Extracting prog: 3m29.150365972s
Minimizing prog: 44m7.581346882s
Simplifying prog options: 0s
Extracting C: 34.660159813s
Simplifying C: 13m38.439315784s


extracting reproducer from 1 programs
testing a last program of every proc
single: executing 1 programs separately with timeout 30s
testing program (duration=30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
single: failed to extract reproducer
single: executing 1 programs separately with timeout 6m0s
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program crashed: WARNING in as102_dvb_dmx_start_feed
single: successfully extracted reproducer
found reproducer with 3 syscalls
minimizing guilty program
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(0xffffffffffffffff, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, 0x0, 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(0x0, 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, 0x0)

program did not crash
extracting C reproducer
testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
simplifying C reproducer
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: no output from test machine
a never seen crash title: no output from test machine, ignore
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
program crashed: WARNING in as102_dvb_dmx_start_feed
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program crashed: WARNING in as102_dvb_dmx_start_feed
validation run: crashed=true
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program crashed: WARNING in as102_dvb_dmx_start_feed
validation run: crashed=true
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program did not crash
validation run: crashed=false
testing program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:4 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false CallComments:true LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_open_dev$dvb_demux-ioctl$DVB_DEMUX_DMX_SET_FILTER
detailed listing:
executing program 0:
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0)
r0 = syz_open_dev$dvb_demux(&(0x7f00000002c0), 0x1, 0x0)
ioctl$DVB_DEMUX_DMX_SET_FILTER(r0, 0x403c6f2b, &(0x7f0000000200)={0x7, {"9db867d09ed91aa9c5c29f2f1e4be6bf", "cc6c2d12e0353c0e42899a29fdefe3bc", "9defe9f49655f386b84e6bb715dac54f"}, 0x445, 0x7})

program crashed: WARNING in as102_dvb_dmx_start_feed
validation run: crashed=true
reproducing took 1h13m23.534861729s
repro crashed as (corrupted=false):
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(lock->magic != lock)
WARNING: kernel/locking/mutex.c:611 at __mutex_lock_common kernel/locking/mutex.c:611 [inline], CPU#0: syz.2.29/6122
WARNING: kernel/locking/mutex.c:611 at __mutex_lock+0x11c1/0x1420 kernel/locking/mutex.c:794, CPU#0: syz.2.29/6122
Modules linked in:
CPU: 0 UID: 0 PID: 6122 Comm: syz.2.29 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:__mutex_lock_common kernel/locking/mutex.c:611 [inline]
RIP: 0010:__mutex_lock+0x11c8/0x1420 kernel/locking/mutex.c:794
Code: 34 90 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 36 02 00 00 83 3d 6c 02 77 04 00 75 13 48 8d 3d 1f 1a 7a 04 48 c7 c6 c0 e7 cc 8b <67> 48 0f b9 3a 90 e9 91 ef ff ff 90 0f 0b 90 e9 a6 f3 ff ff 90 0f
RSP: 0018:ffffc900024efa20 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 1ffff9200049df5c RCX: ffff88807d16db80
RDX: 0000000000000000 RSI: ffffffff8bcce7c0 RDI: ffffffff903792a0
RBP: ffffc900024efbd8 R08: ffffffff90347ae3 R09: 1ffffffff2068f5c
R10: dffffc0000000000 R11: fffffbfff2068f5d R12: ffff88802cc14b30
R13: dffffc0000000000 R14: ffff88802cc14000 R15: 0000000000000000
FS:  0000555593736500(0000) GS:ffff8881251f3000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b33563fff CR3: 0000000071ed8000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 as102_dvb_dmx_start_feed+0x70/0x290 drivers/media/usb/as102/as102_drv.c:139
 dmx_section_feed_start_filtering+0x518/0x6c0 drivers/media/dvb-core/dvb_demux.c:977
 dvb_dmxdev_filter_start+0xcf4/0x10e0 drivers/media/dvb-core/dmxdev.c:760
 dvb_demux_do_ioctl+0x470/0x540 drivers/media/dvb-core/dmxdev.c:1083
 dvb_usercopy+0x199/0x2e0 drivers/media/dvb-core/dvbdev.c:996
 dvb_demux_ioctl+0x29/0x40 drivers/media/dvb-core/dmxdev.c:1201
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:597 [inline]
 __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:583
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe57af9c799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff82824d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fe57b215fa0 RCX: 00007fe57af9c799
RDX: 0000200000000200 RSI: 00000000403c6f2b RDI: 0000000000000004
RBP: 00007fe57b032c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe57b215fac R14: 00007fe57b215fa0 R15: 00007fe57b215fa0
 </TASK>
----------------
Code disassembly (best guess):
   0:	34 90                	xor    $0x90,%al
   2:	48 c1 e8 03          	shr    $0x3,%rax
   6:	42 0f b6 04 28       	movzbl (%rax,%r13,1),%eax
   b:	84 c0                	test   %al,%al
   d:	0f 85 36 02 00 00    	jne    0x249
  13:	83 3d 6c 02 77 04 00 	cmpl   $0x0,0x477026c(%rip)        # 0x4770286
  1a:	75 13                	jne    0x2f
  1c:	48 8d 3d 1f 1a 7a 04 	lea    0x47a1a1f(%rip),%rdi        # 0x47a1a42
  23:	48 c7 c6 c0 e7 cc 8b 	mov    $0xffffffff8bcce7c0,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	90                   	nop
  30:	e9 91 ef ff ff       	jmp    0xffffefc6
  35:	90                   	nop
  36:	0f 0b                	ud2
  38:	90                   	nop
  39:	e9 a6 f3 ff ff       	jmp    0xfffff3e4
  3e:	90                   	nop
  3f:	0f                   	.byte 0xf

final repro crashed as (corrupted=false):
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(lock->magic != lock)
WARNING: kernel/locking/mutex.c:611 at __mutex_lock_common kernel/locking/mutex.c:611 [inline], CPU#0: syz.2.29/6122
WARNING: kernel/locking/mutex.c:611 at __mutex_lock+0x11c1/0x1420 kernel/locking/mutex.c:794, CPU#0: syz.2.29/6122
Modules linked in:
CPU: 0 UID: 0 PID: 6122 Comm: syz.2.29 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:__mutex_lock_common kernel/locking/mutex.c:611 [inline]
RIP: 0010:__mutex_lock+0x11c8/0x1420 kernel/locking/mutex.c:794
Code: 34 90 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 36 02 00 00 83 3d 6c 02 77 04 00 75 13 48 8d 3d 1f 1a 7a 04 48 c7 c6 c0 e7 cc 8b <67> 48 0f b9 3a 90 e9 91 ef ff ff 90 0f 0b 90 e9 a6 f3 ff ff 90 0f
RSP: 0018:ffffc900024efa20 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 1ffff9200049df5c RCX: ffff88807d16db80
RDX: 0000000000000000 RSI: ffffffff8bcce7c0 RDI: ffffffff903792a0
RBP: ffffc900024efbd8 R08: ffffffff90347ae3 R09: 1ffffffff2068f5c
R10: dffffc0000000000 R11: fffffbfff2068f5d R12: ffff88802cc14b30
R13: dffffc0000000000 R14: ffff88802cc14000 R15: 0000000000000000
FS:  0000555593736500(0000) GS:ffff8881251f3000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b33563fff CR3: 0000000071ed8000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 as102_dvb_dmx_start_feed+0x70/0x290 drivers/media/usb/as102/as102_drv.c:139
 dmx_section_feed_start_filtering+0x518/0x6c0 drivers/media/dvb-core/dvb_demux.c:977
 dvb_dmxdev_filter_start+0xcf4/0x10e0 drivers/media/dvb-core/dmxdev.c:760
 dvb_demux_do_ioctl+0x470/0x540 drivers/media/dvb-core/dmxdev.c:1083
 dvb_usercopy+0x199/0x2e0 drivers/media/dvb-core/dvbdev.c:996
 dvb_demux_ioctl+0x29/0x40 drivers/media/dvb-core/dmxdev.c:1201
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:597 [inline]
 __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:583
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe57af9c799
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff82824d68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fe57b215fa0 RCX: 00007fe57af9c799
RDX: 0000200000000200 RSI: 00000000403c6f2b RDI: 0000000000000004
RBP: 00007fe57b032c99 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe57b215fac R14: 00007fe57b215fa0 R15: 00007fe57b215fa0
 </TASK>
----------------
Code disassembly (best guess):
   0:	34 90                	xor    $0x90,%al
   2:	48 c1 e8 03          	shr    $0x3,%rax
   6:	42 0f b6 04 28       	movzbl (%rax,%r13,1),%eax
   b:	84 c0                	test   %al,%al
   d:	0f 85 36 02 00 00    	jne    0x249
  13:	83 3d 6c 02 77 04 00 	cmpl   $0x0,0x477026c(%rip)        # 0x4770286
  1a:	75 13                	jne    0x2f
  1c:	48 8d 3d 1f 1a 7a 04 	lea    0x47a1a1f(%rip),%rdi        # 0x47a1a42
  23:	48 c7 c6 c0 e7 cc 8b 	mov    $0xffffffff8bcce7c0,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	90                   	nop
  30:	e9 91 ef ff ff       	jmp    0xffffefc6
  35:	90                   	nop
  36:	0f 0b                	ud2
  38:	90                   	nop
  39:	e9 a6 f3 ff ff       	jmp    0xfffff3e4
  3e:	90                   	nop
  3f:	0f                   	.byte 0xf