program:
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'pcl818\x00', [0x4, 0x2162, 0x2, 0x6, 0x0, 0x2fd, 0x6, 0x10, 0xfffffffd, 0xffffffff, 0x200, 0x3968, 0x799, 0x6, 0x2, 0x200, 0x9, 0x3, 0x3, 0x6, 0x4, 0x0, 0x400080, 0x4, 0x1, 0xa1, 0xb0c4, 0x61, 0x8, 0xf3, 0x1]})

[   85.890788][ T4685] Bluetooth: hci0: command tx timeout
[   85.928619][ T5349] comedi comedi3: pcl818: I/O port conflict (0x4,16)
[   85.934470][ T5349] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN NOPTI
[   85.942146][ T5349] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[   85.948362][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
[   85.952776][ T5349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   85.957618][ T5349] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[   85.960532][ T5349] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 f9 1d 70 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 d8 1d 70 f9 4d 8b 24 24 48 83 c3
[   85.968870][ T5349] RSP: 0018:ffffc9000d4f79d8 EFLAGS: 00010206
[   85.971480][ T5349] RAX: 0000000000000005 RBX: ffff888051520b80 RCX: 0000000000100000
[   85.974858][ T5349] RDX: ffffc90020001000 RSI: 0000000000000933 RDI: 0000000000000934
[   85.978223][ T5349] RBP: 0000000000000001 R08: ffff88803e4f912f R09: 1ffff11007c9f225
[   85.981644][ T5349] R10: dffffc0000000000 R11: ffffffff88b898f0 R12: 0000000000000028
[   85.984986][ T5349] R13: dffffc0000000000 R14: ffff88803e4f9000 R15: dffffc0000000000
[   85.988321][ T5349] FS:  00007f874da5b6c0(0000) GS:ffff88808d69f000(0000) knlGS:0000000000000000
[   85.992044][ T5349] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.994733][ T5349] CR2: 00007f874cdd9028 CR3: 000000003f1a7000 CR4: 0000000000352ef0
[   85.998002][ T5349] Call Trace:
[   85.999434][ T5349]  <TASK>
[   86.000743][ T5349]  pcl818_detach+0x66/0xd0
[   86.002698][ T5349]  comedi_device_detach_locked+0x178/0x750
[   86.005388][ T5349]  comedi_device_attach+0x5d4/0x720
[   86.007769][ T5349]  comedi_unlocked_ioctl+0x5ff/0x1020
[   86.010128][ T5349]  ? kasan_quarantine_put+0xdd/0x220
[   86.012447][ T5349]  ? lockdep_hardirqs_on+0x98/0x140
[   86.014739][ T5349]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   86.017345][ T5349]  ? do_futex+0x333/0x420
[   86.019190][ T5349]  ? __fget_files+0x2a/0x420
[   86.021226][ T5349]  ? __fget_files+0x3a0/0x420
[   86.023372][ T5349]  ? __fget_files+0x2a/0x420
[   86.025440][ T5349]  ? bpf_lsm_file_ioctl+0x9/0x20
[   86.027553][ T5349]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   86.030168][ T5349]  __se_sys_ioctl+0xfc/0x170
[   86.032258][ T5349]  do_syscall_64+0xfa/0xf80
[   86.034253][ T5349]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.036839][ T5349]  ? clear_bhb_loop+0x60/0xb0
[   86.038781][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.041268][ T5349] RIP: 0033:0x7f874cb8f7c9
[   86.043209][ T5349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.051589][ T5349] RSP: 002b:00007f874da5b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   86.055237][ T5349] RAX: ffffffffffffffda RBX: 00007f874cde5fa0 RCX: 00007f874cb8f7c9
[   86.058676][ T5349] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000003
[   86.062143][ T5349] RBP: 00007f874cc13f91 R08: 0000000000000000 R09: 0000000000000000
[   86.065576][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   86.069001][ T5349] R13: 00007f874cde6038 R14: 00007f874cde5fa0 R15: 00007ffda4daf308
[   86.072497][ T5349]  </TASK>
[   86.073877][ T5349] Modules linked in:
[   86.076132][ T5349] ---[ end trace 0000000000000000 ]---
[   86.092817][ T5349] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[   86.096128][ T5349] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 f9 1d 70 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 d8 1d 70 f9 4d 8b 24 24 48 83 c3
[   86.106072][ T5349] RSP: 0018:ffffc9000d4f79d8 EFLAGS: 00010206
[   86.108711][ T5349] RAX: 0000000000000005 RBX: ffff888051520b80 RCX: 0000000000100000
[   86.112106][ T5349] RDX: ffffc90020001000 RSI: 0000000000000933 RDI: 0000000000000934
[   86.117088][ T5349] RBP: 0000000000000001 R08: ffff88803e4f912f R09: 1ffff11007c9f225
[   86.120937][ T5349] R10: dffffc0000000000 R11: ffffffff88b898f0 R12: 0000000000000028
[   86.124245][ T5349] R13: dffffc0000000000 R14: ffff88803e4f9000 R15: dffffc0000000000
[   86.127966][ T5349] FS:  00007f874da5b6c0(0000) GS:ffff88808d69f000(0000) knlGS:0000000000000000
[   86.131603][ T5349] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.134823][ T5349] CR2: 00007f874cdbb558 CR3: 000000003f1a7000 CR4: 0000000000352ef0
[   86.138231][ T5349] Kernel panic - not syncing: Fatal exception
[   86.141023][ T5349] Kernel Offset: disabled
[   86.142794][ T5349] Rebooting in 86400 seconds..