program: r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) r1 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000dc0), 0x2, 0x0) ioctl$VIDIOC_CROPCAP(r1, 0xc02c563a, &(0x7f0000001040)={0x8}) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000140)={'pcl818\x00', [0xfffffffb, 0x3166, 0x6, 0x100000, 0x88d7, 0x8f, 0xfffffffd, 0x10, 0x2, 0xffffffff, 0x200, 0x8, 0x344, 0x7, 0x7, 0xa, 0x9, 0x3, 0x3, 0xe, 0x100, 0x3, 0x80, 0x7ff, 0x161, 0x1, 0x3, 0x7df, 0x8, 0x7, 0x1]}) r2 = openat$ptp1(0xffffffffffffff9c, &(0x7f0000000000), 0x10002, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @empty, 0xffff0001}, 0x1c) listen(r4, 0x0) r6 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r7 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r2, 0xc4c03d09, 0xfffffffffffffffd) r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x100000, 0x0) setsockopt$PNPIPE_HANDLE(r8, 0x113, 0x3, &(0x7f00000000c0)=0xb35, 0x4) [ 75.493468][ T46] Bluetooth: hci0: command tx timeout [ 75.557692][ T5342] comedi comedi3: pcl818: I/O port conflict (0xfffffffffffffffb,16) [ 75.583130][ T5342] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN NOPTI [ 75.588229][ T5342] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f] [ 75.591831][ T5342] CPU: 0 UID: 0 PID: 5342 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 75.595635][ T5342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.600264][ T5342] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0 [ 75.602749][ T5342] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 69 2c 71 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 48 2c 71 f9 4d 8b 24 24 48 83 c3 [ 75.610655][ T5342] RSP: 0018:ffffc9000d4a79d8 EFLAGS: 00010206 [ 75.613325][ T5342] RAX: 0000000000000005 RBX: ffff888042539680 RCX: 0000000000100000 [ 75.616576][ T5342] RDX: ffffc90020001000 RSI: 00000000000009e7 RDI: 00000000000009e8 [ 75.619900][ T5342] RBP: 0000000000000001 R08: ffff88803e33012f R09: 1ffff11007c66025 [ 75.623180][ T5342] R10: dffffc0000000000 R11: ffffffff88b6eea0 R12: 0000000000000028 [ 75.626629][ T5342] R13: dffffc0000000000 R14: ffff88803e330000 R15: dffffc0000000000 [ 75.629938][ T5342] FS: 00007f95551416c0(0000) GS:ffff88808d6b5000(0000) knlGS:0000000000000000 [ 75.633678][ T5342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.636400][ T5342] CR2: 00007fcc4856ef70 CR3: 000000003e0fc000 CR4: 0000000000352ef0 [ 75.639800][ T5342] Call Trace: [ 75.641308][ T5342] [ 75.642643][ T5342] pcl818_detach+0x66/0xd0 [ 75.644607][ T5342] comedi_device_detach_locked+0x178/0x750 [ 75.647074][ T5342] comedi_device_attach+0x5d4/0x720 [ 75.648983][ T5342] comedi_unlocked_ioctl+0x5ff/0x1020 [ 75.651293][ T5342] ? kasan_quarantine_put+0xdd/0x220 [ 75.653588][ T5342] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 75.656234][ T5342] ? do_futex+0x395/0x420 [ 75.658248][ T5342] ? __fget_files+0x2a/0x420 [ 75.660295][ T5342] ? __fget_files+0x3a0/0x420 [ 75.662406][ T5342] ? __fget_files+0x2a/0x420 [ 75.664309][ T5342] ? bpf_lsm_file_ioctl+0x9/0x20 [ 75.666366][ T5342] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 75.668920][ T5342] __se_sys_ioctl+0xfc/0x170 [ 75.671016][ T5342] do_syscall_64+0xfa/0xf80 [ 75.672960][ T5342] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.675423][ T5342] ? clear_bhb_loop+0x60/0xb0 [ 75.677284][ T5342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.679517][ T5342] RIP: 0033:0x7f955438f7c9 [ 75.681235][ T5342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.688702][ T5342] RSP: 002b:00007f9555141038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 75.692205][ T5342] RAX: ffffffffffffffda RBX: 00007f95545e5fa0 RCX: 00007f955438f7c9 [ 75.695735][ T5342] RDX: 0000200000000140 RSI: 0000000040946400 RDI: 0000000000000003 [ 75.699091][ T5342] RBP: 00007f9554413f91 R08: 0000000000000000 R09: 0000000000000000 [ 75.702632][ T5342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 75.706012][ T5342] R13: 00007f95545e6038 R14: 00007f95545e5fa0 R15: 00007ffd6cd10b68 [ 75.709232][ T5342] [ 75.710581][ T5342] Modules linked in: [ 75.712944][ T5342] ---[ end trace 0000000000000000 ]--- [ 75.757792][ T5343] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 75.763439][ T5342] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0 [ 75.766203][ T5342] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 69 2c 71 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 48 2c 71 f9 4d 8b 24 24 48 83 c3 [ 75.780169][ T5342] RSP: 0018:ffffc9000d4a79d8 EFLAGS: 00010206 [ 75.783212][ T5342] RAX: 0000000000000005 RBX: ffff888042539680 RCX: 0000000000100000 [ 75.786578][ T5342] RDX: ffffc90020001000 RSI: 00000000000009e7 RDI: 00000000000009e8 [ 75.789962][ T5342] RBP: 0000000000000001 R08: ffff88803e33012f R09: 1ffff11007c66025 [ 75.793825][ T5342] R10: dffffc0000000000 R11: ffffffff88b6eea0 R12: 0000000000000028 [ 75.797206][ T5342] R13: dffffc0000000000 R14: ffff88803e330000 R15: dffffc0000000000 [ 75.801121][ T5342] FS: 00007f95551416c0(0000) GS:ffff88808d6b5000(0000) knlGS:0000000000000000 [ 75.805096][ T5342] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 75.807970][ T5342] CR2: 00007f95545bb558 CR3: 000000003e0fc000 CR4: 0000000000352ef0 [ 75.812024][ T5342] Kernel panic - not syncing: Fatal exception [ 75.815350][ T5342] Kernel Offset: disabled [ 75.817138][ T5342] Rebooting in 86400 seconds..