./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor468218824

<...>
Warning: Permanently added '10.128.0.193' (ED25519) to the list of known hosts.
execve("./syz-executor468218824", ["./syz-executor468218824"], 0x7ffc86b8fb10 /* 10 vars */) = 0
brk(NULL)                               = 0x55556d7f1000
brk(0x55556d7f1d00)                     = 0x55556d7f1d00
arch_prctl(ARCH_SET_FS, 0x55556d7f1380) = 0
set_tid_address(0x55556d7f1650)         = 5849
set_robust_list(0x55556d7f1660, 24)     = 0
rseq(0x55556d7f1ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor468218824", 4096) = 27
getrandom("\x95\xb2\x57\xd1\xe8\xcc\x07\x6d", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55556d7f1d00
brk(0x55556d812d00)                     = 0x55556d812d00
brk(0x55556d813000)                     = 0x55556d813000
mprotect(0x7fb7f03b3000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5850 attached
, child_tidptr=0x55556d7f1650) = 5850
[pid  5850] set_robust_list(0x55556d7f1660, 24) = 0
[pid  5850] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5850] setpgid(0, 0)               = 0
[pid  5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5850] write(3, "1000", 4)         = 4
[pid  5850] close(3)                    = 0
[pid  5850] write(1, "executing program\n", 18executing program
) = 18
[pid  5850] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY) = 3
[pid  5850] ioctl(3, COMEDI_DEVCONFIG, 0) = 0
[pid  5850] ioctl(3, COMEDI_DEVCONFIG, 0x200000000180) = 0
[pid  5850] exit_group(0)               = ?
[pid  5850] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached
, child_tidptr=0x55556d7f1650) = 5851
[pid  5851] set_robust_list(0x55556d7f1660, 24) = 0
[pid  5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[   90.931115][ T5850] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[pid  5851] setpgid(0, 0)               = 0
[pid  5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5851] write(3, "1000", 4)         = 4
[pid  5851] close(3)                    = 0
[pid  5851] write(1, "executing program\n", 18executing program
) = 18
[pid  5851] openat(AT_FDCWD, "/dev/comedi3", O_RDONLY) = 3
[   91.031274][ T5851] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI
[   91.043288][ T5851] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[   91.051720][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz-executor468 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[   91.063640][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.073765][ T5851] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[   91.079365][ T5851] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 39 70 30 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 18 70 30 f9 4d 8b 24 24 48 83 c3
[   91.099156][ T5851] RSP: 0018:ffffc90003f77a58 EFLAGS: 00010206
[   91.105241][ T5851] RAX: 0000000000000005 RBX: ffff8880310e9e80 RCX: ffff88803349bc00
[   91.113309][ T5851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88814c847800
[   91.121286][ T5851] RBP: 0000000000000001 R08: ffff88814c84792f R09: 1ffff11029908f25
[   91.129433][ T5851] R10: dffffc0000000000 R11: ffffffff88f2bb50 R12: 0000000000000028
[   91.137406][ T5851] R13: dffffc0000000000 R14: ffff88814c847800 R15: dffffc0000000000
[   91.145380][ T5851] FS:  000055556d7f1380(0000) GS:ffff8881257ab000(0000) knlGS:0000000000000000
[   91.154312][ T5851] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   91.160900][ T5851] CR2: 00007fb7f03b70d0 CR3: 000000007765e000 CR4: 00000000003526f0
[   91.168890][ T5851] Call Trace:
[   91.172186][ T5851]  <TASK>
[   91.175125][ T5851]  pcl818_detach+0x66/0xd0
[   91.179570][ T5851]  comedi_device_detach+0x137/0x720
[   91.184871][ T5851]  comedi_unlocked_ioctl+0xbd2/0xfc0
[   91.190250][ T5851]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   91.196070][ T5851]  ? _raw_spin_lock_irq+0xae/0xf0
[   91.201134][ T5851]  ? __pfx_ptrace_notify+0x10/0x10
[   91.206266][ T5851]  ? bpf_lsm_file_ioctl+0x9/0x20
[   91.211209][ T5851]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[   91.217017][ T5851]  __se_sys_ioctl+0xf9/0x170
[   91.221614][ T5851]  do_syscall_64+0xfa/0x3b0
[   91.226132][ T5851]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.231348][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.237418][ T5851]  ? clear_bhb_loop+0x60/0xb0
[   91.242100][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.248006][ T5851] RIP: 0033:0x7fb7f0340b39
[   91.252436][ T5851] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   91.272045][ T5851] RSP: 002b:00007fff7e9575a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   91.280472][ T5851] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb7f0340b39
[   91.288450][ T5851] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000003
[   91.296428][ T5851] RBP: 00000000000162c9 R08: 0000000000000006 R09: 0000000000000006
[   91.304401][ T5851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff7e9575bc
[   91.312378][ T5851] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001
[   91.320360][ T5851]  </TASK>
[   91.323380][ T5851] Modules linked in:
[   91.327434][ T5851] ---[ end trace 0000000000000000 ]---
[   91.333444][ T5851] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[   91.339079][ T5851] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 39 70 30 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 18 70 30 f9 4d 8b 24 24 48 83 c3
[   91.359028][ T5851] RSP: 0018:ffffc90003f77a58 EFLAGS: 00010206
[   91.365148][ T5851] RAX: 0000000000000005 RBX: ffff8880310e9e80 RCX: ffff88803349bc00
[   91.373251][ T5851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88814c847800
[   91.381286][ T5851] RBP: 0000000000000001 R08: ffff88814c84792f R09: 1ffff11029908f25
[   91.389423][ T5851] R10: dffffc0000000000 R11: ffffffff88f2bb50 R12: 0000000000000028
[   91.397423][ T5851] R13: dffffc0000000000 R14: ffff88814c847800 R15: dffffc0000000000
[   91.405578][ T5851] FS:  000055556d7f1380(0000) GS:ffff8881258ab000(0000) knlGS:0000000000000000
[   91.414580][ T5851] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   91.421201][ T5851] CR2: 0000200000000280 CR3: 000000007765e000 CR4: 00000000003526f0
[   91.429287][ T5851] Kernel panic - not syncing: Fatal exception
[   91.435683][ T5851] Kernel Offset: disabled
[   91.440011][ T5851] Rebooting in 86400 seconds..