Oops: divide error: 0000 [#1] SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 14420 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
RIP: 0010:comedi_buf_munge drivers/comedi/comedi_buf.c:347 [inline]
RIP: 0010:comedi_buf_write_free+0x3c8/0x7e0 drivers/comedi/comedi_buf.c:391
Code: 41 03 45 00 48 8b 4c 24 78 42 0f b6 0c 21 84 c9 4c 8b bc 24 90 00 00 00 44 8b 74 24 54 0f 85 02 01 00 00 31 d2 48 8b 4c 24 30 <f7> 31 41 89 55 00 48 8b 44 24 70 42 0f b6 04 20 84 c0 0f 85 09 01
RSP: 0018:ffffc90000007bd8 EFLAGS: 00010046
RAX: 0000000000000001 RBX: dffffc0000000000 RCX: ffff88807e5b4a80
RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff888054779000
RBP: 0000000000000002 R08: 0000000000000000 R09: 1ffff1100a8ef200
R10: dffffc0000000000 R11: ffffffff88ad3dc0 R12: dffffc0000000000
R13: ffff88807e5b4a38 R14: 0000000000000000 R15: ffff88807e5b4a00
FS:  000055557e243500(0000) GS:ffff888126396000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2088771000 CR3: 0000000077bcc000 CR4: 0000000000350ef0
Call Trace:
 <IRQ>
 comedi_buf_write_samples+0x369/0x5a0 drivers/comedi/comedi_buf.c:602
 das16m1_handler+0x213/0x4b0 drivers/comedi/drivers/das16m1.c:413
 das16m1_interrupt+0xaf/0x180 drivers/comedi/drivers/das16m1.c:470
 __handle_irq_event_percpu+0x295/0xab0 kernel/irq/handle.c:203
 handle_irq_event_percpu kernel/irq/handle.c:240 [inline]
 handle_irq_event+0x8b/0x1e0 kernel/irq/handle.c:257
 handle_edge_irq+0x23b/0xa10 kernel/irq/chip.c:855
 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline]
 handle_irq arch/x86/kernel/irq.c:254 [inline]
 call_irq_handler arch/x86/kernel/irq.c:-1 [inline]
 __common_interrupt+0x141/0x1f0 arch/x86/kernel/irq.c:325
 common_interrupt+0xb6/0xe0 arch/x86/kernel/irq.c:318
 </IRQ>
 <TASK>
 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
RIP: 0010:rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
RIP: 0010:rcu_read_lock include/linux/rcupdate.h:841 [inline]
RIP: 0010:class_rcu_constructor include/linux/rcupdate.h:1169 [inline]
RIP: 0010:is_module_text_address+0x1d/0x1e0 kernel/module/main.c:3845
Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 41 57 41 56 41 55 41 54 53 49 89 fe e8 6a 62 fc ff 48 8d 1d 00 00 00 00 <48> c7 c7 60 b1 d3 8d 31 f6 31 d2 b9 02 00 00 00 45 31 c0 45 31 c9
RSP: 0018:ffffc9000ebede00 EFLAGS: 00000283
RAX: 0000000000000002 RBX: ffffffff81a9719d RCX: dffffc0000000000
RDX: 0000000000000000 RSI: ffffffff8b9ec240 RDI: 00007f61d2990d5c
RBP: 0000000000000001 R08: 0000000000000022 R09: ffffffff81725d45
R10: dffffc0000000000 R11: ffffffff81aaf9d0 R12: ffff8880267dbc80
R13: 00000000000002c0 R14: 00007f61d2990d5c R15: 1ffff92001d7dbda
 kernel_text_address+0x94/0xe0 kernel/extable.c:119
 __kernel_text_address+0xd/0x40 kernel/extable.c:79
 unwind_get_return_address+0x4d/0x90 arch/x86/kernel/unwind_orc.c:369
 arch_stack_walk+0xfc/0x150 arch/x86/kernel/stacktrace.c:26
 stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:56 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:77
 unpoison_slab_object mm/kasan/common.c:342 [inline]
 __kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:368
 kasan_slab_alloc include/linux/kasan.h:252 [inline]
 slab_post_alloc_hook mm/slub.c:4946 [inline]
 slab_alloc_node mm/slub.c:5245 [inline]
 kmem_cache_alloc_node_noprof+0x433/0x710 mm/slub.c:5297
 kmalloc_reserve+0xbd/0x290 net/core/skbuff.c:579
 __alloc_skb+0x142/0x2d0 net/core/skbuff.c:670
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nlmsg_new include/net/netlink.h:1055 [inline]
 inet6_rt_notify+0x170/0x470 net/ipv6/route.c:6345
 fib6_add_rt2node+0x1876/0x33a0 net/ipv6/ip6_fib.c:1275
 fib6_add+0x8da/0x18a0 net/ipv6/ip6_fib.c:1528
 __ip6_ins_rt net/ipv6/route.c:1351 [inline]
 ip6_route_add+0xde/0x1b0 net/ipv6/route.c:3946
 addrconf_prefix_route net/ipv6/addrconf.c:2488 [inline]
 addrconf_add_linklocal+0x45f/0x6c0 net/ipv6/addrconf.c:3313
 addrconf_addr_gen+0x490/0x580 net/ipv6/addrconf.c:3442
 addrconf_init_auto_addrs+0x62d/0xa30 net/ipv6/addrconf.c:-1
 addrconf_notify+0xacc/0x1010 net/ipv6/addrconf.c:3740
 notifier_call_chain+0x1b6/0x3e0 kernel/notifier.c:85
 call_netdevice_notifiers_extack net/core/dev.c:2267 [inline]
 call_netdevice_notifiers net/core/dev.c:2281 [inline]
 __dev_notify_flags+0x18d/0x2e0 net/core/dev.c:-1
 netif_change_flags+0xe8/0x1a0 net/core/dev.c:9705
 do_setlink+0xc55/0x41c0 net/core/rtnetlink.c:3151
 rtnl_changelink net/core/rtnetlink.c:3769 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3928 [inline]
 rtnl_newlink+0x1619/0x1c80 net/core/rtnetlink.c:4065
 rtnetlink_rcv_msg+0x7cf/0xb70 net/core/rtnetlink.c:6954
 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552
 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]
 netlink_unicast+0x82f/0x9e0 net/netlink/af_netlink.c:1346
 netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:742
 __sys_sendto+0x3bd/0x520 net/socket.c:2244
 __do_sys_sendto net/socket.c:2251 [inline]
 __se_sys_sendto net/socket.c:2247 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2247
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f61d2990d5c
Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
RSP: 002b:00007ffd6d4664c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 00007f61d3714620 RCX: 00007f61d2990d5c
RDX: 0000000000000020 RSI: 00007f61d3714670 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00007ffd6d466514 R09: 000000000000000c
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
R13: 0000000000000000 R14: 00007f61d3714670 R15: 0000000000000000
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:comedi_buf_munge drivers/comedi/comedi_buf.c:347 [inline]
RIP: 0010:comedi_buf_write_free+0x3c8/0x7e0 drivers/comedi/comedi_buf.c:391
Code: 41 03 45 00 48 8b 4c 24 78 42 0f b6 0c 21 84 c9 4c 8b bc 24 90 00 00 00 44 8b 74 24 54 0f 85 02 01 00 00 31 d2 48 8b 4c 24 30 <f7> 31 41 89 55 00 48 8b 44 24 70 42 0f b6 04 20 84 c0 0f 85 09 01
RSP: 0018:ffffc90000007bd8 EFLAGS: 00010046
RAX: 0000000000000001 RBX: dffffc0000000000 RCX: ffff88807e5b4a80
RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff888054779000
RBP: 0000000000000002 R08: 0000000000000000 R09: 1ffff1100a8ef200
R10: dffffc0000000000 R11: ffffffff88ad3dc0 R12: dffffc0000000000
R13: ffff88807e5b4a38 R14: 0000000000000000 R15: ffff88807e5b4a00
FS:  000055557e243500(0000) GS:ffff888126396000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2088771000 CR3: 0000000077bcc000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
   0:	41 03 45 00          	add    0x0(%r13),%eax
   4:	48 8b 4c 24 78       	mov    0x78(%rsp),%rcx
   9:	42 0f b6 0c 21       	movzbl (%rcx,%r12,1),%ecx
   e:	84 c9                	test   %cl,%cl
  10:	4c 8b bc 24 90 00 00 	mov    0x90(%rsp),%r15
  17:	00
  18:	44 8b 74 24 54       	mov    0x54(%rsp),%r14d
  1d:	0f 85 02 01 00 00    	jne    0x125
  23:	31 d2                	xor    %edx,%edx
  25:	48 8b 4c 24 30       	mov    0x30(%rsp),%rcx
* 2a:	f7 31                	divl   (%rcx) <-- trapping instruction
  2c:	41 89 55 00          	mov    %edx,0x0(%r13)
  30:	48 8b 44 24 70       	mov    0x70(%rsp),%rax
  35:	42 0f b6 04 20       	movzbl (%rax,%r12,1),%eax
  3a:	84 c0                	test   %al,%al
  3c:	0f                   	.byte 0xf
  3d:	85 09                	test   %ecx,(%rcx)
  3f:	01                   	.byte 0x1