOPqhDqpflSn1E/qtDqjzqpz6rz6WV1Qv6iLKijQqJXW2uhIp9PpdYrOoDPqa3Qmfa3OrK/TCX29zqJv0Fn1jTqbzq5z6Jw6l86t82irSTvNOtZ5dT6d1Dfp/PpmnaoL6IK6kPa6sC6ib9FF9a26mL5NF9e36xL6Dl1Sl9KldRl9py6r79Ll9N26vL5HV9AVdSVdWd+rq+j7dFV9v66mH9DV9YO6hn5I19R/0rX0w7q2/rOuox/RdfWjup6urxvohrqRfkw31o/rJrqpbqaf0M31k7qFfkq31E/rVvoZ3Vo/q9vo53Rb/bxup1/Q7fWLuoP+RV/UQXfUnXRn3UV31d10d91D99S9dG/9qu6jX9N99eu6n+6vB+iBepB+Qw/Wb+oheqgept/Sw/UIPVKP0qP1GD1Wv63H6Xf0eP2unqAn6kl6sp6ip+qel2ea+U/kv/N38vv+uvfNeov+RG/V2/R2vUPv1Lv0br1b79F79F69V+/T+/R+vV8f0Af0QX1QH9KH9GF9WB/RR/RRfVQf08f0cX1Cn9M/6lP6J31an9Fn9Dl9Xp/XFy4/B2DQKKONMZFJZ9KbFJPBZDTXmEzmWpPZXGcS5nqTxdxgspobTTaT3eQwOU0uk9vkMdaQcYZNbPKafCZpbsLLJ01T0BQy3hQ2Rcwt/0q+yW9uNqmmwF/l/1F9jUwj09g0Nk1ME9PMNDPNTXPTwrS49VIdrUwr09q0Nm1MG9PWtDXtTDvT3rQ3HUwH87J52XQ0HU1n09l0Nd1Md9PD9DS9TG/zqulj+pi+pq/pZ/qZAWaAGWQGmcFmsBlihphhZpgZboabkWakGW1Gm7FmrBlnxpnxZryZYCaYSWaSmWKmmGlmmpluppuZZqaZZWaZ2Wa2mWvmmvlmvllgFphFZpFZbBabJWapWWqWm+VmpVlpVpvVZq1Za9ab9Waj2WiWpN9itpitZqvZbrabnWan2W12mz1mj9lr9pp9Zp/Zb/abA+aAOWgOmkPmkDlsDpsj5og5ao6aY+aYOW6Om5PmpDllTpnT5rQ5a86a8+a8uWAumIvm4qXLvkhFKjKRidJF6aKUKCXKGGWMMkWZosxR5igRJaIsUZYoa3RjlC3KHuWIcka5otxRnshGFLmIozjKG+WLktFNUf7o5ig1KhAVjApFPiocFYluiYpGt0bFotui4tHtUYnojqhkVCoqHZWJ7ozKRndF5aK7o/LRPVGFqGJUKaoc3RtVie6Lqkb3R9WiB6Lq0YNRjeihqGb0p6hW9HBUO/pzVCd6JKobPRrVi+pHDaKGUaN/6/whnM7+uO9oO9nOtovtarvZ7raH7Wl72d72VdvHvmb72tdtP9vfDrAD7SD7hh1s37RD7FA7zL5lh9sRdqQdZUfbMXasfduOs+/Y8fZdO8FOtJPsZDvFTrXT7Ht2up1hZ9r37Sz7gZ1t59i5dp6dbz+0C+xCu8h+ZBfbj+0Su9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFvuJ3Wq32e12h91pd9nd9lO7x35m99rP7T77hd1vv7QH7Ff2oP3aHrLf2MP2W3vEfmeP2u/tMfuDPW5P2JP2R3vK/mRP2zP2rD1nz9uf7QX7i71ow6WL+0undzJkKB2loxRKoYyUkTJRJspMmSlBCcpCWSgrZaVslI1yUA7KRbkoD+WhS5iY8lJeSlKS8lN+SqVUKkgFyZOnIlSEilJRKkbFqDgVpxJUgkpSSSpNpelOupPuorvobrqb7qF7qCJVpMpUmapQFapKVakaVaPqVJ1qUA2qSTWpFtWi2lSb6lAdqkt1qR7VowbUgBpRI2pMjakJNaFm1IyaU3NqQS2oJbWkVtSKWlNrakNtqC21pXbUjtpTe+pAHehlepk6UkfqTJ2pK3Wl7tSdelJP6k29qQ/1ob7Ul/pRPxpAA2gQDaLBNJiG0FAaRm/RcBpBI2kUjaYxNJbG0jgaR+NpPE2gCTSJJtEUmkLTaBpNp+k0k2bSLJpFs2k2zaW5NJ/m0wJaQItoES2mxbSEltAyWkYraAWtolW0htbQOlpHG2gDbaJNtIW20FbaSttpO+2knbSbdtMe2kN7aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtNJOkmn6BSdptN0ls7SefqZLtAvdJECpbgMLqO7xmVy17rM7jr3t3EOl9PlcrldHmddNpf9r2JyzqW6Aq6gK+S8K+yKuFtc6qUL3t/EJV0pV9qVcXe6su4uV+53cRV3n6vq7nfV3AOusrv3r+Lq7kFXwz3iarpHXS1X39V2DV0d94ir6x519Vx918A1dM3dk66Fe8q1dE+7Vu6Z38UL3EK3xq1169x6t8d95s66c+6I+86ddz+7jq6T6+1edX3ca66ve931c/1/Fw9zb7nhboQb6Ua50W7M7+JJbrKb4qa6ae49N93N+F08333oZrlFbrab4+a6eb/Gl2pa5D5yi93Hbolb6pa55W6FW+lWudX/t9blbqPb5Da73e5Tt9Vtc9vdDrfT7fo1vnQce93nbp/7wh1237oD7it30B11h9w3v8aXju+o+94dcz+44+6EO+l+dKfcT+60O/Pr8V869h/dL+6iCw4YWbFmwxGn4/Scwhk4I1/DmfhazszXcYKv5yx8A2flGzkbZ+ccnJNzcW7Ow5aJHTPHnJfzcZJv4vx8M6dyAS7IhdhzYS7Ct3BRvpWL8W1cnG/nEnwHl+RSXJrL8J1clu/icnw3l+d7uAJX5Epcme/lKnwfV+X7uRo/wNX5Qa7BD3FN/hPX4oe5Nv+Z6/AjXJcf5XpcnxtwQ27Ej3FjfpybcFNuxk9wc36SW/BT3JKf5lb8DLfmZ7kNP8dt+Xluxy9we36RO/BL/DK/wh25E3fmLtyVu3F37sE9uRf35le5D7/Gffl17sf9eQAP5EH8Bg/mN3kID+Vh/BYP5xE8kkfxaB7DY/ltHsfv8Hh+lyfwRJ7Ek3kKT+Vp/B5P5xk8k9/nWfwBz+Y5PJfn8Xz+kBfwQl7EH/Fi/piX8FJexst5Ba/kVbya1/BaXsfreQNv5E28mbfwJ7yVt/F23sE7eRfv5k95D3/Ge/lz3sdf8H7+kg/wV3yQv+ZD/A0f5m/5CH/HR/l7PsY/8HE+wSf5Rz7FP/FpPsNn+Ryf55/5Av/CFzkwxBirWMcmjuJ0cfo4Jc4QZ4yviTPF18aZ4+viRHx9nCW+Ic4a3xhni7PHOeKcca44d5wntjHFLuY4jvPG+eJkfFOcP745To0LxAXjQrGPC8dF4lviovGtcbH4trh4fHtcIr4jLhmXih95oEx8Z1w2visuF98dl4/viSvEFeNKceX43rhKfF9cNb4/rhY/EBeLH4xrxA/FcPn7KrXjP8d14kfiuvGjcb24ftwgbhg3ih+LG8ePx03ipnGz+Im4efxk3CJ+Km4ZPx23ip/5w/Wd4y5x17hb3C0O4X49NzkvOT/5YXJBcmFyUfKj5OLkx8klyaXJZcnlyRXJlclVydXJNcm1yXXJ9ckNyY3JTcnNyRAqpwePXnntjY98Op/ep/gMPqO/xmfy1/rM/jqf8Nf7LP4Gn9Xf6LP57D6Hz+lz+dw+j7eevPPsY5/X5/NJf5PP72/2qb6AL+gLee8L+yK+oW/kG/nG/nHfxDf1zfwT/gn/pH/SP+Wf8k/7Vv4Z39o/69v453xb/7x/3r/g2/sXfQf/kn/Zv+I7+k6+s+/su/quvrvv7nv6nr637+37+D6+r+/r+/l+foAf4Af5QX6wH+yH+CF+mB/mh/vhfqQf6Uf70X6sH+vH+XF+vB/vJ/gJfpKf5Kf4KX6an+an++l+pp/pZ6XO8rP9bD/Xz/Xz/Xy/wC/wi/wiv9gv9kv8Er/ML/Mr/Aq/yq/ya/wav86v8xv8Br/Jb/Jb/Ba/1W/12/12v9Pv9Lv9br/H7/F7/V6/z+/z+/1+f8Af8Af91/6Q/8Yf9t/6I/47f9R/74/5H/xxf8Kf9D/6U/4nf9qf8Wf9OX/e/+wv+F/8RR/82MTbiXGJdxLjE+8mJiQmJiYlJiemJKYmpiXeS0xPzEjMTLyfmJX4IDE7MScxNzEvMT/xYWJBYmFiUeKjxOLEx4kliaWJZYnliRWJlYkQcm+NQ96QLyTDTSF/uDmkhgKhYCgUfCgcioRbQtFwaygWbgvFw+2hRLgjlAylQunwaKgX6ocGoWFoFB4LjcPjoUloGpqFJ0Lz8GRoEZ4KLcPToVV4JrQOz4Y24bnQNjwf2oUXQvu/3HGFV0LH0Cl0Dl1C19AtdA89Qs/QK/QOr4Y+4bXQN7we+oX+YUAYGAaFN8Lg8GYYEoaGYeGtMDyMCCPDqDA6jAljw9thXHgnjA/vhglhYpgUJocpYWqYFt4L08OMMDO8H2aFD8LsMCfMDfPC/PBhWBAWhkXho7A4fByWhKVhWVgeVoSVYVVYHdaEtWFdWB82hI1hU9gctoRPwtawLWwPO8LOsCvsDp+GPeGzsDd8HvaFL8L+8GU4EL4KB8PX4VD4JhwO34Yj4btwNHwfjoUfwvFwIpwMP4ZT4adwOpwJZ8O5cD78HC6EX8JF+c6aEEIIIcQ/pdsfrO/ydx4zAKAuj7sCwLXbch767XoNABuy/de4h8rVPAEAT3dq9/BflgoVOnfufHnbJRqifHMAIPE3O7gcL4Vm8CS0hKZQ9O/W10O9eJ7/YP7k7QAZf5OTAlfiK/N/+Q/mf+yJYQtKxGez/D/mnwOQmu9KTga4Ei+FZl+8AgBNodg/mD974z+oP8NXYwGa/CYnE1yJr9RfBB6HZ6DlX235Nx645h+vE0IIIYQQQgjxH62HKt3mj+6fL92f5zJXctLDlfiP7s+FEEIIIYQQQghx9T33YoenHmvZsmmbf36Q/l/ZWAYykMH/j4Or/Z9JCCGEEEII8e925aL/ymMZrmZBQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFEGvSbH/3KAAD/Kz8ndrWPUQghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhLja/k8AAAD//3BjMQc=") r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents(r6, &(0x7f00000005c0)=""/209, 0xd1) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r9, 0xc004743e, &(0x7f0000000140)) r10 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r10, 0xc004743e, &(0x7f00000000c0)) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff) syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), r5) sendmsg$NL80211_CMD_SET_STATION(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000000fddbdf251200000008000300", @ANYRES32=r8, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x44) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'das16m1\x00', [0x2f00, 0xfd1, 0xd09a, 0xfffffffe, 0x0, 0xfffffffe, 0x1, 0x6, 0xffe, 0x1, 0xc, 0x1, 0x4, 0x4, 0xffff, 0x6, 0xffffffa7, 0x40000009, 0x832, 0x9, 0x3ff, 0x9, 0x800, 0xe2df, 0x2, 0x1, 0x9, 0x3, 0x4, 0x5, 0x70f]}) r12 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi1\x00', 0x400, 0x0) ioctl$COMEDI_SETWSUBD(r12, 0x6411) [ 74.739872][ T5316] Bluetooth: hci0: command tx timeout [ 74.826790][ T5337] loop0: detected capacity change from 0 to 256 [ 74.837491][ T5337] exfat: Deprecated parameter 'utf8' [ 74.851299][ T5337] exfat: Deprecated parameter 'namecase' [ 74.854000][ T5337] exfat: Deprecated parameter 'namecase' [ 74.856623][ T5337] exfat: Deprecated parameter 'utf8' [ 74.904209][ T5337] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 74.933468][ T5337] ------------[ cut here ]------------ [ 74.935814][ T5337] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/das16m1.c:525:9 [ 74.940330][ T5337] shift exponent 4049 is too large for 32-bit type 'int' [ 74.943292][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 74.943310][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.943319][ T5337] Call Trace: [ 74.943326][ T5337] [ 74.943333][ T5337] dump_stack_lvl+0x189/0x250 [ 74.943421][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 74.943437][ T5337] ? __pfx__printk+0x10/0x10 [ 74.943491][ T5337] ubsan_epilogue+0xa/0x40 [ 74.943512][ T5337] __ubsan_handle_shift_out_of_bounds+0x386/0x410 [ 74.943568][ T5337] ? __comedi_request_region+0x74/0x140 [ 74.943613][ T5337] das16m1_attach+0x8ee/0xb20 [ 74.943639][ T5337] comedi_device_attach+0x520/0x670 [ 74.943659][ T5337] comedi_unlocked_ioctl+0x686/0xf40 [ 74.943686][ T5337] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 74.943728][ T5337] ? __lock_acquire+0xab9/0xd20 [ 74.943758][ T5337] ? __fget_files+0x2a/0x420 [ 74.943777][ T5337] ? __fget_files+0x2a/0x420 [ 74.943792][ T5337] ? __fget_files+0x3a0/0x420 [ 74.943807][ T5337] ? __fget_files+0x2a/0x420 [ 74.943825][ T5337] ? bpf_lsm_file_ioctl+0x9/0x20 [ 74.943838][ T5337] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 74.943863][ T5337] __se_sys_ioctl+0xfc/0x170 [ 74.943879][ T5337] do_syscall_64+0xfa/0x3b0 [ 74.943919][ T5337] ? lockdep_hardirqs_on+0x9c/0x150 [ 74.943939][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.943953][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 74.943971][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.943984][ T5337] RIP: 0033:0x7f54b138e929 [ 74.943996][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.944005][ T5337] RSP: 002b:00007f54b213e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 74.944019][ T5337] RAX: ffffffffffffffda RBX: 00007f54b15b5fa0 RCX: 00007f54b138e929 [ 74.944029][ T5337] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000003 [ 74.944039][ T5337] RBP: 00007f54b1410b39 R08: 0000000000000000 R09: 0000000000000000 [ 74.944048][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 74.944056][ T5337] R13: 0000000000000000 R14: 00007f54b15b5fa0 R15: 00007fff2564d7a8 [ 74.944077][ T5337] [ 74.944082][ T5337] ---[ end trace ]--- [ 75.063228][ T5337] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 75.066103][ T5337] CPU: 0 UID: 0 PID: 5337 Comm: syz.0.0 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 75.070707][ T5337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.075378][ T5337] Call Trace: [ 75.076942][ T5337] [ 75.078290][ T5337] dump_stack_lvl+0x99/0x250 [ 75.080430][ T5337] ? __asan_memcpy+0x40/0x70 [ 75.082360][ T5337] ? __pfx_dump_stack_lvl+0x10/0x10 [ 75.084199][ T5337] ? __pfx__printk+0x10/0x10 [ 75.086199][ T5337] panic+0x2db/0x790 [ 75.088031][ T5337] ? __pfx_panic+0x10/0x10 [ 75.089896][ T5337] ? _printk+0xcf/0x120 [ 75.091708][ T5337] ? __pfx__printk+0x10/0x10 [ 75.093819][ T5337] check_panic_on_warn+0x89/0xb0 [ 75.095860][ T5337] __ubsan_handle_shift_out_of_bounds+0x386/0x410 [ 75.098217][ T5337] ? __comedi_request_region+0x74/0x140 [ 75.100693][ T5337] das16m1_attach+0x8ee/0xb20 [ 75.102767][ T5337] comedi_device_attach+0x520/0x670 [ 75.105105][ T5337] comedi_unlocked_ioctl+0x686/0xf40 [ 75.107522][ T5337] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 75.109959][ T5337] ? __lock_acquire+0xab9/0xd20 [ 75.111965][ T5337] ? __fget_files+0x2a/0x420 [ 75.113979][ T5337] ? __fget_files+0x2a/0x420 [ 75.115891][ T5337] ? __fget_files+0x3a0/0x420 [ 75.118014][ T5337] ? __fget_files+0x2a/0x420 [ 75.120681][ T5337] ? bpf_lsm_file_ioctl+0x9/0x20 [ 75.123626][ T5337] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 75.127076][ T5337] __se_sys_ioctl+0xfc/0x170 [ 75.130719][ T5337] do_syscall_64+0xfa/0x3b0 [ 75.132943][ T5337] ? lockdep_hardirqs_on+0x9c/0x150 [ 75.135363][ T5337] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.138139][ T5337] ? clear_bhb_loop+0x60/0xb0 [ 75.140301][ T5337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.142654][ T5337] RIP: 0033:0x7f54b138e929 [ 75.144509][ T5337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.152199][ T5337] RSP: 002b:00007f54b213e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.155764][ T5337] RAX: ffffffffffffffda RBX: 00007f54b15b5fa0 RCX: 00007f54b138e929 [ 75.159129][ T5337] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000003 [ 75.162381][ T5337] RBP: 00007f54b1410b39 R08: 0000000000000000 R09: 0000000000000000 [ 75.165691][ T5337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.169291][ T5337] R13: 0000000000000000 R14: 00007f54b15b5fa0 R15: 00007fff2564d7a8 [ 75.172830][ T5337] [ 75.174538][ T5337] Kernel Offset: disabled [ 75.176622][ T5337] Rebooting in 86400 seconds..