0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2158.329564][  T528] devpts: called with bogus options
03:41:33 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:33 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:33 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, "078cf0251c0e00"})
mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:33 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:33 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:33 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:33 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:33 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket(0x15, 0x5, 0x0)
connect$unix(r1, &(0x7f0000000080)=@abs={0xa}, 0x6e)
getsockname$packet(r1, 0x0, &(0x7f0000001340))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000200)=ANY=[@ANYBLOB="90030000", @ANYRES16=r4, @ANYBLOB="990d00000000000000003b00000008009f00000000000800a1000000000008002201000000000800260000000000080022010000000008009f000000000008002700000000000800270000000000050018010000000032"], 0x390}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x34, r4, 0x300, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x1)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r0, &(0x7f0000004c40)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)={0x4778, 0x0, 0x8, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_PMSR_ATTR_PEERS={0x9e0, 0x5, 0x0, 0x1, [{0x288, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x21c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xec, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xced}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6038}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x400}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xf2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1ff}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xa4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x22f}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}]}]}, {0x184, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x15c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x13c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf8}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x29}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}]}]}]}, {0x200, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x14, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x190, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xf0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xee}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8000}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7509}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5b}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x999}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x16}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xffffff7f}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3a}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x3d0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x194, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x88, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x104, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xffc0}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x20c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x16c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xbe}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x74a7}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1000}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfffd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5496}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}]}, @NL80211_PMSR_ATTR_PEERS={0xb5c, 0x5, 0x0, 0x1, [{0x174, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_REQ={0x10c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x9c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xe2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x34, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xc89}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1a}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]}]}, {0xd4, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x44, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xf}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xc9}, @NL80211_ATTR_CENTER_FREQ2={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x10}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x14, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xe4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x20d}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x1f0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x44, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16fd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x39}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1db}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1a8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x54, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xffff}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xe5e}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xff}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xb4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xa43}]}]}]}]}, {0x58, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x54, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xfff}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x10}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}]}]}, {0x428, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7fffffff}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x400}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x80, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x7c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xde}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1bc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x94, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xa8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1f}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x200}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x138, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xe0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xe1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x54, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xff}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9a}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x64, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0xb8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1b0}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x50, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16ee}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1a7}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x1d8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1f}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x17c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1000}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x9}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xfa3}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0x638, 0x5, 0x0, 0x1, [{0x1ec, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x352}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x1c4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x88, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x400}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x104, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x52}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}]}]}, {0x1b0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x1ac, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x16}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x20}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xc4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfffc}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x58}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x9c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x93b6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}]}, {0x268, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x50, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x171b}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x13a}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8001}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16fd}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x16}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16e9}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xf7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x36}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xad}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x12c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xf4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xdb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3ff}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x99e}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2d}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0x4e4, 0x5, 0x0, 0x1, [{0x184, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x108, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x94, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8001}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x100}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x22}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x68, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x60, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xe223}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}]}, {0x35c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x264, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xfc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x154, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1d}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9ff9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xf4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xa4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0xdd8, 0x5, 0x0, 0x1, [{0x42c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x94, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x50, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x100}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xe}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfbff}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x108, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xdc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16f3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x65}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x4c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1725}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1c5}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x401}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x30f}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6f66}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x194, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x90, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x20}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xc0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3ff}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x44, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x321}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3cf}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x9}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2b}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1e}]}]}, {0x44c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2d8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x408, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xec, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1f}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xf432}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xcc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x81}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x128, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x40}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x800}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xe4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x800}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2957}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x2e0, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x108, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xcc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x101}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x16}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xf5}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x4}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x1b0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1ff}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x6c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x20}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x26}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}]}]}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x81}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x208, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x44, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1e}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x13}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff0001}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3db}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x16}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x58, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x400}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x15c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x9c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7e92}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7ff}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x3}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0x200, 0x5, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x58, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x378}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26e}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0xa8, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8001}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x26d}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x58, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x54, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x75}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1a}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xf8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x29c}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2a}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1630}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xb}]}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0xc, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x84, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xda}, @NL80211_ATTR_WIPHY_FREQ={0x8}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1fe}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xe}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x101}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x382}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}]}, @NL80211_PMSR_ATTR_PEERS={0x444, 0x5, 0x0, 0x1, [{0x160, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x108, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xe0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x400}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xbc}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3a}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8000}]}]}, {0x254, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x11c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1c}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9a}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x80}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x42}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8000}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x148c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x9c}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1f}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0xb0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xaf2d}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1702}]}]}, {0x8c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x88, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x84, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xffff}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}]}]}]}]}]}, @NL80211_PMSR_ATTR_PEERS={0x12e8, 0x5, 0x0, 0x1, [{0x60, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x1c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xa5a}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x197}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xff}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16ad}]}]}, {0x178, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x15c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x54, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x20}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xbc, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8000}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}]}, {0xfc, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0xe0, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xac, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xff}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xd2}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}]}, {0x578, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_CHAN={0x3c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x20}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x157c}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2e}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1720}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x10c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x74, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfc8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8001}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xc3}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1000}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2d5}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x50, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x25c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x10c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xfff}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x12}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x40}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xe86}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0xe4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x8feea0d48a6bf1e0}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x68, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}]}]}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x1c4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x178, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x40, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xe}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xfc}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}]}, {0x7c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_CHAN={0x14, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x4c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x87b}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3a}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x334}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15e0}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}]}]}, {0x21c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x4}, @NL80211_PMSR_PEER_ATTR_REQ={0x1fc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xec, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x638c}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x65}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x90, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x15}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0xc, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}]}, {0x450, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_REQ={0x41c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0xe4, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xb}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x19}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x15c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7f}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xf}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x18}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xf}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1e}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xd7}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x134, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1b}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3f}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x34, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6d}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x17}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x83}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0x3ff}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x2}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}]}, {0x32c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x4}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @broadcast}, @NL80211_PMSR_PEER_ATTR_REQ={0x1b4, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0xf8, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xa}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0x8}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x10}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x1d}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xf165}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0xdb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x1}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP={0x5, 0x3, 0xc}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x5}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xd}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x13}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_DATA={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x48, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x14}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xb}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x14, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x68, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_DATA={0x58, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD={0x6, 0x4, 0xffff}, @NL80211_PMSR_FTM_REQ_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x9}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_REQ={0x7c, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x70, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST={0x5, 0x6, 0xd}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE={0x8, 0x2, 0x3}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x11}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x1c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI={0x4}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x81}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x8}]}, @NL80211_PMSR_TYPE_FTM={0x18, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION={0x5, 0x5, 0x7}, @NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES={0x5, 0x7, 0x6}, @NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED={0x4}]}]}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x24, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xb}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xbf4f}, @NL80211_ATTR_CENTER_FREQ1={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}]}, @NL80211_PMSR_PEER_ATTR_CHAN={0x4c, 0x2, 0x0, 0x1, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1d}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CHANNEL_WIDTH={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xf}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xa5}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x26}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x4}]}, {0x84, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x8, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_DATA={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa}, @NL80211_PMSR_PEER_ATTR_CHAN={0x2c, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0xa}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1644}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x26}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b}, @NL80211_PMSR_PEER_ATTR_CHAN={0x34, 0x2, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xb2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8001}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2f}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3b0}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3}]}]}]}]}, 0x4778}, 0x1, 0x0, 0x0, 0x41}, 0x0)
splice(0xffffffffffffffff, &(0x7f0000004c80)=0xe44e, r1, &(0x7f0000004cc0)=0x4, 0x8, 0x1)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40080, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x7, 0x3, &(0x7f0000000300)=[{&(0x7f0000000180)="ee4075d588f44c83213a37c52bc94029bd78cef614f9b817eaca0ccc6bcbbdd24c642054ed0176c2acee1c92ffac3d188c2dc78909b0b0464d6b1271c79a20419b0ad38dd1c2843cb68683339ee86f09a14b735fce", 0x55, 0x7fffffff}, {&(0x7f0000000240)="ea7061be4bd01e166eef7b9cbccc1c0a9c585d3cf1775925deedc29b9e6923b4046aa36f7990446ca71d75c24620f9eb33288598cfbab5882321ed3b5f820eed169c6a011bd33264be280847001809527ddb1b38a414fb30da5baaceb5142e9590e2a276de0cd7e4967eb63af8334427037477258a68", 0x76, 0x100}, {&(0x7f00000002c0)="b5ce26fcc576b2413dc27d6c608f6af8232e899f2f473dbb7eb4ed2bf722b908f7be848e0443bbef97ce2724178e7b8722a32647", 0x34, 0x7fff}], 0x8002, &(0x7f0000000400)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d392c6e6e6f6e756d7461696c3d312c66736d616769633d3078303030303030303030303030303030352c7375626a5f757365723d72616d6673002c000736905a43cb2e18b55a203b5a"])
mount(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

03:41:33 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:34 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:34 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000200)='./file0\x00', 0x0)
mount(&(0x7f0000000040)=@md0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='cifs\x00', 0x8000, &(0x7f0000000180)='ramfs\x00')

03:41:34 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2159.194928][  T562] netlink: 672 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2159.218390][  T576] netlink: 672 bytes leftover after parsing attributes in process `syz-executor.2'.
03:41:34 executing program 0:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, 0x0)

03:41:34 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:34 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x20000, 0x100)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

03:41:34 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
setxattr$incfs_size(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)=0x401, 0x8, 0x2)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

03:41:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, 0x0)

03:41:34 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000200)='./file0\x00', 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x80)

03:41:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, 0x0)

03:41:34 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 0:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:34 executing program 5 (fault-call:1 fault-nth:0):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:34 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

03:41:34 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:34 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

[ 2160.037331][  T651] FAULT_INJECTION: forcing a failure.
[ 2160.037331][  T651] name failslab, interval 1, probability 0, space 0, times 0
[ 2160.050058][  T651] CPU: 0 PID: 651 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2160.058628][  T651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2160.068777][  T651] Call Trace:
[ 2160.072076][  T651]  dump_stack+0x137/0x19d
[ 2160.076393][  T651]  should_fail+0x23c/0x250
[ 2160.080807][  T651]  ? __se_sys_mount+0x4e/0x2e0
[ 2160.085551][  T651]  __should_failslab+0x81/0x90
[ 2160.090299][  T651]  should_failslab+0x5/0x20
[ 2160.094787][  T651]  __kmalloc_track_caller+0x64/0x340
[ 2160.100051][  T651]  ? strnlen_user+0x137/0x1c0
[ 2160.104780][  T651]  strndup_user+0x73/0x120
[ 2160.109169][  T651]  __se_sys_mount+0x4e/0x2e0
[ 2160.113736][  T651]  ? fput+0x2d/0x130
[ 2160.117616][  T651]  ? ksys_write+0x157/0x180
[ 2160.122088][  T651]  __x64_sys_mount+0x63/0x70
[ 2160.126649][  T651]  do_syscall_64+0x4a/0x90
[ 2160.131041][  T651]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2160.136986][  T651] RIP: 0033:0x4665d9
[ 2160.140916][  T651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2160.160496][  T651] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2160.168895][  T651] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2160.176841][  T651] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
03:41:35 executing program 5 (fault-call:1 fault-nth:1):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2160.184787][  T651] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2160.192878][  T651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2160.200827][  T651] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:35 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

[ 2160.387683][  T663] FAULT_INJECTION: forcing a failure.
[ 2160.387683][  T663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2160.400833][  T663] CPU: 0 PID: 663 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2160.409405][  T663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2160.419439][  T663] Call Trace:
[ 2160.422695][  T663]  dump_stack+0x137/0x19d
[ 2160.427007][  T663]  should_fail+0x23c/0x250
[ 2160.431426][  T663]  should_fail_usercopy+0x16/0x20
[ 2160.436427][  T663]  _copy_from_user+0x1c/0xd0
[ 2160.441046][  T663]  strndup_user+0xb0/0x120
[ 2160.445464][  T663]  __se_sys_mount+0x4e/0x2e0
[ 2160.450033][  T663]  ? fput+0x2d/0x130
[ 2160.453899][  T663]  ? ksys_write+0x157/0x180
[ 2160.458388][  T663]  __x64_sys_mount+0x63/0x70
[ 2160.462947][  T663]  do_syscall_64+0x4a/0x90
[ 2160.467337][  T663]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2160.473311][  T663] RIP: 0033:0x4665d9
[ 2160.477174][  T663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2160.496753][  T663] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2160.505234][  T663] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2160.513238][  T663] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2160.521260][  T663] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2160.529201][  T663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
03:41:35 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:35 executing program 5 (fault-call:1 fault-nth:2):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:35 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f0000000200)='./file0\x00', 0x0)

[ 2160.537143][  T663] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
[ 2160.768463][  T673] FAULT_INJECTION: forcing a failure.
[ 2160.768463][  T673] name failslab, interval 1, probability 0, space 0, times 0
[ 2160.781093][  T673] CPU: 0 PID: 673 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2160.789656][  T673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2160.799735][  T673] Call Trace:
[ 2160.802988][  T673]  dump_stack+0x137/0x19d
[ 2160.807320][  T673]  should_fail+0x23c/0x250
[ 2160.811753][  T673]  __should_failslab+0x81/0x90
[ 2160.816489][  T673]  ? __se_sys_mount+0xf2/0x2e0
[ 2160.821222][  T673]  should_failslab+0x5/0x20
[ 2160.825696][  T673]  kmem_cache_alloc_trace+0x49/0x310
[ 2160.830995][  T673]  ? _copy_from_user+0x94/0xd0
[ 2160.835737][  T673]  __se_sys_mount+0xf2/0x2e0
[ 2160.840300][  T673]  ? fput+0x2d/0x130
[ 2160.844167][  T673]  ? ksys_write+0x157/0x180
[ 2160.848682][  T673]  __x64_sys_mount+0x63/0x70
[ 2160.853319][  T673]  do_syscall_64+0x4a/0x90
[ 2160.857708][  T673]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2160.863761][  T673] RIP: 0033:0x4665d9
[ 2160.867658][  T673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2160.887240][  T673] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2160.895643][  T673] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2160.903606][  T673] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2160.911585][  T673] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2160.919537][  T673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2160.927479][  T673] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:36 executing program 0:
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
syz_open_pts(r0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:36 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:36 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 5 (fault-call:1 fault-nth:3):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:36 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
syz_open_pts(r0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2161.191640][  T686] FAULT_INJECTION: forcing a failure.
[ 2161.191640][  T686] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2161.204677][  T686] CPU: 0 PID: 686 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2161.213252][  T686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2161.223289][  T686] Call Trace:
[ 2161.226553][  T686]  dump_stack+0x137/0x19d
[ 2161.230910][  T686]  should_fail+0x23c/0x250
[ 2161.235366][  T686]  should_fail_usercopy+0x16/0x20
[ 2161.240453][  T686]  _copy_from_user+0x1c/0xd0
[ 2161.245066][  T686]  __se_sys_mount+0x115/0x2e0
[ 2161.249780][  T686]  ? fput+0x2d/0x130
[ 2161.253658][  T686]  ? ksys_write+0x157/0x180
[ 2161.258136][  T686]  __x64_sys_mount+0x63/0x70
[ 2161.262719][  T686]  do_syscall_64+0x4a/0x90
[ 2161.267112][  T686]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2161.272977][  T686] RIP: 0033:0x4665d9
[ 2161.276843][  T686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2161.296418][  T686] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2161.304800][  T686] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2161.312742][  T686] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2161.320684][  T686] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2161.328681][  T686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
03:41:36 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
syz_open_pts(r0, 0x0)
ioctl$TCSETSF(0xffffffffffffffff, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:36 executing program 5 (fault-call:1 fault-nth:4):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2161.336624][  T686] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
[ 2161.358583][  T686] devpts: called with bogus options
[ 2161.438668][  T703] FAULT_INJECTION: forcing a failure.
[ 2161.438668][  T703] name failslab, interval 1, probability 0, space 0, times 0
[ 2161.451310][  T703] CPU: 1 PID: 703 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2161.459867][  T703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2161.469911][  T703] Call Trace:
[ 2161.473175][  T703]  dump_stack+0x137/0x19d
[ 2161.477555][  T703]  should_fail+0x23c/0x250
[ 2161.481954][  T703]  ? getname_flags+0x84/0x3d0
[ 2161.486636][  T703]  __should_failslab+0x81/0x90
[ 2161.491389][  T703]  should_failslab+0x5/0x20
[ 2161.495877][  T703]  kmem_cache_alloc+0x46/0x2f0
[ 2161.500696][  T703]  getname_flags+0x84/0x3d0
[ 2161.505173][  T703]  user_path_at_empty+0x28/0x50
[ 2161.509997][  T703]  __se_sys_mount+0x209/0x2e0
[ 2161.514677][  T703]  ? fput+0x2d/0x130
[ 2161.518554][  T703]  ? ksys_write+0x157/0x180
[ 2161.523075][  T703]  __x64_sys_mount+0x63/0x70
[ 2161.527632][  T703]  do_syscall_64+0x4a/0x90
[ 2161.532095][  T703]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2161.537959][  T703] RIP: 0033:0x4665d9
[ 2161.541821][  T703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2161.561514][  T703] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2161.569895][  T703] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2161.577842][  T703] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2161.585785][  T703] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2161.593765][  T703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2161.601710][  T703] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, 0x0)

03:41:36 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:36 executing program 0:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:36 executing program 5 (fault-call:1 fault-nth:5):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2161.843959][  T717] FAULT_INJECTION: forcing a failure.
[ 2161.843959][  T717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2161.857022][  T717] CPU: 0 PID: 717 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2161.865612][  T717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2161.875651][  T717] Call Trace:
[ 2161.878915][  T717]  dump_stack+0x137/0x19d
[ 2161.883225][  T717]  should_fail+0x23c/0x250
[ 2161.887633][  T717]  should_fail_usercopy+0x16/0x20
[ 2161.892632][  T717]  strncpy_from_user+0x21/0x250
[ 2161.897565][  T717]  getname_flags+0xb8/0x3d0
[ 2161.902037][  T717]  user_path_at_empty+0x28/0x50
[ 2161.906858][  T717]  __se_sys_mount+0x209/0x2e0
[ 2161.911506][  T717]  ? fput+0x2d/0x130
[ 2161.915498][  T717]  ? ksys_write+0x157/0x180
[ 2161.919976][  T717]  __x64_sys_mount+0x63/0x70
[ 2161.924588][  T717]  do_syscall_64+0x4a/0x90
[ 2161.929057][  T717]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2161.934924][  T717] RIP: 0033:0x4665d9
[ 2161.938796][  T717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2161.958373][  T717] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2161.966777][  T717] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2161.974731][  T717] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2161.982728][  T717] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
03:41:36 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2161.990676][  T717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2161.998638][  T717] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, 0x0)

03:41:37 executing program 5 (fault-call:1 fault-nth:6):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2162.239866][  T728] FAULT_INJECTION: forcing a failure.
[ 2162.239866][  T728] name failslab, interval 1, probability 0, space 0, times 0
[ 2162.252497][  T728] CPU: 1 PID: 728 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2162.261071][  T728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2162.271201][  T728] Call Trace:
[ 2162.274467][  T728]  dump_stack+0x137/0x19d
[ 2162.278800][  T728]  should_fail+0x23c/0x250
[ 2162.283209][  T728]  __should_failslab+0x81/0x90
[ 2162.287959][  T728]  ? alloc_fs_context+0x46/0x500
[ 2162.292885][  T728]  should_failslab+0x5/0x20
[ 2162.297415][  T728]  kmem_cache_alloc_trace+0x49/0x310
[ 2162.302682][  T728]  alloc_fs_context+0x46/0x500
[ 2162.307434][  T728]  ? strncmp+0x34/0x70
[ 2162.311481][  T728]  fs_context_for_mount+0x1d/0x20
[ 2162.316491][  T728]  path_mount+0xdf5/0x1ce0
[ 2162.320890][  T728]  __se_sys_mount+0x23d/0x2e0
[ 2162.325608][  T728]  ? fput+0x2d/0x130
[ 2162.329493][  T728]  __x64_sys_mount+0x63/0x70
[ 2162.334063][  T728]  do_syscall_64+0x4a/0x90
[ 2162.338477][  T728]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2162.344366][  T728] RIP: 0033:0x4665d9
[ 2162.348235][  T728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2162.367913][  T728] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2162.376333][  T728] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, 0x0)

03:41:37 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:37 executing program 2:
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2162.384289][  T728] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2162.392237][  T728] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2162.400189][  T728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2162.408140][  T728] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:37 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:37 executing program 2:
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:37 executing program 4:
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:37 executing program 5 (fault-call:1 fault-nth:7):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:37 executing program 2:
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:37 executing program 0:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:37 executing program 4:
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:37 executing program 2:
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2162.776146][  T754] FAULT_INJECTION: forcing a failure.
[ 2162.776146][  T754] name failslab, interval 1, probability 0, space 0, times 0
[ 2162.788968][  T754] CPU: 0 PID: 754 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2162.797656][  T754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2162.807696][  T754] Call Trace:
[ 2162.810962][  T754]  dump_stack+0x137/0x19d
[ 2162.815290][  T754]  should_fail+0x23c/0x250
[ 2162.819712][  T754]  __should_failslab+0x81/0x90
[ 2162.824463][  T754]  ? legacy_init_fs_context+0x2d/0x70
[ 2162.829819][  T754]  should_failslab+0x5/0x20
[ 2162.834302][  T754]  kmem_cache_alloc_trace+0x49/0x310
[ 2162.839569][  T754]  ? kmem_cache_alloc_trace+0x215/0x310
[ 2162.845212][  T754]  ? alloc_fs_context+0x46/0x500
[ 2162.850142][  T754]  legacy_init_fs_context+0x2d/0x70
[ 2162.855323][  T754]  alloc_fs_context+0x419/0x500
[ 2162.860171][  T754]  fs_context_for_mount+0x1d/0x20
[ 2162.865179][  T754]  path_mount+0xdf5/0x1ce0
[ 2162.869578][  T754]  __se_sys_mount+0x23d/0x2e0
[ 2162.874296][  T754]  ? fput+0x2d/0x130
[ 2162.878171][  T754]  __x64_sys_mount+0x63/0x70
[ 2162.882736][  T754]  do_syscall_64+0x4a/0x90
[ 2162.887174][  T754]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2162.893050][  T754] RIP: 0033:0x4665d9
[ 2162.896915][  T754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2162.916674][  T754] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
03:41:37 executing program 5 (fault-call:1 fault-nth:8):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2162.925059][  T754] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2162.933004][  T754] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2162.940949][  T754] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2162.948891][  T754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2162.956970][  T754] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:38 executing program 4:
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2163.130082][  T769] FAULT_INJECTION: forcing a failure.
[ 2163.130082][  T769] name failslab, interval 1, probability 0, space 0, times 0
[ 2163.142788][  T769] CPU: 0 PID: 769 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2163.151353][  T769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2163.161423][  T769] Call Trace:
[ 2163.164681][  T769]  dump_stack+0x137/0x19d
[ 2163.169101][  T769]  should_fail+0x23c/0x250
[ 2163.173508][  T769]  __should_failslab+0x81/0x90
03:41:38 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:38 executing program 2:
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2163.178377][  T769]  ? alloc_super+0x3a/0x520
[ 2163.182884][  T769]  should_failslab+0x5/0x20
[ 2163.187372][  T769]  kmem_cache_alloc_trace+0x49/0x310
[ 2163.192636][  T769]  ? avc_has_perm_noaudit+0x19a/0x240
[ 2163.198043][  T769]  alloc_super+0x3a/0x520
[ 2163.202358][  T769]  sget+0x1a5/0x400
[ 2163.206189][  T769]  ? free_anon_bdev+0x20/0x20
[ 2163.210892][  T769]  ? devpts_pty_kill+0x110/0x110
[ 2163.215821][  T769]  ? devpts_kill_sb+0x50/0x50
[ 2163.220505][  T769]  mount_nodev+0x2c/0xd0
[ 2163.224737][  T769]  devpts_mount+0x25/0x30
[ 2163.229112][  T769]  legacy_get_tree+0x70/0xc0
[ 2163.233678][  T769]  vfs_get_tree+0x4a/0x1a0
[ 2163.238075][  T769]  path_mount+0x11d4/0x1ce0
[ 2163.242557][  T769]  __se_sys_mount+0x23d/0x2e0
[ 2163.247202][  T769]  ? fput+0x2d/0x130
[ 2163.251165][  T769]  __x64_sys_mount+0x63/0x70
[ 2163.255727][  T769]  do_syscall_64+0x4a/0x90
[ 2163.260126][  T769]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2163.265995][  T769] RIP: 0033:0x4665d9
[ 2163.269941][  T769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2163.289518][  T769] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2163.297920][  T769] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2163.305866][  T769] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2163.313826][  T769] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2163.321820][  T769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
03:41:38 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:38 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:38 executing program 5 (fault-call:1 fault-nth:9):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2163.329807][  T769] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
[ 2163.434709][  T788] FAULT_INJECTION: forcing a failure.
[ 2163.434709][  T788] name failslab, interval 1, probability 0, space 0, times 0
[ 2163.447304][  T788] CPU: 0 PID: 788 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2163.455870][  T788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2163.466022][  T788] Call Trace:
[ 2163.469281][  T788]  dump_stack+0x137/0x19d
[ 2163.473594][  T788]  should_fail+0x23c/0x250
[ 2163.478016][  T788]  ? kzalloc+0x1d/0x30
[ 2163.482065][  T788]  __should_failslab+0x81/0x90
[ 2163.486806][  T788]  should_failslab+0x5/0x20
[ 2163.491384][  T788]  __kmalloc+0x66/0x340
[ 2163.495518][  T788]  kzalloc+0x1d/0x30
[ 2163.499481][  T788]  security_sb_alloc+0x3c/0x180
[ 2163.504355][  T788]  alloc_super+0x10b/0x520
[ 2163.508756][  T788]  sget+0x1a5/0x400
[ 2163.512542][  T788]  ? free_anon_bdev+0x20/0x20
[ 2163.517215][  T788]  ? devpts_pty_kill+0x110/0x110
[ 2163.522130][  T788]  ? devpts_kill_sb+0x50/0x50
[ 2163.526789][  T788]  mount_nodev+0x2c/0xd0
[ 2163.531021][  T788]  devpts_mount+0x25/0x30
[ 2163.535332][  T788]  legacy_get_tree+0x70/0xc0
[ 2163.539916][  T788]  vfs_get_tree+0x4a/0x1a0
[ 2163.544382][  T788]  path_mount+0x11d4/0x1ce0
[ 2163.548922][  T788]  __se_sys_mount+0x23d/0x2e0
[ 2163.553579][  T788]  ? fput+0x2d/0x130
[ 2163.557456][  T788]  __x64_sys_mount+0x63/0x70
[ 2163.562031][  T788]  do_syscall_64+0x4a/0x90
[ 2163.566472][  T788]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2163.572349][  T788] RIP: 0033:0x4665d9
[ 2163.576227][  T788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2163.595816][  T788] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2163.604244][  T788] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2163.612261][  T788] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2163.620254][  T788] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2163.628197][  T788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2163.636149][  T788] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:38 executing program 0:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:38 executing program 2:
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:38 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:38 executing program 1 (fault-call:6 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:38 executing program 5 (fault-call:1 fault-nth:10):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:38 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2163.847512][  T799] FAULT_INJECTION: forcing a failure.
[ 2163.847512][  T799] name failslab, interval 1, probability 0, space 0, times 0
[ 2163.860198][  T799] CPU: 0 PID: 799 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2163.868764][  T799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2163.878815][  T799] Call Trace:
[ 2163.882074][  T799]  dump_stack+0x137/0x19d
[ 2163.886404][  T799]  should_fail+0x23c/0x250
[ 2163.890798][  T799]  ? __list_lru_init+0x70/0x680
[ 2163.895632][  T799]  __should_failslab+0x81/0x90
[ 2163.900401][  T799]  should_failslab+0x5/0x20
[ 2163.904879][  T799]  __kmalloc+0x66/0x340
[ 2163.909011][  T799]  ? prealloc_memcg_shrinker+0x444/0x460
[ 2163.914618][  T799]  __list_lru_init+0x70/0x680
[ 2163.919280][  T799]  alloc_super+0x490/0x520
[ 2163.923678][  T799]  sget+0x1a5/0x400
[ 2163.927470][  T799]  ? free_anon_bdev+0x20/0x20
[ 2163.932124][  T799]  ? devpts_pty_kill+0x110/0x110
[ 2163.937053][  T799]  ? devpts_kill_sb+0x50/0x50
[ 2163.941780][  T799]  mount_nodev+0x2c/0xd0
[ 2163.946000][  T799]  devpts_mount+0x25/0x30
[ 2163.950313][  T799]  legacy_get_tree+0x70/0xc0
[ 2163.954874][  T799]  vfs_get_tree+0x4a/0x1a0
[ 2163.959265][  T799]  path_mount+0x11d4/0x1ce0
[ 2163.963737][  T799]  __se_sys_mount+0x23d/0x2e0
[ 2163.968405][  T799]  ? fput+0x2d/0x130
[ 2163.972274][  T799]  __x64_sys_mount+0x63/0x70
[ 2163.976832][  T799]  do_syscall_64+0x4a/0x90
[ 2163.981265][  T799]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2163.987130][  T799] RIP: 0033:0x4665d9
[ 2163.990996][  T799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2164.013483][  T799] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2164.021870][  T799] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2164.029812][  T799] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2164.037783][  T799] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
03:41:38 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2164.045741][  T799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2164.053698][  T799] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
[ 2164.137487][  T805] FAULT_INJECTION: forcing a failure.
[ 2164.137487][  T805] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2164.150592][  T805] CPU: 1 PID: 805 Comm: syz-executor.1 Not tainted 5.13.0-rc7-syzkaller #0
[ 2164.159197][  T805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2164.169369][  T805] Call Trace:
[ 2164.172629][  T805]  dump_stack+0x137/0x19d
[ 2164.176933][  T805]  should_fail+0x23c/0x250
[ 2164.181321][  T805]  should_fail_usercopy+0x16/0x20
[ 2164.186316][  T805]  _copy_to_user+0x1c/0x90
[ 2164.190711][  T805]  simple_read_from_buffer+0xab/0x120
[ 2164.196140][  T805]  proc_fail_nth_read+0xf6/0x140
[ 2164.201104][  T805]  ? rw_verify_area+0x136/0x250
[ 2164.205936][  T805]  ? proc_fault_inject_write+0x200/0x200
[ 2164.211548][  T805]  vfs_read+0x154/0x5d0
[ 2164.215677][  T805]  ? selinux_file_ioctl+0x8e0/0x970
[ 2164.220915][  T805]  ? __fget_light+0x21b/0x260
[ 2164.225567][  T805]  ? __cond_resched+0x11/0x40
[ 2164.230222][  T805]  ksys_read+0xce/0x180
[ 2164.234405][  T805]  __x64_sys_read+0x3e/0x50
[ 2164.238878][  T805]  do_syscall_64+0x4a/0x90
[ 2164.243302][  T805]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2164.249178][  T805] RIP: 0033:0x41935c
[ 2164.253052][  T805] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2164.272728][  T805] RSP: 002b:00007fe630bb2170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2164.281111][  T805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000041935c
[ 2164.289053][  T805] RDX: 000000000000000f RSI: 00007fe630bb21e0 RDI: 0000000000000005
[ 2164.297087][  T805] RBP: 00007fe630bb21d0 R08: 0000000000000000 R09: 0000000000000000
[ 2164.305032][  T805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2164.312988][  T805] R13: 00007ffe793c6cff R14: 00007fe630bb2300 R15: 0000000000022000
03:41:39 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:39 executing program 5 (fault-call:1 fault-nth:11):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:39 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:39 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2164.482695][  T820] FAULT_INJECTION: forcing a failure.
[ 2164.482695][  T820] name failslab, interval 1, probability 0, space 0, times 0
[ 2164.495304][  T820] CPU: 1 PID: 820 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2164.503878][  T820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2164.513910][  T820] Call Trace:
[ 2164.517173][  T820]  dump_stack+0x137/0x19d
[ 2164.521500][  T820]  should_fail+0x23c/0x250
[ 2164.525899][  T820]  __should_failslab+0x81/0x90
[ 2164.530657][  T820]  should_failslab+0x5/0x20
[ 2164.535149][  T820]  kmem_cache_alloc_node_trace+0x58/0x2e0
[ 2164.540894][  T820]  ? __list_lru_init+0x70/0x680
[ 2164.545738][  T820]  ? __kmalloc_node+0x30/0x40
[ 2164.550403][  T820]  __kmalloc_node+0x30/0x40
[ 2164.554887][  T820]  kvmalloc_node+0x81/0xf0
[ 2164.559291][  T820]  __list_lru_init+0x2d7/0x680
[ 2164.564113][  T820]  alloc_super+0x490/0x520
[ 2164.568504][  T820]  sget+0x1a5/0x400
[ 2164.572327][  T820]  ? free_anon_bdev+0x20/0x20
[ 2164.577006][  T820]  ? devpts_pty_kill+0x110/0x110
[ 2164.581915][  T820]  ? devpts_kill_sb+0x50/0x50
[ 2164.586642][  T820]  mount_nodev+0x2c/0xd0
[ 2164.590854][  T820]  devpts_mount+0x25/0x30
[ 2164.595158][  T820]  legacy_get_tree+0x70/0xc0
[ 2164.599725][  T820]  vfs_get_tree+0x4a/0x1a0
[ 2164.604121][  T820]  path_mount+0x11d4/0x1ce0
[ 2164.608598][  T820]  __se_sys_mount+0x23d/0x2e0
[ 2164.613249][  T820]  ? fput+0x2d/0x130
[ 2164.617117][  T820]  __x64_sys_mount+0x63/0x70
[ 2164.621752][  T820]  do_syscall_64+0x4a/0x90
[ 2164.626142][  T820]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2164.632008][  T820] RIP: 0033:0x4665d9
[ 2164.635891][  T820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2164.655497][  T820] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2164.663885][  T820] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2164.671852][  T820] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2164.679793][  T820] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2164.687735][  T820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2164.695679][  T820] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:39 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:39 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x2, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:39 executing program 5 (fault-call:1 fault-nth:12):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:39 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x4b47, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2164.899234][  T837] FAULT_INJECTION: forcing a failure.
[ 2164.899234][  T837] name failslab, interval 1, probability 0, space 0, times 0
[ 2164.911841][  T837] CPU: 1 PID: 837 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2164.920439][  T837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2164.930534][  T837] Call Trace:
[ 2164.933800][  T837]  dump_stack+0x137/0x19d
[ 2164.938121][  T837]  should_fail+0x23c/0x250
[ 2164.942527][  T837]  ? __list_lru_init+0x70/0x680
[ 2164.947365][  T837]  __should_failslab+0x81/0x90
[ 2164.952115][  T837]  should_failslab+0x5/0x20
[ 2164.956617][  T837]  __kmalloc+0x66/0x340
[ 2164.960761][  T837]  __list_lru_init+0x70/0x680
[ 2164.965419][  T837]  alloc_super+0x4bf/0x520
[ 2164.969877][  T837]  sget+0x1a5/0x400
[ 2164.973780][  T837]  ? free_anon_bdev+0x20/0x20
[ 2164.978506][  T837]  ? devpts_pty_kill+0x110/0x110
[ 2164.983468][  T837]  ? devpts_kill_sb+0x50/0x50
[ 2164.988130][  T837]  mount_nodev+0x2c/0xd0
[ 2164.992363][  T837]  devpts_mount+0x25/0x30
[ 2164.996820][  T837]  legacy_get_tree+0x70/0xc0
[ 2165.001399][  T837]  vfs_get_tree+0x4a/0x1a0
[ 2165.005802][  T837]  path_mount+0x11d4/0x1ce0
[ 2165.010344][  T837]  __se_sys_mount+0x23d/0x2e0
[ 2165.015025][  T837]  ? fput+0x2d/0x130
[ 2165.018901][  T837]  __x64_sys_mount+0x63/0x70
[ 2165.023462][  T837]  do_syscall_64+0x4a/0x90
[ 2165.027930][  T837]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2165.033858][  T837] RIP: 0033:0x4665d9
[ 2165.037727][  T837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2165.057361][  T837] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2165.065746][  T837] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2165.073722][  T837] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2165.081672][  T837] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2165.089614][  T837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2165.097557][  T837] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:40 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 5 (fault-call:1 fault-nth:13):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:40 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2165.294606][  T856] FAULT_INJECTION: forcing a failure.
[ 2165.294606][  T856] name failslab, interval 1, probability 0, space 0, times 0
[ 2165.307328][  T856] CPU: 0 PID: 856 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2165.315923][  T856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2165.325973][  T856] Call Trace:
[ 2165.329350][  T856]  dump_stack+0x137/0x19d
[ 2165.333750][  T856]  should_fail+0x23c/0x250
[ 2165.338152][  T856]  __should_failslab+0x81/0x90
[ 2165.342897][  T856]  should_failslab+0x5/0x20
[ 2165.347386][  T856]  kmem_cache_alloc_node_trace+0x58/0x2e0
[ 2165.353114][  T856]  ? __list_lru_init+0x70/0x680
[ 2165.358040][  T856]  ? __kmalloc_node+0x30/0x40
[ 2165.362711][  T856]  __kmalloc_node+0x30/0x40
[ 2165.367229][  T856]  kvmalloc_node+0x81/0xf0
[ 2165.371629][  T856]  __list_lru_init+0x2d7/0x680
[ 2165.376391][  T856]  alloc_super+0x4bf/0x520
[ 2165.380790][  T856]  sget+0x1a5/0x400
[ 2165.384585][  T856]  ? free_anon_bdev+0x20/0x20
[ 2165.389245][  T856]  ? devpts_pty_kill+0x110/0x110
[ 2165.394164][  T856]  ? devpts_kill_sb+0x50/0x50
[ 2165.398835][  T856]  mount_nodev+0x2c/0xd0
[ 2165.403059][  T856]  devpts_mount+0x25/0x30
[ 2165.407375][  T856]  legacy_get_tree+0x70/0xc0
[ 2165.411950][  T856]  vfs_get_tree+0x4a/0x1a0
[ 2165.416370][  T856]  path_mount+0x11d4/0x1ce0
[ 2165.420862][  T856]  __se_sys_mount+0x23d/0x2e0
[ 2165.425524][  T856]  ? fput+0x2d/0x130
[ 2165.429418][  T856]  __x64_sys_mount+0x63/0x70
[ 2165.433993][  T856]  do_syscall_64+0x4a/0x90
[ 2165.438479][  T856]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2165.444453][  T856] RIP: 0033:0x4665d9
[ 2165.448328][  T856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2165.468000][  T856] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2165.476394][  T856] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2165.484461][  T856] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
03:41:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2165.492424][  T856] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2165.500373][  T856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2165.508324][  T856] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2165.856312][  T854] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2165.864341][  T854] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2165.875654][  T854] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2165.883602][  T854] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:40 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x4b49, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:40 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(0x0, &(0x7f0000000100)='./file0\x00')

03:41:40 executing program 5 (fault-call:1 fault-nth:14):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:40 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:40 executing program 4:
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2166.040527][  T854] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2166.048515][  T854] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2166.060135][  T854] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2166.068247][  T854] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2166.122048][  T891] FAULT_INJECTION: forcing a failure.
[ 2166.122048][  T891] name failslab, interval 1, probability 0, space 0, times 0
[ 2166.134656][  T891] CPU: 1 PID: 891 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2166.143220][  T891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2166.153373][  T891] Call Trace:
[ 2166.156634][  T891]  dump_stack+0x137/0x19d
[ 2166.160958][  T891]  should_fail+0x23c/0x250
[ 2166.165370][  T891]  __should_failslab+0x81/0x90
[ 2166.170127][  T891]  ? devpts_fill_super+0xca/0x4f0
[ 2166.175134][  T891]  should_failslab+0x5/0x20
[ 2166.179621][  T891]  kmem_cache_alloc_trace+0x49/0x310
[ 2166.184891][  T891]  devpts_fill_super+0xca/0x4f0
[ 2166.189728][  T891]  ? sget+0x3c0/0x400
[ 2166.193692][  T891]  ? free_anon_bdev+0x20/0x20
[ 2166.198430][  T891]  ? devpts_pty_kill+0x110/0x110
[ 2166.203363][  T891]  ? devpts_kill_sb+0x50/0x50
[ 2166.208129][  T891]  mount_nodev+0x4f/0xd0
[ 2166.212353][  T891]  devpts_mount+0x25/0x30
[ 2166.216658][  T891]  legacy_get_tree+0x70/0xc0
[ 2166.221224][  T891]  vfs_get_tree+0x4a/0x1a0
[ 2166.225620][  T891]  path_mount+0x11d4/0x1ce0
[ 2166.230101][  T891]  __se_sys_mount+0x23d/0x2e0
[ 2166.234756][  T891]  ? fput+0x2d/0x130
[ 2166.238629][  T891]  __x64_sys_mount+0x63/0x70
[ 2166.243195][  T891]  do_syscall_64+0x4a/0x90
[ 2166.247599][  T891]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2166.253688][  T891] RIP: 0033:0x4665d9
[ 2166.257561][  T891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2166.277152][  T891] RSP: 002b:00007fafb68c9188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2166.285539][  T891] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2166.293568][  T891] RDX: 00000000200002c0 RSI: 00000000200001c0 RDI: 0000000000000000
[ 2166.301534][  T891] RBP: 00007fafb68c91d0 R08: 0000000020000300 R09: 0000000000000000
[ 2166.309477][  T891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
03:41:41 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(0x0, &(0x7f0000000100)='./file0\x00')

[ 2166.317434][  T891] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
03:41:41 executing program 5 (fault-call:1 fault-nth:15):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:41:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5409, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:41 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(0x0, &(0x7f0000000100)='./file0\x00')

[ 2166.440507][  T906] devpts: called with bogus options
[ 2166.445970][  T906] FAULT_INJECTION: forcing a failure.
[ 2166.445970][  T906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2166.459025][  T906] CPU: 1 PID: 906 Comm: syz-executor.5 Not tainted 5.13.0-rc7-syzkaller #0
[ 2166.467597][  T906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2166.477630][  T906] Call Trace:
[ 2166.480923][  T906]  dump_stack+0x137/0x19d
[ 2166.485292][  T906]  should_fail+0x23c/0x250
03:41:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x540b, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x540c, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2166.489706][  T906]  should_fail_usercopy+0x16/0x20
[ 2166.494715][  T906]  _copy_to_user+0x1c/0x90
[ 2166.499298][  T906]  simple_read_from_buffer+0xab/0x120
[ 2166.504675][  T906]  proc_fail_nth_read+0xf6/0x140
[ 2166.509638][  T906]  ? rw_verify_area+0x136/0x250
[ 2166.514550][  T906]  ? proc_fault_inject_write+0x200/0x200
[ 2166.520288][  T906]  vfs_read+0x154/0x5d0
[ 2166.524428][  T906]  ? __fget_light+0x21b/0x260
[ 2166.529083][  T906]  ? __cond_resched+0x11/0x40
[ 2166.533747][  T906]  ksys_read+0xce/0x180
[ 2166.537903][  T906]  __x64_sys_read+0x3e/0x50
[ 2166.542384][  T906]  do_syscall_64+0x4a/0x90
[ 2166.546786][  T906]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2166.552666][  T906] RIP: 0033:0x41935c
[ 2166.556555][  T906] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2166.576138][  T906] RSP: 002b:00007fafb68c9170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
03:41:41 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x540d, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:41 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', 0x0)

03:41:41 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2166.584650][  T906] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000041935c
[ 2166.592600][  T906] RDX: 000000000000000f RSI: 00007fafb68c91e0 RDI: 0000000000000003
[ 2166.600571][  T906] RBP: 00007fafb68c91d0 R08: 0000000000000000 R09: 0000000000000000
[ 2166.608524][  T906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2166.616563][  T906] R13: 00007ffca1df56ef R14: 00007fafb68c9300 R15: 0000000000022000
[ 2166.855629][  T923] devpts: called with bogus options
[ 2166.863059][  T889] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2166.871056][  T889] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2166.882516][  T889] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2166.890492][  T889] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:42 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:42 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', 0x0)

03:41:42 executing program 4 (fault-call:1 fault-nth:0):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5413, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:42 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2, &(0x7f0000000300)='ramfs\x00')

[ 2167.070559][  T889] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2167.078579][  T889] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2167.090109][  T889] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2167.098093][  T889] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:42 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', 0x0)

03:41:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5414, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2167.166202][  T937] devpts: called with bogus options
[ 2167.171781][  T939] FAULT_INJECTION: forcing a failure.
[ 2167.171781][  T939] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2167.184863][  T939] CPU: 1 PID: 939 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2167.193435][  T939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2167.203524][  T939] Call Trace:
[ 2167.206790][  T939]  dump_stack+0x137/0x19d
[ 2167.211118][  T939]  should_fail+0x23c/0x250
03:41:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5415, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2167.215520][  T939]  should_fail_usercopy+0x16/0x20
[ 2167.220536][  T939]  _copy_from_user+0x1c/0xd0
[ 2167.225159][  T939]  perf_copy_attr+0x156/0x650
[ 2167.229918][  T939]  __se_sys_perf_event_open+0xb6/0x2740
[ 2167.235496][  T939]  ? vfs_write+0x50c/0x770
[ 2167.239908][  T939]  __x64_sys_perf_event_open+0x63/0x70
[ 2167.245443][  T939]  do_syscall_64+0x4a/0x90
[ 2167.249889][  T939]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2167.255788][  T939] RIP: 0033:0x4665d9
[ 2167.259665][  T939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2167.279251][  T939] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2167.287657][  T939] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2167.295661][  T939] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2167.303623][  T939] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2167.311593][  T939] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2167.319565][  T939] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:42 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x10, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:42 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x3, &(0x7f0000000300)='ramfs\x00')

03:41:42 executing program 4 (fault-call:1 fault-nth:1):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:42 executing program 2 (fault-call:2 fault-nth:0):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2167.362360][  T932] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2167.370364][  T932] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2167.382896][  T932] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2167.390898][  T932] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2167.580790][  T960] FAULT_INJECTION: forcing a failure.
[ 2167.580790][  T960] name failslab, interval 1, probability 0, space 0, times 0
[ 2167.583138][  T932] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2167.593403][  T960] CPU: 0 PID: 960 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2167.601364][  T932] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2167.609912][  T960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2167.609922][  T960] Call Trace:
[ 2167.609928][  T960]  dump_stack+0x137/0x19d
[ 2167.629530][  T932] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2167.631210][  T960]  should_fail+0x23c/0x250
[ 2167.631228][  T960]  __should_failslab+0x81/0x90
[ 2167.634488][  T932] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2167.638776][  T960]  should_failslab+0x5/0x20
[ 2167.659505][  T959] devpts: called with bogus options
[ 2167.667073][  T960]  kmem_cache_alloc_node+0x58/0x2b0
[ 2167.681908][  T960]  ? cred_has_capability+0x1af/0x210
[ 2167.687188][  T960]  ? perf_event_alloc+0x160/0x1790
[ 2167.692361][  T960]  perf_event_alloc+0x160/0x1790
[ 2167.697285][  T960]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2167.702902][  T960]  ? vfs_write+0x50c/0x770
[ 2167.707311][  T960]  __x64_sys_perf_event_open+0x63/0x70
[ 2167.712741][  T960]  do_syscall_64+0x4a/0x90
[ 2167.717131][  T960]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2167.723011][  T960] RIP: 0033:0x4665d9
[ 2167.726877][  T960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2167.746456][  T960] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2167.754910][  T960] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2167.762909][  T960] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2167.770879][  T960] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
03:41:42 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5416, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:42 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:42 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4, &(0x7f0000000300)='ramfs\x00')

03:41:42 executing program 4 (fault-call:1 fault-nth:2):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2167.778858][  T960] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2167.786806][  T960] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:42 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140))
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2167.857659][  T977] FAULT_INJECTION: forcing a failure.
[ 2167.857659][  T977] name failslab, interval 1, probability 0, space 0, times 0
[ 2167.870363][  T977] CPU: 0 PID: 977 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2167.878959][  T977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2167.889046][  T977] Call Trace:
[ 2167.892356][  T977]  dump_stack+0x137/0x19d
[ 2167.896723][  T977]  should_fail+0x23c/0x250
[ 2167.901110][  T977]  ? perf_uprobe_init+0x45/0x140
[ 2167.906020][  T977]  __should_failslab+0x81/0x90
[ 2167.910800][  T977]  should_failslab+0x5/0x20
[ 2167.915276][  T977]  __kmalloc_track_caller+0x64/0x340
[ 2167.920585][  T977]  ? strnlen_user+0x137/0x1c0
[ 2167.925234][  T977]  strndup_user+0x73/0x120
[ 2167.929626][  T977]  perf_uprobe_init+0x45/0x140
[ 2167.934365][  T977]  perf_uprobe_event_init+0xde/0x140
[ 2167.939671][  T977]  perf_try_init_event+0x21a/0x400
[ 2167.944755][  T977]  perf_event_alloc+0xa60/0x1790
[ 2167.949763][  T977]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2167.955370][  T977]  ? vfs_write+0x50c/0x770
[ 2167.959762][  T977]  __x64_sys_perf_event_open+0x63/0x70
[ 2167.965192][  T977]  do_syscall_64+0x4a/0x90
[ 2167.969584][  T977]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2167.975523][  T977] RIP: 0033:0x4665d9
[ 2167.979392][  T977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2167.999192][  T977] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:41:42 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='ocfs2\x00', 0x2a0eec449fafbbd4, 0x0)
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000200)='./file0\x00', &(0x7f00000001c0)='bdev\x00', 0x2102008, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
symlink(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./file0\x00')

03:41:42 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x5, &(0x7f0000000300)='ramfs\x00')

[ 2168.007576][  T977] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2168.015527][  T977] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2168.023474][  T977] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2168.031431][  T977] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2168.039372][  T977] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2168.048267][  T976] devpts: called with bogus options
[ 2168.092536][  T990] devpts: called with bogus options
03:41:43 executing program 4 (fault-call:1 fault-nth:3):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6, &(0x7f0000000300)='ramfs\x00')

03:41:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:43 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x2c4)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
dup(r0)
sendmsg(r0, &(0x7f00000000c0)={&(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @multicast1}, 0x0, 0x0, 0x4}}, 0x80, &(0x7f0000000680)=[{&(0x7f00000001c0)="3f5b427f1b41302b8789ce18e9a694daa4f43cc1403310d714ad9b80b8aec26b2dc99c186ebe4e7dd9b48d48b96f01e99f9402ff05c2e338e4f53808892da620e14e52dd00cc3696407c8a5341b4a98c2a97c7e02d7470b556521e5aa3cdf149e59b019633896d0fd21eeac5c082e02847c0e3f9ea8382415ff18be898488c66622dc8bd9afefd1a109b9d07f0e0193fec35c61df534f8ab19eeae57bd6dd41c0f6879f61dc325a7856395149d4d83d74562f67649c507a4", 0xb8}, {&(0x7f0000000280)="84475c1398016ecdc708c371f3d23994ac0de38a5d608f25846b9ceb1118c9412b625d513c860f8d166de9cd67be7073ff679d276e8232315a5d2858d8dac547b91b3a5b5dac88ff821ade615b8f579a3ae67d72d6d01c7c528a8bef2474c846a40abaa51882289cf24c4e45470d0f589b1e87901eaf6590057c3286ce1960b7918b2241870cd53cc3b271a7e40cd4f886326a78efea392a8da0cc870c1592d1e3f1aa62fd3bd567b49e3f5d07e5644243c20adab614c4a28d1fc67716db1787dd", 0xc1}, {&(0x7f0000000380)="610a9874852157db929d6ab12cb27d3ce032715db9605eac327bc7ddaea57fee70965c7eccbed511852a5e506c5dcb7aee9361733da9d6e8eb1ee766f1fcb687f7c2aeb00b34083303f9a11d608ec5e0a7d8f951735bf06829853a4b8b68a7bcaad03d1513902ceac01ad57fe0ecde1dd22e1f74e5268df80c0266e6effe12ada05a593f40cea2a56c7dfc0a3afba91932f148f8985bd320cbdea226bb21ff5b4418b25196041b8ddfe2bd8f637c92aa14cb08ac505214986d62c80fae25931a63b2a123bde01d3aab067a73f201b3a0504b9fa7371f259445a03d2a12259422b84a2cb946ced0f80f95e3", 0xeb}, {&(0x7f0000000480)="868407f27896a8e8af1672b481e5faf28575077fb1dd114b6d4450cb695f404cefbb8af50c987948048fbf88d6733a59599d1d2f844e5d8696f4ecae051b1e624e0c18075e3dac412e8a67d849b9f33a4e15608a95f7a6c617e6bb0908ac2673dcdfcfb8a5a89b8fb74992f5848ab6a81a2c42d5a1b6eb72590b79c422413c6b82e7a8df965a0b4888", 0x89}, {&(0x7f0000000540)="c82c3c4ec1fb2d3aa81591a84b357d6f977b843d81eaf20251cf8806d5469bac3e8151970f411ba1be10005bcdc6f305734e339fab5cbcd43e37bd33f02ca6a923e9f1c0cdcf3023591f1a391f7c57ded5c8774b4d019d95e4fc81e538f614714d348f2c5c114cd94a21c2158181249c3a78118f976af3d5c67f44d1bef56cd7dc88b5752f9e062f8e6be2f62ef623810d1d038282a3256d0fb65943d13c5db182faea638d76c86031d04aebefe9", 0xae}, {&(0x7f0000000600)="5ca5a5d24888565a11ef2a0ea30a7e80e90dc8c54c48ed6e12dbec9e3670cc1a8c7bfe140429242c22166d3e2dc1d290e59af85e3de9672c2bc9f36a4ae7fda6b03d33e5fb5fb3335a16491e8b8741a1d1e6bb59f27d055e6218e0590e0262fe358a07c8b08e8eade5be6891365465d588773ac479ada0b35c049039d9403dca", 0x80}], 0x6}, 0x800)

[ 2168.165724][ T1001] devpts: called with bogus options
[ 2168.170548][ T1002] FAULT_INJECTION: forcing a failure.
[ 2168.170548][ T1002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2168.175398][  T969] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2168.183932][ T1002] CPU: 1 PID: 1002 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2168.191886][  T969] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2168.200514][ T1002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2168.200525][ T1002] Call Trace:
[ 2168.200531][ T1002]  dump_stack+0x137/0x19d
[ 2168.213425][  T969] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2168.221815][ T1002]  should_fail+0x23c/0x250
[ 2168.225108][  T969] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2168.229397][ T1002]  should_fail_usercopy+0x16/0x20
[ 2168.257947][ T1002]  _copy_from_user+0x1c/0xd0
[ 2168.262643][ T1002]  strndup_user+0xb0/0x120
[ 2168.267122][ T1002]  perf_uprobe_init+0x45/0x140
[ 2168.271863][ T1002]  perf_uprobe_event_init+0xde/0x140
[ 2168.277127][ T1002]  perf_try_init_event+0x21a/0x400
[ 2168.282297][ T1002]  perf_event_alloc+0xa60/0x1790
[ 2168.287211][ T1002]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2168.292813][ T1002]  ? vfs_write+0x50c/0x770
[ 2168.297223][ T1002]  __x64_sys_perf_event_open+0x63/0x70
[ 2168.302653][ T1002]  do_syscall_64+0x4a/0x90
[ 2168.307129][ T1002]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2168.313000][ T1002] RIP: 0033:0x4665d9
[ 2168.316880][ T1002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2168.336458][ T1002] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2168.344842][ T1002] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2168.352836][ T1002] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2168.360777][ T1002] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2168.368721][ T1002] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2168.376711][ T1002] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:43 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5417, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7, &(0x7f0000000300)='ramfs\x00')

03:41:43 executing program 2:
ptrace$getsig(0x4202, 0xffffffffffffffff, 0xb5b, &(0x7f0000000140))
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x45442, 0x0)
clock_gettime(0x0, &(0x7f00000092c0)={<r0=>0x0, <r1=>0x0})
recvmmsg(0xffffffffffffffff, &(0x7f0000009080)=[{{&(0x7f00000001c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000240)=""/198, 0xc6}, {&(0x7f0000000340)=""/153, 0x99}, {&(0x7f0000000400)=""/220, 0xdc}, {&(0x7f00000000c0)=""/39, 0x27}], 0x4, &(0x7f0000000540)=""/95, 0x5f}, 0x5}, {{&(0x7f00000005c0)=@generic, 0x80, &(0x7f0000000940)=[{&(0x7f0000000640)=""/247, 0xf7}, {&(0x7f0000000740)=""/88, 0x58}, {&(0x7f00000007c0)=""/188, 0xbc}, {&(0x7f0000000880)=""/157, 0x9d}], 0x4, &(0x7f0000000980)=""/144, 0x90}}, {{&(0x7f0000000a40)=@caif=@util, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000ac0)=""/240, 0xf0}, {&(0x7f0000000bc0)=""/53, 0x35}, {&(0x7f0000000c00)=""/191, 0xbf}, {&(0x7f0000000cc0)=""/58, 0x3a}], 0x4, &(0x7f0000000d40)=""/181, 0xb5}, 0x38}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000e00)=""/147, 0x93}, {&(0x7f0000000ec0)=""/62, 0x3e}], 0x2, &(0x7f0000000f40)=""/4096, 0x1000}, 0x6}, {{&(0x7f0000001f40)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000003440)=[{&(0x7f0000001fc0)=""/1, 0x1}, {&(0x7f0000002000)=""/4096, 0x1000}, {&(0x7f0000003000)=""/248, 0xf8}, {&(0x7f0000003100)=""/209, 0xd1}, {&(0x7f0000003200)=""/179, 0xb3}, {&(0x7f00000032c0)=""/246, 0xf6}, {&(0x7f00000033c0)=""/115, 0x73}], 0x7}, 0x401}, {{&(0x7f00000034c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000003740)=[{&(0x7f0000003540)=""/225, 0xe1}, {&(0x7f0000003640)=""/11, 0xb}, {&(0x7f0000003680)=""/92, 0x5c}, {&(0x7f0000003700)=""/52, 0x34}], 0x4}, 0x6}, {{&(0x7f0000003780)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000005a80)=[{&(0x7f0000003800)=""/242, 0xf2}, {&(0x7f0000003900)=""/28, 0x1c}, {&(0x7f0000003940)=""/4096, 0x1000}, {&(0x7f0000004940)=""/172, 0xac}, {&(0x7f0000004a00)=""/76, 0x4c}, {&(0x7f0000004a80)=""/4096, 0x1000}], 0x6, &(0x7f0000005b00)=""/26, 0x1a}, 0x3}, {{&(0x7f0000005b40)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000007c80)=[{&(0x7f0000005bc0)=""/4096, 0x1000}, {&(0x7f0000006bc0)=""/140, 0x8c}, {&(0x7f0000006c80)=""/4096, 0x1000}], 0x3, &(0x7f0000007cc0)=""/61, 0x3d}, 0xfff}, {{0x0, 0x0, &(0x7f0000008f40)=[{&(0x7f0000007d00)=""/245, 0xf5}, {&(0x7f0000007e00)=""/192, 0xc0}, {&(0x7f0000007ec0)=""/4096, 0x1000}, {&(0x7f0000008ec0)=""/82, 0x52}], 0x4, &(0x7f0000008f80)=""/218, 0xda}, 0x7}], 0x9, 0x0, &(0x7f0000009300)={r0, r1+60000000})
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:43 executing program 4 (fault-call:1 fault-nth:4):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2168.531641][  T969] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2168.539747][  T969] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2168.551450][  T969] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2168.559534][  T969] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2168.600170][ T1017] devpts: called with bogus options
[ 2168.600528][ T1018] FAULT_INJECTION: forcing a failure.
[ 2168.600528][ T1018] name failslab, interval 1, probability 0, space 0, times 0
[ 2168.617953][ T1018] CPU: 1 PID: 1018 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2168.626691][ T1018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2168.636727][ T1018] Call Trace:
[ 2168.640036][ T1018]  dump_stack+0x137/0x19d
[ 2168.644456][ T1018]  should_fail+0x23c/0x250
[ 2168.648878][ T1018]  ? getname_kernel+0x37/0x1d0
[ 2168.653636][ T1018]  __should_failslab+0x81/0x90
[ 2168.658383][ T1018]  should_failslab+0x5/0x20
[ 2168.662868][ T1018]  kmem_cache_alloc+0x46/0x2f0
[ 2168.667614][ T1018]  getname_kernel+0x37/0x1d0
[ 2168.672190][ T1018]  kern_path+0x19/0x40
[ 2168.676248][ T1018]  create_local_trace_uprobe+0x3f/0x3c0
[ 2168.681791][ T1018]  perf_uprobe_init+0xbe/0x140
[ 2168.686542][ T1018]  perf_uprobe_event_init+0xde/0x140
[ 2168.691899][ T1018]  perf_try_init_event+0x21a/0x400
03:41:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x8, &(0x7f0000000300)='ramfs\x00')

[ 2168.696993][ T1018]  perf_event_alloc+0xa60/0x1790
[ 2168.701916][ T1018]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2168.707578][ T1018]  ? vfs_write+0x50c/0x770
[ 2168.711977][ T1018]  __x64_sys_perf_event_open+0x63/0x70
[ 2168.717425][ T1018]  do_syscall_64+0x4a/0x90
[ 2168.721829][ T1018]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2168.727781][ T1018] RIP: 0033:0x4665d9
03:41:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x9, &(0x7f0000000300)='ramfs\x00')

[ 2168.731656][ T1018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2168.751241][ T1018] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2168.753918][ T1026] devpts: called with bogus options
[ 2168.759640][ T1018] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2168.759653][ T1018] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2168.759664][ T1018] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2168.759674][ T1018] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
03:41:43 executing program 4 (fault-call:1 fault-nth:5):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2168.796648][ T1018] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:43 executing program 2:
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x200102, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="30000000823fc10f407b241c34bf017b4865c7499063b71fbf52191686dddf595986f5f1baef514989bb766989f980105f67ee1ef7427edb8d00d797f084dd454d67469cc1ea030f1fd042acf45a9204fb5e9a88c2228ca40a8c249279c732157e12425606c1c9757504b52c26a36dbf15e128c451857e5d3f5548c32b410893256dd5f35ec2855e4432", @ANYRES16=r1, @ANYBLOB="100026bd7000ffdbdf25650000000c009900050000005400000008000200000000000800010006000000"], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xa, &(0x7f0000000300)='ramfs\x00')

[ 2168.848443][ T1037] FAULT_INJECTION: forcing a failure.
[ 2168.848443][ T1037] name failslab, interval 1, probability 0, space 0, times 0
[ 2168.856402][ T1036] devpts: called with bogus options
[ 2168.861054][ T1037] CPU: 1 PID: 1037 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2168.874863][ T1037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2168.884903][ T1037] Call Trace:
[ 2168.888163][ T1037]  dump_stack+0x137/0x19d
[ 2168.892482][ T1037]  should_fail+0x23c/0x250
[ 2168.896885][ T1037]  __should_failslab+0x81/0x90
[ 2168.900778][ T1012] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2168.901633][ T1037]  ? proc_self_get_link+0x90/0x100
[ 2168.901651][ T1037]  should_failslab+0x5/0x20
[ 2168.909611][ T1012] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2168.914672][ T1037]  kmem_cache_alloc_trace+0x49/0x310
[ 2168.914694][ T1037]  proc_self_get_link+0x90/0x100
[ 2168.921415][ T1012] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2168.930434][ T1037]  ? proc_setup_self+0x1d0/0x1d0
[ 2168.930452][ T1037]  step_into+0x9b4/0xec0
[ 2168.930467][ T1037]  walk_component+0x190/0x350
[ 2168.935731][ T1012] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2168.940622][ T1037]  link_path_walk+0x4ba/0x780
[ 2168.978290][ T1037]  path_lookupat+0x7b/0x570
[ 2168.982815][ T1037]  filename_lookup+0xff/0x390
[ 2168.987472][ T1037]  ? kmem_cache_alloc+0x201/0x2f0
[ 2168.992475][ T1037]  ? getname_kernel+0x37/0x1d0
[ 2168.997287][ T1037]  kern_path+0x2e/0x40
[ 2169.001331][ T1037]  create_local_trace_uprobe+0x3f/0x3c0
[ 2169.006886][ T1037]  perf_uprobe_init+0xbe/0x140
[ 2169.011639][ T1037]  perf_uprobe_event_init+0xde/0x140
[ 2169.016917][ T1037]  perf_try_init_event+0x21a/0x400
[ 2169.022004][ T1037]  perf_event_alloc+0xa60/0x1790
[ 2169.026925][ T1037]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2169.032563][ T1037]  ? vfs_write+0x50c/0x770
[ 2169.036952][ T1037]  __x64_sys_perf_event_open+0x63/0x70
[ 2169.042399][ T1037]  do_syscall_64+0x4a/0x90
[ 2169.046861][ T1037]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2169.052846][ T1037] RIP: 0033:0x4665d9
[ 2169.056766][ T1037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2169.076377][ T1037] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2169.084763][ T1037] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5418, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2169.092722][ T1037] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2169.100689][ T1037] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2169.108700][ T1037] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2169.116642][ T1037] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:44 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, 0x0, 0x0, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:44 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
utimes(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)={{}, {0x77359400}})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file1\x00', 0x40, 0x1c2)
umount2(&(0x7f00000001c0)='./file1\x00', 0x8)

03:41:44 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xb, &(0x7f0000000300)='ramfs\x00')

[ 2169.291585][ T1012] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2169.292009][ T1045] devpts: called with bogus options
[ 2169.299580][ T1012] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2169.320197][ T1012] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2169.328182][ T1012] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:44 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000080)=@md0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='cgroup2\x00', 0x2006, &(0x7f00000001c0)='\\#S/%b,\x00')
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x80000000)
chmod(&(0x7f00000000c0)='./file0\x00', 0x2)
mount(&(0x7f0000000280)=@sg0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='exofs\x00', 0xa04800, &(0x7f0000000340)='\xfc,\x00')
open(&(0x7f0000000240)='./file0\x00', 0x200802, 0x40)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x541b, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:44 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xc, &(0x7f0000000300)='ramfs\x00')

[ 2169.434794][ T1056] devpts: called with bogus options
[ 2169.442681][ T1056] devpts: called with bogus options
03:41:44 executing program 2:
ioctl$BTRFS_IOC_TREE_SEARCH_V2(0xffffffffffffffff, 0xc0709411, &(0x7f0000000240)={{0x0, 0x8, 0x4, 0x7, 0x80000000, 0x4, 0xfffffffffffffff9, 0x9ce148a, 0x6, 0x3f, 0x2, 0xfffffffffffff801, 0xffffffff, 0x2, 0x100000001}})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x80)
accept$unix(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000000c0)=0x6e)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='./file0\x00')

[ 2169.526200][ T1066] devpts: called with bogus options
03:41:44 executing program 4 (fault-call:1 fault-nth:6):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:44 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xd, &(0x7f0000000300)='ramfs\x00')

[ 2169.773876][ T1080] devpts: called with bogus options
[ 2169.784904][ T1081] FAULT_INJECTION: forcing a failure.
[ 2169.784904][ T1081] name failslab, interval 1, probability 0, space 0, times 0
[ 2169.797503][ T1081] CPU: 1 PID: 1081 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2169.806168][ T1081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2169.816234][ T1081] Call Trace:
[ 2169.819540][ T1081]  dump_stack+0x137/0x19d
[ 2169.823877][ T1081]  should_fail+0x23c/0x250
[ 2169.828268][ T1081]  __should_failslab+0x81/0x90
[ 2169.833034][ T1081]  ? create_local_trace_uprobe+0xa9/0x3c0
[ 2169.838728][ T1081]  should_failslab+0x5/0x20
[ 2169.843200][ T1081]  kmem_cache_alloc_trace+0x49/0x310
[ 2169.848466][ T1081]  create_local_trace_uprobe+0xa9/0x3c0
[ 2169.854026][ T1081]  perf_uprobe_init+0xbe/0x140
[ 2169.858779][ T1081]  perf_uprobe_event_init+0xde/0x140
[ 2169.864032][ T1081]  perf_try_init_event+0x21a/0x400
[ 2169.869124][ T1081]  perf_event_alloc+0xa60/0x1790
[ 2169.874031][ T1081]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2169.879635][ T1081]  ? vfs_write+0x50c/0x770
[ 2169.884040][ T1081]  __x64_sys_perf_event_open+0x63/0x70
[ 2169.889505][ T1081]  do_syscall_64+0x4a/0x90
[ 2169.893945][ T1081]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2169.899811][ T1081] RIP: 0033:0x4665d9
[ 2169.903719][ T1081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2169.923330][ T1081] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2169.931722][ T1081] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2169.939786][ T1081] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2169.947742][ T1081] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2169.955821][ T1081] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2169.963763][ T1081] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:44 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, 0xffffffffffffffff, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x541d, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:44 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r1)
mount$9p_virtio(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x4000, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=virtio,access=any,access=client,posixacl,version=9p2000,msize=0x0000000000008001,fowner=', @ANYRESDEC=r1, @ANYBLOB="2c01"])
r2 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000240)='wg2\x00', 0x4)

[ 2169.971720][ T1081] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2169.997650][ T1054] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.005642][ T1054] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2170.016937][ T1054] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.024911][ T1054] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2170.199643][ T1054] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.207676][ T1054] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2170.220824][ T1054] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.228799][ T1054] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:45 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, 0x0, 0x0, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:45 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xe, &(0x7f0000000300)='ramfs\x00')

03:41:45 executing program 4 (fault-call:1 fault-nth:7):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:45 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0xa1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x8a)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
creat(&(0x7f0000000140)='./file0\x00', 0x10a)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
open(&(0x7f0000000140)='./bus\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0)
r2 = getpgrp(0xffffffffffffffff)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x80, 0x7f, 0x3, 0xf, 0x0, 0x8, 0x10, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3ff, 0x6, @perf_config_ext={0x0, 0x4}, 0x1000, 0xd95f, 0x34b, 0x7, 0xff, 0x8, 0x6ac, 0x0, 0x7, 0x0, 0x40}, 0x0, 0xffffffffffffffff, r0, 0x0)
r3 = socket$inet6(0xa, 0x401000000001, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB="2c6e6f657874656e642c003a6a5bedc779dfacf29b2c15c4905c33b1"])
close(r3)
r4 = open(&(0x7f0000000400)='./bus\x00', 0x1145042, 0x0)
wait4(r2, &(0x7f0000000000), 0x1000000, 0x0)
sendfile(r3, r4, 0x0, 0xffffdffa)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r1, 0x0)

[ 2170.252739][ T1093] 9pnet_virtio: no channels available for device syz
[ 2170.324888][ T1100] devpts: called with bogus options
[ 2170.336502][ T1101] FAULT_INJECTION: forcing a failure.
[ 2170.336502][ T1101] name failslab, interval 1, probability 0, space 0, times 0
[ 2170.349130][ T1101] CPU: 1 PID: 1101 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2170.349386][ T1103] 9pnet: Insufficient options for proto=fd
[ 2170.357828][ T1101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2170.357837][ T1101] Call Trace:
[ 2170.357843][ T1101]  dump_stack+0x137/0x19d
[ 2170.381230][ T1101]  should_fail+0x23c/0x250
[ 2170.385670][ T1101]  ? kzalloc+0x16/0x20
[ 2170.389748][ T1101]  __should_failslab+0x81/0x90
[ 2170.394558][ T1101]  should_failslab+0x5/0x20
[ 2170.399047][ T1101]  __kmalloc+0x66/0x340
[ 2170.403184][ T1101]  kzalloc+0x16/0x20
[ 2170.407155][ T1101]  trace_probe_init+0x41/0x250
[ 2170.411907][ T1101]  create_local_trace_uprobe+0xd1/0x3c0
[ 2170.417438][ T1101]  perf_uprobe_init+0xbe/0x140
03:41:45 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x10, &(0x7f0000000300)='ramfs\x00')

03:41:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x541e, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2170.422264][ T1101]  perf_uprobe_event_init+0xde/0x140
[ 2170.427530][ T1101]  perf_try_init_event+0x21a/0x400
[ 2170.432644][ T1101]  perf_event_alloc+0xa60/0x1790
[ 2170.437568][ T1101]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2170.443255][ T1101]  ? vfs_write+0x50c/0x770
[ 2170.447652][ T1101]  __x64_sys_perf_event_open+0x63/0x70
[ 2170.453095][ T1101]  do_syscall_64+0x4a/0x90
[ 2170.457503][ T1101]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2170.463379][ T1101] RIP: 0033:0x4665d9
[ 2170.467253][ T1101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2170.486841][ T1101] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2170.495261][ T1101] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2170.503306][ T1101] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2170.511282][ T1101] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
03:41:45 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x11, &(0x7f0000000300)='ramfs\x00')

03:41:45 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:45 executing program 4 (fault-call:1 fault-nth:8):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2170.519228][ T1101] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2170.527188][ T1101] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2170.535214][ T1101] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2170.547564][ T1113] devpts: called with bogus options
03:41:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x541e, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2170.577063][ T1097] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.585575][ T1097] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2170.597544][ T1097] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.605527][ T1097] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2170.660842][ T1109] 9pnet: Insufficient options for proto=fd
03:41:45 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
chdir(&(0x7f00000000c0)='./file0\x00')

[ 2170.827016][ T1123] FAULT_INJECTION: forcing a failure.
[ 2170.827016][ T1123] name failslab, interval 1, probability 0, space 0, times 0
[ 2170.839742][ T1123] CPU: 0 PID: 1123 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2170.848460][ T1123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2170.858499][ T1123] Call Trace:
[ 2170.861872][ T1123]  dump_stack+0x137/0x19d
[ 2170.866250][ T1123]  should_fail+0x23c/0x250
[ 2170.867528][ T1124] devpts: called with bogus options
[ 2170.870655][ T1123]  ? trace_probe_init+0x1bd/0x250
[ 2170.880953][ T1123]  __should_failslab+0x81/0x90
[ 2170.885716][ T1123]  should_failslab+0x5/0x20
[ 2170.890215][ T1123]  __kmalloc_track_caller+0x64/0x340
[ 2170.895489][ T1123]  ? __kmalloc+0x23d/0x340
[ 2170.896327][ T1097] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.899943][ T1123]  ? kzalloc+0x16/0x20
[ 2170.907910][ T1097] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2170.911956][ T1123]  kstrdup+0x31/0x70
03:41:45 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x12, &(0x7f0000000300)='ramfs\x00')

[ 2170.927085][ T1123]  trace_probe_init+0x1bd/0x250
[ 2170.931926][ T1123]  create_local_trace_uprobe+0xd1/0x3c0
[ 2170.935237][ T1097] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2170.937457][ T1123]  perf_uprobe_init+0xbe/0x140
[ 2170.937477][ T1123]  perf_uprobe_event_init+0xde/0x140
[ 2170.945428][ T1097] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2170.950153][ T1123]  perf_try_init_event+0x21a/0x400
[ 2170.971746][ T1123]  perf_event_alloc+0xa60/0x1790
[ 2170.976758][ T1123]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2170.977513][ T1133] devpts: called with bogus options
[ 2170.982376][ T1123]  ? vfs_write+0x50c/0x770
[ 2170.982392][ T1123]  __x64_sys_perf_event_open+0x63/0x70
[ 2170.997415][ T1123]  do_syscall_64+0x4a/0x90
[ 2171.001889][ T1123]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2171.007778][ T1123] RIP: 0033:0x4665d9
[ 2171.011651][ T1123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2171.031309][ T1123] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2171.039741][ T1123] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2171.047687][ T1123] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2171.055853][ T1123] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2171.063810][ T1123] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
03:41:45 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, 0x0, 0x0, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:45 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = dup(0xffffffffffffffff)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r0, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r1}, 0xf2)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = dup(r4)
syz_io_uring_submit(r2, r3, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r5, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r6}, 0xf2)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
r10 = dup(r9)
syz_io_uring_submit(r7, r8, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r10, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r11}, 0xf2)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000800)=[{&(0x7f00000001c0)="881c9c4c45c2048f05547fa9ec537cbd6e0e8f4b47bdeae39940fe691beecc05818ecef641980b1a21888510b20cbbb2dc0e7623c73fa6013853b1e39d8d7de6de1d0e8e984552976b5e94729b94c1db66e2801f42fe95a0e0b1044895b67085c16a08f3c81f24dd5ad877", 0x6b}, {&(0x7f0000000240)="556e366fe58c175dc8496c4137a8f0dc37acd4693609838056b052add76a3da908e25e3d2bf7e3223cc40ab81d22bb0b1be7bf14bd70eb98c2bb5ffc199d5c4ff069398ecc8a13dd3312f8628e53e80e1ea286760d75d4b47b94cc2b0400c2f8e66b05a9217cd1e3", 0x68}, {&(0x7f00000002c0)="9f4d143d7bee9c66807f77465295ac389dcd9df57d407f6015f54bc74199500a6037bd1dc666a4dc8f00f940abbefe9c0c849aecfec3167bbf4d0f099027bab7ca5e59ea488810b297ac543ca5761e7ba5cdde4760f7de9d785564845647d3", 0x5f}, {&(0x7f0000000340)="51fdc4efdbfbd6bf9371799f85646f18b4b49db8198be854baf3fdc6d461d0cb9741297b845475867d0b0e3b491f46272858e82461bb3b663bffff38c9764489d93348bb38be57c5468f287a02730e765057eaafab52764f5b83e9f8921ad01be9422ad301a2fb6bfb38c0a23454b7445631fc3892580cc064b9b2", 0x7b}, {&(0x7f00000003c0)="ee85992ad41e476277bb8d71ce94fb534741d034569b79f89c16865fca608c6a9019203ad75f8fdcdc43e91bf815dc4dc92cb047cc406e4bf2023d9a5087de3b6f302ac029af859792ee1dd0559b80f5a7130b6b7ade106904803cac650a040dfb88069195d0619629da35651b509635727561fad1e2c8b2fd19cb33c6d19639ce6948eabb6fc89b0d339cbea62c983da468cf73b78c91d0c4c229f2834778577fb6b8cab708403528349a7cf88ccb28e079b8eabde6e992e4c1ce", 0xbb}, {&(0x7f0000000480)="d4891eb0431625eda5f08931a7d30b195952fc553ce5eefa9746347a8c853629b35524f213ded5d18dc86005e8a0d68164f1ae42b67d04063ae4221aadf9ce6083e55800d90da181fafd61008884dd8f6a3c3288ae017f4355b64703d2ea3a18013c8bef31ac6c026fe22ea59a06b57bb23941fa56ca42b9becd07d3270b57bd1f946bece8bc62b4ff830862eed55c0ce7db550c8d7ab192e913631c02fa046794e384fbfb1a891d6486777a54f028fad72f12fb4afe7800d60bb7a6ac18669daf358287b3dce96d49493274601dc9720934066c5fc52a3acfde9158fadd57f736f874618696d95b6820d0be03d4b182e3", 0xf1}, {&(0x7f0000000580)="a2b68dce830082373d2aa4b244968639630073ce99803e39fd", 0x19}, {&(0x7f00000005c0)="6d7a57fcf7a30e038b1e46edb6fd1bdedaf4cd4d", 0x14}, {&(0x7f0000000600)="c9f56d05c8ec0625bc8e236dd9a6b196ee5c761d1af8e566aae234bc4683e0f9885aaf6aa026bc341780ca0d8058c231033c36639c0087bca705afc60cbbf7bdb802ac7c8e93fb653d8b0fb2dc471b5c1754e632892984fe489582552b3d819e445cb938020ce7ae8b11d6d9c21de4f4f50d0c436c1ba0e5c0c7d660ee366298f8f460cff18ed08fffbbdb24542f52b50315009dfdd91e51b56468483235225e07dcb24fa0c1a42e42ea796232ce801c57b83b4b6f0eb1a5a7ae7864312c8875b0d162ccae295079d8ecde0b80cd0174e9c56da10c", 0xd5}, {&(0x7f0000000700)="b58fdf0ee1ab3787ef64addbb89d597a3ae7b60ce73334e33c81969a0a6cc345474d3be3a0e7b213d79f9852e2ab5c2ab31b7e5c9dc00a8d669aba302fba6f4e9e130dd926a45eb9d62385aab797f07232d2c2ae753141c7e31b3e7138db1cae09a19f7a50977eb0d7f3c6680a6f0ba116f9020502f2a9f154fe37270913ca241893b001c6ba1cedeae0b5eb1b2aff05623944c50ba94187d8287fd4e6fbda4831716ad7b2cfbe65eff26e0dccf0f93050fdf95f0ff0b6a6edaf3b64a1dcc9e9903c47cb55019c5425e644a637038f9903eea6629ffc78dc1dd4e48676ac18", 0xdf}], 0xa, &(0x7f00000008c0)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000401000000", @ANYRES32, @ANYRES32, @ANYRES16, @ANYRES32, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r6, @ANYRES32=r11, @ANYBLOB="000000001400000000000000012c07f6c1fba80f", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x100}, 0x24004814)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5421, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:45 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x22, &(0x7f0000000300)='ramfs\x00')

03:41:45 executing program 4 (fault-call:1 fault-nth:9):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2171.071768][ T1123] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2171.079828][ T1123] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2171.130410][ T1142] FAULT_INJECTION: forcing a failure.
[ 2171.130410][ T1142] name failslab, interval 1, probability 0, space 0, times 0
[ 2171.143026][ T1142] CPU: 1 PID: 1142 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2171.151681][ T1142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2171.161719][ T1142] Call Trace:
[ 2171.164976][ T1142]  dump_stack+0x137/0x19d
[ 2171.169329][ T1142]  should_fail+0x23c/0x250
[ 2171.173791][ T1142]  ? trace_probe_init+0x1e1/0x250
[ 2171.178791][ T1142]  __should_failslab+0x81/0x90
[ 2171.183533][ T1142]  should_failslab+0x5/0x20
[ 2171.188023][ T1142]  __kmalloc_track_caller+0x64/0x340
[ 2171.193288][ T1142]  ? trace_probe_init+0x1bd/0x250
[ 2171.198288][ T1142]  kstrdup+0x31/0x70
[ 2171.202284][ T1142]  trace_probe_init+0x1e1/0x250
[ 2171.207164][ T1142]  create_local_trace_uprobe+0xd1/0x3c0
[ 2171.212709][ T1142]  perf_uprobe_init+0xbe/0x140
[ 2171.217463][ T1142]  perf_uprobe_event_init+0xde/0x140
[ 2171.222846][ T1142]  perf_try_init_event+0x21a/0x400
[ 2171.227939][ T1142]  perf_event_alloc+0xa60/0x1790
[ 2171.232855][ T1142]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2171.238481][ T1142]  ? vfs_write+0x50c/0x770
[ 2171.242897][ T1142]  __x64_sys_perf_event_open+0x63/0x70
[ 2171.248331][ T1142]  do_syscall_64+0x4a/0x90
[ 2171.252728][ T1142]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2171.258638][ T1142] RIP: 0033:0x4665d9
[ 2171.262503][ T1142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2171.282084][ T1142] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2171.290498][ T1142] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2171.298443][ T1142] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2171.306401][ T1142] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2171.314368][ T1142] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2171.322314][ T1142] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:46 executing program 2:
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0xf8)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x25, &(0x7f0000000300)='ramfs\x00')

[ 2171.330338][ T1142] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2171.469206][ T1119] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2171.477191][ T1119] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2171.488761][ T1119] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2171.496749][ T1119] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:46 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:46 executing program 4 (fault-call:1 fault-nth:10):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:46 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:46 executing program 2:
r0 = accept$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, &(0x7f0000000140)=0x10)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000180)={{r0}, 0x0, 0x0, @unused=[0x7fff, 0xb, 0x3, 0x3], @name="b2f07ce026bc68c460c76dcd563c8aa24543c246ef18b24e286a716391a45fa5eda5a07bd12f09e3f2b87e0a33e0f95ec9bf2cd014af7405bd55c93793749e0272818411133a6ef69c98b7ea958b977828657fdcbee86cda51401ac4312fb7f8f6a214c93cdb52ff618ef4067a16aa1ca6c916e7b52bf54cc431951078266f924d976bce6867091c405706828a341a1ca6f2dec3610eccd6c4a22ea4bcfcc833ae2485da9c404b62260e78454ae5d53a02a76cedcd505d993203292adc13ddfb7420e22c6b0e0e13ad07d554ad5695e1bdd2095e59efb24d8982fa5929d46ea623501f8ccc6d3acaf082799c084427587dd27da3f4f034e4a891ed7fc589870afb04874e430532ad25561b12e49716cc0c95aa4d869aec2bfd3f9a2ac82b9ba77c7bf2943ae05767922d9d0b2f79ce087db7484be891f53f97934ed24fe2ca53db3273945c07ac5121b027fefe792973c4ecf8f41f90093c0ebc24dc819b7db6d351751e54c31e01ee4cb1f8d3d1d1d05596ce5cf3bcae76e2f4ec0b493584f82336653422012e0f4b524370b1cdd17c71376c1e3b82c5eef0e7c303aac87c496843d96bada92a48cad84209a74ef2954eb447f17da8a53df42f6cb14416a6d552bc1c2a94a749776726cf30adc3ce860b7bb829073c10a7557fa394f1cfc217076a10fa8a60e674493292e7dc99a5a1b4b74686cf77ac8bca94d578219714c13b795222158b9f882028ba8028c261fd401ef5e1e21085efd67e494440bcfaf270972ca29074b76c5e17496271e72aef2153126ab1f098455e5eb3ff7b8f06bb3a9af909bc88a27d3c643e75010aab27cac8e512554b3a1f86b4949fad926edc6440cd1eb0875469037c8a7a190b3ec2f9969764370611476b5faf429d3276bf76f512a08bfca0a02f60ff20ec43944eb74f0679e49706eb65148ad6e450cf44fdf5497f58aa786286a8d1598e4241a5aee720985319847c89e59c74395f46e937627d84cdd0a706cce835e6c8ee324d9e68a4d1558af30da9fd3647561c561b1e774a2190105850fe5b022ec80ceb680ae52d71085736ab1678d64ee4a4cd53c53a91e3c61bdad29942da1f5df6d21769a8661f737225d18b4952979405bdd51d224a60eff12332f6abd3f79bd69db8c579f5869143c241ef59707236e08e4e3f41dfded8ecbb89c7d7fabc43a3e7848db73dedf9f06d4b0f2ae303fe8814a72b5116281887f86075a1c67837c45f7b720e8e54b89cb252a99da653a6b4b3ba3dec2ad2448e6ea475096adfbc6b3af477be40fb31813c38347d324e02b6966f802be4638190e8289b8c13894f0ec49431f6e9681062e6861fab8453f50cf915f72306745b721a73c83add6f450a2f9b8005be70417b478afbb9f47e1b4ce75583049dc6d283993f60ec6de8152898c7538a9586a356ff4938c25facf6455554ace450da1b33a0018358817e9cd7391b070d2c0f8b6b59ce0105f41e3503cb24d485d2fbc6bdea8cf85b79005a628cc951d64b519c009878b29940c4c65deea522d57480e678b80c7381404d0cdc82430586c7af558477851d9c4f1b54586423fddfda537999798d73c9aa0cc55f8555c52032f9399d77cfdebfe5073432b6cf139fb01ec870091169f300183bd0a3d40e5056dbc2ddd3cd032808e66ec327758e70c7fc83d3fe799c73f23459aede6137663e39aebcb06fdc302cc01bbeeb28d4fe1499ef65ccea02a9259d5f33cff2ab8f873d7b6db986d2787d7aa2bcc9a59092a54a6de11c76eafad9e0c1b09b9ea48a7d825ed96efe53eac25139e56c96bd9c0aee301cb886f10a1beeef38eb043bcd7ca4f4a0b029e620cdbadde2c0717d8591f9df337126b737ecbd0d68516a8d78562885bacb93892fa3d01cb17daa409cf8dc62f55197d4b4c808d1b2c6f98a50477dd81d23ce844acf25f2d930487d96698dcb305711c7f7bbad122670cdcb64ff4dc59f6a05d6c6613f128335a377108122ea5cd06e7bb1b780ddd2eb7c49092542628bb1f86ada6537f8c91ee215ee2e2ec87e669aa4fde54c895647b52ccc5ec1edf01f0ea38076f1bc6e5509b24e8f57c0a71c2510a2a863857b395d366253cd35a2b77688a8fdcc5212ee0dded561cccbea112e903d583ae6ddb04064d08dd6cca91951f41d49dc97581f1cca88eeff1247010a8a67731260fd799e8ca6051a5017a2d731765e10fae94de2284242d8160f137964c39012c50d7e41773cf5d27526bd6cdfacb5080af4bed56e2b3f29ac1ff92b80f717b9f8b579d135d5229c32623f8a593361bf4e270673dddb2b62b0791ea72706c86cfd2cf43855a9a6f5f825fe5817bc16f1b1dd4b44529d60c50ab02b626050c6bba19e4c867ac3621e2382d58308bb767edecc770d52bd890cbb1a97257aab2771137a0d2468dc9e84b240038436f41939a4ee794595061fd75a667d92d74e8c3c5042c31a2ae547c8f53876fbe5f6a9dd953c4b4dfce7811c3e3eb3206989c0389df5e6fc5d35b124aa9eb714579924c7fd0d523fb12ccd11aacb22b5c4e752a28a75b9578209c19dbbc3b6de3ab6288fd04b254e9da140f47f1d02a4815714bd43c9dbf971b07fbe45d095e6f1e13e33cf8fb30ed31d8662b4919da867b88c77b8a5936260ecad9e031a1d4d154349519e654b366d3fc453b8eae93094752151f7392c42405a7f1f0261a305c7f4c0a64fbe9d72bde7a385286a4bb68f0479245a0247d9bda9c5e680d544b5910420e36d1f498c2373a0c513741aaa38d0c34830a4c5025e993a6229dee91b6f49d01a4b43c38abbd26a69b40a52cb7cf2a12c5f14bb44a99454e577c56b5459388d9ec085e63a2aab083225c5a6f1ac9c7787af80b89456222ae3a7f0371dfacec0b902bbd8fcea8b6379a210395c123de5ad1d45c37f0b10eeba01c9d9c6353bd80e10df7f6ca512608245d8e8c680e31aad0a0aa95cb1f06e769637938b4d7e2466cf31d7bacfd37d4aa857ff2623491b24107fd017df61f3530ccde291c6b09423cfd8c15eeb4fecc0e50425a8b48855a94e1803d8dd725a146b5ac21aa7f3851c3a451c54848332962e16da07c9580786b3cdff15aeb3ba19ace6d62a62450c831918d7b604fdd271057900c4aca9bd1998e6f07e62450fd22753fe74de998f126f3618a2dd89fbebdb4886112137b6ce47407b193461c7628fb263698792e45309ab590ee20a5a5f95a327cca41ff42e3d0c0c61fe8dc92bb5fb49aead231a5553278e0a52e02ee5fe3f15b1c82240d4340fdf41d8881016baa59570502c768a9c968a58862ae748217f5cb114c2772850d4faa952edda55bbbcd3cebd2ac0b0e95657a544320cacb54a57fc140eb7c15cb62e34ef80f827e95f6b57bf4710193263be8143ac729e1e2f83a77818531f98892f4467adeca8839be2605fdc1726f57467a0791d67da316dff4372bbb0c9e6163e8e0403417766c4fccbe9078bd61566dbd23235166faa498f3ee3eebcc529ad7b38a2b29cd58c23c71608f6fa5c7ee41c5ebd2699c7bd108493e900eb864c9b7859fd5da8fe4c7e4d4e06e2dd058ce4b23900d8e6f0ccda69f26e01b73e55518417b8a8f0da35d958b9d0c402624e86992fd49e52dd9fcfa5817f716c4afa1929eda38d4257c4e75b84fb993c8c17f79a9a1343f2c4200c701162f258d69f57db34ecda0f5f0e8dd3b5eaa26037ae370f25555a1f001b62ae806a34b27031a1ebadc86f16b39cec6752cad4c7b97c34b218c053fa9a3822bb7e94a4f52e5ef5e2c99131677368f8f5b9e2502764ff17f6d556c83032806c6263437a8a22309ed11891e893fe11c4f84cc196227ffbbdd10e62814deace66eb1f15042c9c56e57dbb332688233c8dda56ee78128c9dea0b66878e7281dab2cc7b9e5e9f497482bcf9d0183b04227f2b2b866e1c25cc69f0fcdc2ff4d714268616a60d6991d28bf960ecbbf192d7a305cb387b85d0562d0789158a1af553359e05638ddd9b483e04fc75e47179309e43841b0e83db8112bb06769f781d9f4af87dbcb16783cc9310cffcdba581778376f8a447456281f966bd3e4639a502355977d4dfd19e44bb980db21e86d4fb64105ba4858a0697c0ac3d8df65514f3b19d30740ba8fbc95c758ba1d06ab440cd920caa0b2f91c4e84d68f4797a89f3c4a90a7c5a797838f9c148c3301decee533a208e042a73788844154b9d94484869c10c5b78577e3529f1c18e5aa936493abdaa67261e5eff1567c168a6c4a752c034536f4298ab15cc2e73147436f61dbd132b58b58494bddc23351738f26d7121c29ee73638023c0bf7f4ff1ea75b9c11f26f1e32e47ef8ae5e2c96032a9cdc67e1e9baf540ae7dd166aa3bb160a7191b4ba6fb5dea5c7f659cc2220eab2e8ab5322c840695cf77f96bb9641f9ec49ced99fe5f9ab7f3687ecc11a7e2cc725be076e4fa5b859bb306101e662e206e7f5bef2a3cd7411f24ddeb6dac04fc26a4a1e590cc10cf841fc0ad50cacf4d19fc4e3699cab197c0f263f789ce93958ac1b1def5fe03e1cee9a01c3a4304d88816c67a93acdd9128af471f16a3e231384e9cd4a55440745b1563350c8462513135afbb8be12232d4b2e841b21489f4e15904b9524f5c547c53e1def9f3d01a2d9f487a17a496a697c30ca2853b45a6b762802156a5e3d8b5328ef4b41eab3604326a6e843409b633c00d1959764d0876c1873008744ace3a64766992521e26672ab7bdd061cc81dd998938ed39ad323b59e597ea059ba75fde3c5f6dda5e13ceaeb5e0b99ba02c613867f648e858f7b3eb22033f0cc82c897f62dfb9cc9875a31561acaf5f7f2cdcc9bb8f25a9802474a41d6052b81972895d28d961511d7e2dc4e725009e4fec5097dbc723f043eded64f5cbf34a323563540332f36473140d0e37aa823c446563c8505d5b817ca9dabe703e4f737d7bd6e44755d13529b72c9c5ff7782adf460b1bc1a1c202da7744e3d3e030978a1dfb312873e2837e3e35aeeb10645d7eee1965a149d3736e590df14852f6711d0edf91855565b55831940a9da0af5bd056513d76a44052b2f47e6df376c9fd8c88ec5cb2cea8b31f8451b17f32982f92a8cd4fcc37d23816c678285f0a2c12f97897aac8fc4d6170a450f86d11efa08930643b027276a5cdcc84f07153c8f0d3a3686d305cf6668fb394c4de912271f0472438dd8e75bcf735520af74a66a49f2da9ae2f66cbd60a273d8ff0c45cb0a276f2effaeafc70fd4c08e2f714a906331f634a02942b438f088adafdf32b8d01259ee22014dad630e66fee851ba4dec2df196ad86ec389a2eb2835ae9a7a26b49c9fb4cfb401d532505bce82efc388f96365cbc9126c9250f373931a6caae12e4a105f29b141751809ffe68de00f673e4dd8b982dc8cd74cf76fd46bdcfed30246bd26b09bf848e7917f30df42f5efcf2b6bb5738229a2a3e3292d297f58ec2f613ad49e64e331a801dd566ad181f5840efcae2ec52ba2524365c0a276aec3b9913ba34d4d3792072706d01ac3b7d3783f62f330b79021dbd1feef5ef688d2a6076375878ad3446f06751cf5e6056c402bac9aa26fe194e25e5f09c8c7ab33257dc633e71c9f780945812226dbc9f85702552e4e67c55b83cbfabdc3b0af4a329558cb404b7c843a42f3acde3d00f4ba8ba501c1dae1734cd4fbd19a347b230a9fa8d5f9fe1844ae179046960153"})
bind$inet(r0, &(0x7f0000001180)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x48, &(0x7f0000000300)='ramfs\x00')

03:41:46 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5423, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2171.662639][ T1119] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2171.670648][ T1119] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2171.682341][ T1119] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2171.690380][ T1119] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2171.731022][ T1166] FAULT_INJECTION: forcing a failure.
[ 2171.731022][ T1166] name failslab, interval 1, probability 0, space 0, times 0
[ 2171.743676][ T1166] CPU: 1 PID: 1166 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2171.752347][ T1166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2171.762407][ T1166] Call Trace:
[ 2171.765691][ T1166]  dump_stack+0x137/0x19d
[ 2171.770020][ T1166]  should_fail+0x23c/0x250
[ 2171.774411][ T1166]  ? create_local_trace_uprobe+0x235/0x3c0
[ 2171.780200][ T1166]  __should_failslab+0x81/0x90
[ 2171.785023][ T1166]  should_failslab+0x5/0x20
[ 2171.789530][ T1166]  __kmalloc_track_caller+0x64/0x340
[ 2171.794811][ T1166]  ? kstrdup+0x4c/0x70
[ 2171.798915][ T1166]  kstrdup+0x31/0x70
[ 2171.802799][ T1166]  create_local_trace_uprobe+0x235/0x3c0
[ 2171.808409][ T1166]  perf_uprobe_init+0xbe/0x140
[ 2171.813231][ T1166]  perf_uprobe_event_init+0xde/0x140
[ 2171.818504][ T1166]  perf_try_init_event+0x21a/0x400
[ 2171.823648][ T1166]  perf_event_alloc+0xa60/0x1790
[ 2171.828578][ T1166]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2171.834221][ T1166]  ? vfs_write+0x50c/0x770
[ 2171.838703][ T1166]  __x64_sys_perf_event_open+0x63/0x70
[ 2171.844145][ T1166]  do_syscall_64+0x4a/0x90
[ 2171.848559][ T1166]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2171.854466][ T1166] RIP: 0033:0x4665d9
[ 2171.858333][ T1166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:41:46 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2171.877938][ T1166] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2171.886320][ T1166] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2171.894299][ T1166] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2171.902271][ T1166] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2171.910233][ T1166] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2171.918177][ T1166] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4c, &(0x7f0000000300)='ramfs\x00')

03:41:46 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_mount_image$nfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x10001, 0x5, &(0x7f00000014c0)=[{&(0x7f00000001c0)="624881e86170ddafc967ce2e00e39d749ef8023999fb6035ae1299e7ccd19922c0f8b30390c39c32a371c91f8729c97dd99770094215593ff26628f3145a936316442f3df2c9c1b7f44e8e1598150d7b78d274a7f75a5b87be14f5daa5abbd288e2f347e0f1c593eee34167b5328bc3d57a0c40c922708bb6c118ca083ed9b03882837b10c38ce07d23e00aff13bdec3828f", 0x92, 0x40}, {&(0x7f0000000280)="d91b51b44dd83bc4d5226ceba7810af3b1f60a8c2df4b38ba1036a5c420b579d89c132d895fdd5be3091b80a18565c8a9bb902b574bf286cf4459bfa149e5234eedf33e60cee97db6701f5aa5d647b8de10419ee8dfaba7c5703725ce2b0cdebe066389ca61040c3c8d5f68d7ce169b83a452d1b8abc138af7006b6fc43daa77366d4ebb57f67b85da85916b34a18a116cea128fbfd25cf1fbea2243cd11e666b9eeb3957ef05cc013ad263f876971be1423759568027b2761e6f4a71721c5d08399a712bcaa3efd16fa3bbf1b2934c2b99336e76176dc67c78536232a58b2ebe9f4928baf6d0e30e6e86425f71a62995e478a51108a12fb7b2012adeafdb8446def1ce87866f170cb793708a8a7bac734ff9918e734f4db3ddf68ed0ece5cd4ec09f860ba7b5c78e624ce651905bc06e8bc578aa4d64852436ad4abb7f7935d7e5544a7b6369a0adf401997cbafd2cd58f97fdcbb06edaf1f151886f0f465ce217b4213b61b2bc09bab62879fd6335bfe55b033dd39fd427248134ff6daee209451d8cb2f1cd92940812784a6544dc7ca030f64e46fd3da8f5bac474b475cda8dbbc33c953b532e14fcfd5021f568523befc9fac3d525e1c32d96ed3c95c288a01f4e08f8b0836389d1c3a4707ff0f3d066371bb0b5ad7797125a716e2ec31b8e8a2c59a85a29dff88a2269c79b22d17213bd0f6447de1873fc41a4185d4356aeb8daed6854b950ee44e1caa1398bcddc83fd98604ada996826d5bfc6bc9d946de0bcc1a7176973eb5a38a6dc42e5d82714c635b75b40690b0d2c8ad12b915c89d6575a13cc0dfa5f7b39dc7df6f8424eba33082a466e31e388dff88ae6b0ace8aaadcdb4f7cbc3d18b00c007fbe717c52c07700869a6ccc30607a493f674bc1d312e4630b3f82ed42b532ca5536589d997074d8b5888cd6fdc7b3c22f8893ba7feea1b537b4a3adb840509abc7d43edea7aa50374fb8ab318758e000efe149b8738c700b0398eeb7babb12cea54efdcecd3ad8c40c3b7b64f44187e11af627611f228e112c3a87fc287d8e12f8402f06a11aec2b054b24c91aceef7aad02dbc025a93cffc108f1c5993bc90d8a1b5879244e43f0e37c1b36e2ebf9ec67090f678395b9439e48f193a4e5f1e8fb7e5628a3c71d37837f30f9227e63ff8f2dcfccba9f76a3c68b26516f3323a534c4f0a4132768e526c8891b712824d9363a66326aa2ac6e1cb73aab1b9088a045aee5ab81c29502a9d209a239790f8e64cfd321bd8cc2ec64e28df0926b21aa4ffd5c7874bcd21c79053b98a8d60b2339b0e3df1e3ebd842562680e897346ecf5c6e23426daa621402a6a50f40bf6fd1196f6b921ba606c62105456940ff7b6344be09e69a66aaa09460b37ca0ab1edbdc6e34fa69969f59e357bfc8b79e7dc2ee1c12a708306fee506c9e2a86fc9d66fd3ceebc9deb0287f336021c76af0e4e3ff3ecb8a206c1225a2cc1f5b87785fcf12bc77c82d46f4744605ecfa865b79dc5bda759e9f466ef015df03ee15531fab170de155fd7077616277bb1b8b45ff2161a0e28aca04bd82deff2293144b80e88a73a97f0190bd9f77b6cdfd3cc95d650417e92f0303f649b5206080da57443dd91bc568436aad6b1cbd64dbe05651733cf7e8e7f3441d2cceed9a1c1d3d4c3cac8732d0cfcf9f2a7364b6d28454011c7cfe9e12276903f25645f1ee82fe2d9da1ae8ce2f38f9ded04fcf650b412f1e5285b22c192c3ca132ed45a5e39a2ee2af06811ccafd71da3371a368af7af045246a07a56f424c17e6ca55778c79be0666989c0158cd6814820e14ee8b21b90aaadb275961a1500e12a65e879a76be0c62cb8b257fa2b70aa145a87da6d551dadcde189b1a1f1522fefaaf92d8267767003bcf9982db072a9771207817c284c60db1daffc422875c3862b91890a05f302fd21c58cc6cac5c673a4985e5d21d59c410497f7c2f27339baae98b9f7283166746b9b7ee846a13e3a49c44671c352c39402bf8d857bed2c9b15dfe23ee0e57f4308b1875e970aa9531f5cce40c272112c509b5a38b4f667b38fd6dff65e8b3c82ae6940be9585ba2c016081762243db824c304f77f53970f6a6366f604376c1b94a18af847e27aca01e67c580e4f2ec8669ddcd9ecc5123dfd0c30d961ae8b53526beb913784a23e67a2ecbbeb391a6489eb09abbae17acb370d659deaf2c27a167d430f78777103681f9f7715d9f2ba6ca2158c1a435b6b64b24918b5b13e4901c88231a969088aaeb3673155e9558322e2c7c9f2b95797359ba764a5397202ec7e68dac6ba7a824a7f3fc7aefe8f340c8abe5f8d8f0689293ff20d6bcf1e858b8ccc43db666b93ea7a91f1570048c40ea0a3ac55736b71d3d37da99916e69d17558bcfdfddc50a457316b283e01461f25927c8c1c19e9a876b3711ac1abfd85d5cf9deaf6546e1e808c12a953c48f546bdd6c43b5df3bda8c823bd9bb601df647b474b92561552d5a8116c6b2b7b2b8a1320cf3a1abf6993b3b8403cc209e73b83aac9d3ef6c48795a34762973664b3d339e522176aa069d869b0c9ec503255d580a32a589b1ba8a9c18a6cd0955582c32966f3c19aa5e490e033995f889094b796d130df476dd0ecd61b4190ad59840a727c48dc14fc2d0163fe0ef5c4ffe1f243b8532174b65bc1426d92dbfd45d2a35d01a2ac4dd20d0c209a685ab614abf220a611698304c2196d6d76f469bfcae26a6db690e5556438d42b878be008483a8338eb3800adc925beb402e6f14a8780719ae472c1637c36e13c701b40fe68e5b1584651e28d8d41d41092ef5dec011ccd928f5d2f0e1cb73a833bdaba38fbefeac6b3e5f419849fd2f3fe2c7ef41fb6d53aefa651fd6b0d3dc0f6ab32fabb6a2990a3fe4bfe16f6097c4775de4def0f12736194a5a9545e7599a6edd4b8131d14f87ba7d197a2ca5adfd30dc7d37f8524f89963c891c1de1921cee3914e9f9b73ade51b6e3bc44b5660178c4c0efa7185359d8102263d93fa6c362946e38043c386f59200fb775bcd22b2a09b0d9d918dfe676acd2726311b211cbe029eada6d3548819bc8354070391f808855cdfcd4be14a461f394fe6aaf9c889d8f9db52058404461890409aabe98a1ce4123675b6226480b17307849c09079a061f126e0d1d068c1be50a6f325b2b590e81c713caaa3136b974208d61abcc84d8b6a5cee10a49f5176eb5c5d64ff43f66fb23062aaf1ee99d1256bc796c846d964f6a7772d238ccf6f5549c7965fff8f251204de6b5acbce7f375c967233df2726322bfacfd69b602c32ae0711eed6a7d2824f18a58ad5ae2ac232405339b342abe1b34f9dd1dfbb9f6eb43f5dfd385954af0d1a7674f9011087600d0592d372ac0c7341e237494468abce0db5c046d8ef9b7b929e69d5f3369d3e00c960e02d2f0e21e35b757028576d1e7bc87f1b2138562d60dc71623bfa113353a9df180981914769f7bc192b3f0262602eb8976e35d044ecf4d6118434592a498badf4f1cc6057a2e0944d8370c3549f12ee405e0d9c3706fb0ca535f29f22a0a9bb5e26eba74e7b9dc14b53b7b8d8dfbd7a03643a2980f3c989b2e4a7ca68af05ddbd548ae35a63e15e71e97673715717c5375b81dd0db125745f92f732c35d8e98140f75a37d2a62c078f4a75354adafa139adf7480f0513b5a99c41e7a6464acf8a7a378180eb73d3ea174674cf618045f19294a74f06ee9846ff824042804ec8a057f50b419624b659b8f27fe807c17cf0c851acfdaa880b8193d9ae8327a8249d826a117cbb1a48d6ff7d5342dc0e0a4d6d651760716cf1b1f934755ea098a6a8300b320d684f2e2845e84ed6a9652293d8f938b9aab3dfdc3b9f18420923915cf5963a0c8d4c4e06114baa15fc64a5a7a5cba589278957412005d3e506a0eece7a48d8097c4f7ca86d6b431f5bc02a33a3e4d87c0c9042234ee8a623886c460792f1ff59e9340dfb3bf8b1752747a7abfe77f23ebc9a39699919fecd31e79165995ca8bdef918e360df39e25e90044390c1be6e027cd863c0036a0296f5a67fec50844361fa9a3072077ae451b458ec5fa2c67f42bdd627dbb4cb24c5639c71f56993c2e7c3a7b67b654cc17d8e03e47d579f9e9bcf0f084d8f04f166a4b90a4270a8d97bd71136badd687b5a5067ecc7004a92a1235eff701c1bfa3a615b15cf95f18670e534cad4167f8b4bc9dd1000cdf084c83dd483f38cd584bec4c48954fd56c8a9bd20d1434d76d2607c96a6a4c9101cc9ae722413cbe79baef6d54d2d6b3fd88d49cf97f988d145fbd85cc0006c07648e5edb1b8a28eaea6b93ae823c5452c3273c8a97d62414b16524103a43d6346dc4ecf55922f9512faf0d53ca9785ecf952f50d7bcda6c6e9dd02037ef733583afa8ec36c438ad164ecf945e6b14a36a528de918d9e3c91f8fd6e95dcc28fe9937ffa95c97beeae04d5af8f2d350dd86dbe57a5f4bf43ebe09641b61229133a6fd53e08a0e5ee918299670f43dbd78f7144c8d69e52c2c44ecb61b754e9b7f0982bb631abfad958cddf07490e8f3f19584adf620074d86811133ec1753e190ae2f45969a4c3f91aa8903754e39051820ae714a26f121a8b5501d593d00f6ecd30702976390fde36a84ce2c66fcd45e1dccd6e3ce11be9ff155c8e9aab247fe146ef5d65ef2b41debb4e8643e0c1b38ddde8804060790e165480bdbceb11cfdfed6f64394d51c7a934439e39e093a677fc4289cc566ddd9ab0f6fa67ce2651dd7f72e7691f7c2ae41753ecefea2385b4f0fff2594a42f7bbc721ef9d8025fed2f66f2c00c57b299eca7ec1cf0e0ce2848727c0d949890605007950294e15b431c33661ee3e865e2fbffe0f5810a7f39e1869ed2169801fd1f0129eaaa0059a4591ee1c2b97a2bdc55b4472e1a4a56dfa5292c6e7a4b275beaa8138f4a8b156bf5b1620073db43ffd2d74afafb6dfd2dcf1a59c0fe5090fba9737931cd13b2fef1ed9f61cf0fe160cf2f9badfd640b7484807815f3017785990f9b4cf8d6f17d883002c6eadfe36e43976b8a369401505512c24283905abcd29852c9644aeb238551bbd0334ed4e93d419444711e9689788aa8f357c9bc79909b1da45deaaa4c341abb4addf21557948a7cb489539662a6bc8427f63a84d70e0f0b0adef572ae9424edb0de3722de1275bcf72d9d578c1f932f9c4d6ea90da03ee8ffc13e5414f49741c19fb42da35b50dcd1ac0d402ae83b944ddbbe44d470dc1028e5043002e99a72c5a65f35284bdea58855beb3b406d6f80a9cad334b5c3c9da4fa4338e007a4c288f6292607a9359116529b589c37db3bb15c680a01f936f2bc1d8c91941b12fad3df5d49b9254ff47d7f8a9caa134e6b0956fb2c265d754b10fc88d314f73ff392c5a0a7045389842c35ecd88702362622de3866648f778372ee2834bf8faab96c8eb321f545d61da0f269530bc1f69bd2c164f78a494a9ac15567fb79807b220c9455bd170e6ec774912238b8090afe896c8c9216ad5d741766c141bad1ac92d32aaa58709bf6633906ea3e408d2c28f3b87f2898262e517bb84a9b565315e6b47159e93c41ea2286f90ba5c3e92d2407287d9dc8b2bb0759b4112b281216b236459e6c9649bf9b0ecb1d5f7f02e8b00779c5daf1aa5ad87d9aa59bd32af9a704525f471fe338599e95c86b816273b257219699861f3e3835f7bdee74dfadea1fa9b24af5f1ea2c83b69cc6831aa9f5117bd14a58ba4f2a9e7dc92ee5b90501147382c781daa493555b4368884e239", 0x1000, 0x1ff}, {&(0x7f0000001280)="ea74b58ce48644699fe2228394bda727ee0db4603c9d96bb7bd2fbedb78bf17dac4a56854e961686ae2a2d5b6b9d4f8983560dc8ffa0891251e1bdb462699abb05b92afc0e80bd1e9694ffad5be18e7aabb782196dd93ef167375672b08eebfc773e20db39238fc6c328d6855d9ba62d29a5ec413e10c094e8e2dd389d76f8e80619347d9dea477f2094dc52", 0x8c, 0xb1c}, {&(0x7f0000001340)="64ea860ca656a9544ba7a043dcbe393f0999e3eaca3fd775751f61af221bb764a95e462fb5ce75edc381acce9dd6028a435521b4f39f4e6ec0fe43347d8c6b073ebb5ddee86bbc212130", 0x4a, 0x3}, {&(0x7f00000013c0)="f9b60b10986375fd7804d218d35ccb10fadc1a6ce13be78498d989423603d10ac94a7040495b74d7d6b6a0fe790a9842592f2082421603e86800b826f6116b4bd3b04f6d8d41b6d2c8755514f7b93546acf560ec9232c04f5e5211875d3bffdab66c5b5102edfbab5d1ad3429a2071e2eb011cfa48a4d318bc5c2f027b14186f07dc9a57aad01269fa220d6fddfba3e1bbdc12a17a1a0648bc84a95c8548f03189d943b44d1e8aed42fa2aa5b50e4dd2dd48e9b64628fc746d651ef05456e67896942b94b0150f88dc164328e491fccf4420d5734ca1bc", 0xd7, 0x7}], 0x84400, &(0x7f0000001540)={[{'ramfs\x00'}], [{@smackfstransmute={'smackfstransmute', 0x3d, '^'}}, {@audit}, {@audit}, {@fsmagic}, {@subj_type={'subj_type', 0x3d, 'ramfs\x00'}}, {@measure}, {@audit}]})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x2c)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x60, &(0x7f0000000300)='ramfs\x00')

[ 2172.018319][ T1182] devpts: called with bogus options
03:41:46 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x68, &(0x7f0000000300)='ramfs\x00')

[ 2172.363450][ T1163] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2172.371447][ T1163] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2172.382968][ T1163] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2172.391038][ T1163] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:47 executing program 4 (fault-call:1 fault-nth:11):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:47 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5424, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:47 executing program 2:
prctl$PR_MCE_KILL(0x21, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000540), 0xc080, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@empty}, 0x0, @in=@dev}}, &(0x7f0000000480)=0xe8)
quotactl(0x2, &(0x7f00000000c0)='./file0\x00', r2, &(0x7f0000000280)="2058a0b1bd6291c5f5f9323460baa5084470880a478de421d80a3c7cf5a513889a0c3f75e6b7953c246cc95e8796d2d05f262164da82cd249f8e054bfb07ca108f3f18aad3ebd9d8870f35c18f15447992be7312298fe50a6d0c186a90cb1292715c25d202826b97f816b6b945f3fb2527b436cb6c687248971127b6762025e8385d2e95d8dfceea9e453f010b001a361f620721c3936cf75bd0e848eab6d58f4ba2980daab9d3511d60f0e5001c4c46e3c9c6af54ec4bb94db6b2c2f7ee30e692044912c0b0afbc9b51a252")
sendto$inet6(0xffffffffffffffff, &(0x7f0000000380)="2f5e86457a48af2c558285d59f0158d8412d3c923644e4a2941831d6535710fd3d3b6cd021f353b2a4971bdec08d0482e9e4a23bc7223078ab746da15d596e2fac648dbedba03b990523a8500314f1c114cf2f56bf9edd4a3f3128d58580e0a1353e36d0496abf64be0aa35066b692eeb4fbbff006a1ab647e843b4765c8c6088a056b59714cf3b9bf1ef0d29ca0cc67c9e2dd9aefad5bff886fdebc99e511621760c63dc0472518b76e856d903ce54073d34f", 0xb3, 0x20000001, &(0x7f0000000440)={0xa, 0x4e21, 0x91, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xaae}, 0x1c)
prctl$PR_MCE_KILL(0x21, 0x0, 0x0)

03:41:47 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6c, &(0x7f0000000300)='ramfs\x00')

[ 2172.565297][ T1163] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2172.573298][ T1163] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2172.584522][ T1163] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2172.592496][ T1163] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2172.656996][ T1208] FAULT_INJECTION: forcing a failure.
[ 2172.656996][ T1208] name failslab, interval 1, probability 0, space 0, times 0
[ 2172.669605][ T1208] CPU: 1 PID: 1208 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2172.678374][ T1208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2172.688415][ T1208] Call Trace:
[ 2172.691705][ T1208]  dump_stack+0x137/0x19d
[ 2172.696029][ T1208]  should_fail+0x23c/0x250
[ 2172.700445][ T1208]  ? traceprobe_set_print_fmt+0x45/0xa0
[ 2172.705980][ T1208]  __should_failslab+0x81/0x90
[ 2172.710903][ T1208]  should_failslab+0x5/0x20
[ 2172.715397][ T1208]  __kmalloc+0x66/0x340
[ 2172.719562][ T1208]  ? __kmalloc_track_caller+0x23b/0x340
[ 2172.725135][ T1208]  traceprobe_set_print_fmt+0x45/0xa0
[ 2172.730534][ T1208]  create_local_trace_uprobe+0x2eb/0x3c0
[ 2172.736151][ T1208]  perf_uprobe_init+0xbe/0x140
[ 2172.740935][ T1208]  perf_uprobe_event_init+0xde/0x140
[ 2172.746206][ T1208]  perf_try_init_event+0x21a/0x400
[ 2172.751340][ T1208]  perf_event_alloc+0xa60/0x1790
03:41:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='mqueue\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2172.756270][ T1208]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2172.761884][ T1208]  ? vfs_write+0x50c/0x770
[ 2172.766299][ T1208]  __x64_sys_perf_event_open+0x63/0x70
[ 2172.771744][ T1208]  do_syscall_64+0x4a/0x90
[ 2172.776267][ T1208]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2172.782166][ T1208] RIP: 0033:0x4665d9
[ 2172.786047][ T1208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:41:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='cpuset\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x10a42, 0x40)

03:41:47 executing program 4 (fault-call:1 fault-nth:12):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x74, &(0x7f0000000300)='ramfs\x00')

[ 2172.805649][ T1208] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2172.814044][ T1208] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2172.822001][ T1208] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2172.829953][ T1208] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2172.837916][ T1208] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2172.845872][ T1208] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2172.905202][ T1227] new mount options do not match the existing superblock, will be ignored
[ 2172.922489][ T1227] new mount options do not match the existing superblock, will be ignored
[ 2172.922660][ T1228] FAULT_INJECTION: forcing a failure.
[ 2172.922660][ T1228] name failslab, interval 1, probability 0, space 0, times 0
[ 2172.943678][ T1228] CPU: 0 PID: 1228 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2172.952531][ T1228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2172.962566][ T1228] Call Trace:
[ 2172.965848][ T1228]  dump_stack+0x137/0x19d
[ 2172.970168][ T1228]  should_fail+0x23c/0x250
[ 2172.974575][ T1228]  __should_failslab+0x81/0x90
[ 2172.979397][ T1228]  ? __uprobe_register+0xf8/0x8a0
[ 2172.984500][ T1228]  should_failslab+0x5/0x20
[ 2172.988982][ T1228]  kmem_cache_alloc_trace+0x49/0x310
[ 2172.994251][ T1228]  __uprobe_register+0xf8/0x8a0
[ 2172.999154][ T1228]  ? _find_next_bit+0x188/0x190
[ 2173.003992][ T1228]  uprobe_register_refctr+0x29/0x40
[ 2173.009204][ T1228]  probe_event_enable+0x2be/0x7d0
[ 2173.014309][ T1228]  ? __uprobe_trace_func+0x430/0x430
[ 2173.019587][ T1228]  trace_uprobe_register+0x88/0x410
[ 2173.024781][ T1228]  perf_trace_event_init+0x34e/0x790
[ 2173.030311][ T1228]  perf_uprobe_init+0xf5/0x140
[ 2173.035066][ T1228]  perf_uprobe_event_init+0xde/0x140
[ 2173.040362][ T1228]  perf_try_init_event+0x21a/0x400
[ 2173.045516][ T1228]  perf_event_alloc+0xa60/0x1790
[ 2173.050532][ T1228]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2173.056164][ T1228]  ? vfs_write+0x50c/0x770
[ 2173.060594][ T1228]  __x64_sys_perf_event_open+0x63/0x70
[ 2173.066042][ T1228]  do_syscall_64+0x4a/0x90
[ 2173.070487][ T1228]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2173.076387][ T1228] RIP: 0033:0x4665d9
[ 2173.080287][ T1228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:41:47 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7a, &(0x7f0000000300)='ramfs\x00')

03:41:47 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5425, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')

03:41:47 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file2\x00')

03:41:48 executing program 2:
ptrace$setopts(0x4200, 0x0, 0x8, 0x100055)
tkill(0x0, 0x40)
ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000c80)={0x0, <r0=>0x0}, &(0x7f0000000cc0)=0xc)
getgroups(0x8, &(0x7f0000000d00)=[0xee01, 0xee01, 0x0, 0xee00, 0x0, <r1=>0x0, 0xee01, 0xffffffffffffffff])
r2 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000d40)='cgroup.procs\x00', 0x2, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000d80), 0x40000, 0x0)
accept$inet(0xffffffffffffffff, &(0x7f0000000dc0)={0x2, 0x0, @empty}, &(0x7f0000000e00)=0x10)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000e40)={<r3=>0xffffffffffffffff, 0x1, 0x81, 0x800})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
r7 = dup(r6)
syz_io_uring_submit(r4, r5, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r7, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$unix(r7, &(0x7f0000001000)={&(0x7f0000000140)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f00000001c0)="2243c536c9a16af3a13f14a89752fca452897d4c033dfe4c08577b238d809ccee7fe0b47b1829f289a04b7f946e77ac5a3b36ae96a8a83dab7d6cd1d7f8b13016a3df115c0edadd8a8c88f58e8e3", 0x4e}, {&(0x7f0000000240)="0be7bf42081d1b47afed837df95ba4b7", 0x10}, {&(0x7f0000000280)="3a95644c7290246b038d190b8b9fe866b98f2d44698122ebd924b4044a0cfebf63e156f9c6351663e6401638cf5681a215cc88b99ac1cbbb02048a782a3fa3070373898cb3ffc83e5d29180c8de72cb6ecd7ebddebf6afbada4f549d9da741f476550d7e3b6f47b325770e7ab629c581c59e68aa090243477e9ceb6b6dce6d2bc8c9", 0x82}, {&(0x7f0000000340)="3fd496aef95f8c4765d17a2a5d93dd8d6d1821f9c30555d121ca6d52bd6816e0e008eb0ed1b277e82c5e850bf32a145feb161d73998b2f2fc77e5e39c221ef011f715f821504fa79645f7a40a4f5ab19f836e79b0aa5c64d7382523e720f95d659c88077797c0fb9f29792dabf247690a83676512f3cb316b50ce9f4c8ffaa19851a64e4bbe10cf745539fa6fd2b2038bf98ff0dba517cdcb6ddd710af6f10ffe17214a5e11102b00061c52317c631023a8526aadbc059d34c1f6473", 0xbc}, {&(0x7f0000000400)="c946cee745a89ff06875a45f14d3e6f0eeef3a013566a6b4fba28e156f8411e231dc3472442d664c031b9b58b776b6e581847b24e1897fc6804c0f26f3aa2fc5598ee2d697f68e09e88bea169a8c65387dfc99bc36c183480008fb2dce4f6dcb26e1723ecc076fcedbe1732dbf798280bd53c3e2d276597b5708d3d6a92477e321cadb4b34bf6eca6f69685d299b771be643623d6199ac21dc75671b44cc66965e2c6099be14a1ed80257540a58be09870f104e8c418c79f537f28603344b3c5b6a4", 0xc2}, {&(0x7f0000000500)="4dd48f3c94010f27f214070295a9a8e5808ac90b028c05224626c525efb9dee78780f53046a04761948a27e7ccfff29fb9e37c40a21521b3d0f06ef991926d094ed2d064ba0c626d91498872b7ca4be0a04d572564f8dff5781f5981125b3d6b4f713254e40947a49cc97b6354c80d97f832b05801dbfe3a0d6f7d1b97e86264f7c14f1c02ef24f37b63c9862449e5da216fb9498c92ee8923181938453af7e64ece10302cbfe805b92c58c2d69c4d8e20a40c761dd5e982ccf7bef00506e859e0f110a41c89987412", 0xc9}, {&(0x7f0000000600)="64125ae8202adc99dd9531262f8d335abbd91136c025f387aeef9179d7a9f303774d5a5cc469730e4a93c8fe0ea1c17879dd13ba7690afccb10434545e5912b1ccc2c566547d0356bbf23bd148e2162774f42bbde97b042d6a7dcda917f23fbe5bd655e88c4ece68b299deb971296181af4c766b1cc99c6ed734efe1d74780172f08e39d4601e98671a4012a6d3c630d8c1bae07c2ad449c79039fdd20995718191268f8bccb4de931bb1af714acc85dd6686deea9fae3b1b9c7fe16013e72b8a0bd933d2451949c3c676252343e2d0f550b8e8e7a12d82feeeca6c17014070972236f5d8d", 0xe5}, {&(0x7f0000000700)="be412e6d169c5e35f649e07bf46da82711758c5f39b278436b29e872d9a6725cb3437c42a3d8280ec73aa951762a136784f330be8c670a2ff47810d3b90926fc83dcbde0e7a3d0d576b51a61cc92455481785241808e5e143b5baf8913f1e7b89f87ae59cb417add8d18f684d51fec6cbf181cd74963c95989b155c56a0a58799486c1990fad516b1ff494698a79cef3def33e699a099a528597108f33bb1c1b97376834959dfd2568fcd13171d53e7e8880", 0xb2}], 0x8, &(0x7f0000000880)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, r1}}}, @rights={{0x10}}], 0x130, 0x40000}, 0x4085)
mkdir(&(0x7f0000000840)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x240, 0x0)

[ 2173.099879][ T1228] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2173.108274][ T1228] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2173.116267][ T1228] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2173.124240][ T1228] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2173.132199][ T1228] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2173.140159][ T1228] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:48 executing program 2:
mount(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f0000018ffa)='ramfs\x00', 0x425db0d17d489e49, 0x0)
open(&(0x7f0000000140)='./file1\x00', 0x99883, 0x1d8)
creat(&(0x7f0000000200)='./file0\x00', 0x153)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x162)
pivot_root(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00')
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:48 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x300, &(0x7f0000000300)='ramfs\x00')

03:41:48 executing program 4 (fault-call:1 fault-nth:13):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:48 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, 0x0, 0x0, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5427, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:48 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x102)
setxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:cert_t:s0\x00', 0x1c, 0x1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x1000088, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2173.547720][ T1261] devpts: called with bogus options
[ 2173.567895][ T1261] devpts: called with bogus options
[ 2173.604104][ T1260] FAULT_INJECTION: forcing a failure.
[ 2173.604104][ T1260] name failslab, interval 1, probability 0, space 0, times 0
[ 2173.616712][ T1260] CPU: 0 PID: 1260 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2173.625363][ T1260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2173.635401][ T1260] Call Trace:
[ 2173.638658][ T1260]  dump_stack+0x137/0x19d
[ 2173.643032][ T1260]  should_fail+0x23c/0x250
[ 2173.647432][ T1260]  __should_failslab+0x81/0x90
[ 2173.652171][ T1260]  ? register_for_each_vma+0x372/0x890
[ 2173.657610][ T1260]  should_failslab+0x5/0x20
[ 2173.662163][ T1260]  kmem_cache_alloc_trace+0x49/0x310
[ 2173.667433][ T1260]  ? percpu_down_write+0x1ed/0x220
[ 2173.672524][ T1260]  register_for_each_vma+0x372/0x890
[ 2173.677833][ T1260]  __uprobe_register+0x3f4/0x8a0
[ 2173.682758][ T1260]  uprobe_register_refctr+0x29/0x40
[ 2173.687930][ T1260]  probe_event_enable+0x2be/0x7d0
[ 2173.693038][ T1260]  ? __uprobe_trace_func+0x430/0x430
[ 2173.698363][ T1260]  trace_uprobe_register+0x88/0x410
[ 2173.703592][ T1260]  perf_trace_event_init+0x34e/0x790
[ 2173.708851][ T1260]  perf_uprobe_init+0xf5/0x140
[ 2173.713594][ T1260]  perf_uprobe_event_init+0xde/0x140
[ 2173.718851][ T1260]  perf_try_init_event+0x21a/0x400
[ 2173.723984][ T1260]  perf_event_alloc+0xa60/0x1790
[ 2173.728892][ T1260]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2173.734508][ T1260]  ? vfs_write+0x50c/0x770
[ 2173.738996][ T1260]  __x64_sys_perf_event_open+0x63/0x70
[ 2173.744426][ T1260]  do_syscall_64+0x4a/0x90
[ 2173.748830][ T1260]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2173.754712][ T1260] RIP: 0033:0x4665d9
[ 2173.758575][ T1260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2173.778425][ T1260] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2173.786810][ T1260] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2173.794760][ T1260] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2173.802828][ T1260] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2173.810793][ T1260] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2173.818741][ T1260] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:48 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5428, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:48 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x500, &(0x7f0000000300)='ramfs\x00')

03:41:48 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x2000, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:49 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r0 = syz_mount_image$nfs4(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0xffffffffffff1138, 0x5, &(0x7f00000014c0)=[{&(0x7f00000001c0)="75b6c03878c17688db9278c06a2163780125a65db88e4b996ac127810fcf19a303ded5150ebe67553e4385663d6c3477428dc4de23790b98d44e9303e043553a7205882d624a7715a996f0a28df79665b3dd5f50fec873805a2926aeef683804bfe8b57f", 0x64, 0x56}, {&(0x7f0000000240)="d37d08bee227d5e920b980f992e4978e1d9c2b90ba9086f4fa8772db607cef91c2a5f3c1f80c8a8c62d6ca849224dbfc99e9144b6c9bfeab822f16270c6601bcda35cc367d689f6500ce2b08b4fa4723871684192c212c8bebab153fda22c982d6d14a521c3ab40fef0511958a0e5f67fb5582cae693547c8e81c316a1299e63d2f1", 0x82, 0x5}, {&(0x7f0000000300)="441102a86367b095cd9a46fb6f7a0efcaaba1d14c3c064bdb79c2cc1aca268aacad1aec57f23c803fb0c692d75542817c29e60aca07dd61a3a7edf4943f9bfb7f48cd49a28d45d68f34b8d87981c77a1dfad90476835419bc6912b3b021e0cf77ff3c4a8dfbd3d9bad4d741925b4a816fd025800574157e8c41c678ec3b2defa67280d80ae660d15c1b0691a808908635b303bdd176b2d410c24621b0ad6c34917367809b261d13bc03f3751fe13e4ad72f790f126f56f8b6431e1471012673c697006d8c1be4b49db9be13647f2f986dff45cf0ae0f9934c76fcbe75f158a6f1009e44c7a5ff7dac8e36a244d48d369f8b0656c972fdf5af9c5b170af271c135a84704e0afda679629c83dedf61618511a5059aa583df751a6ce023ccc1b29440fb40a1ebafcf99e67f868d7a59e575abfb1f40aee034dc010fa3c8345ded3180a4ad2f15beb3ea09f38f8f66579a01ef40772630e4870bc9b8ac5a08c92301e7947b4d594ff9f3ff3c47ec747adf82805a853c6949dfa013ae721b77de42f3af67c37f826711718bc7fa3ca3d1704650a56c93e7ecd3418d043d2ef8a30213fb2f7fcee1f7ae837c7e2aeb486d213b5fc1cd69ac3f5968a0741c97a2fcdc582ecc20b69f155da88f231a96c73e6c35938a0597604492c952997e080c3113b306d88740883c2c365f57295c6e530f11e2ec69613c0c229cce89db76aedaaaaa347c438a4893c8c96e45324c6e5baa4b298290d650c6d7db46981aeb7d446230b01a5a00e2c90bf6fa3399015057ac5da97fd6626a6d85a1e4389cc0418a48eb8740862e9f16db8a5eccf5371cb0eb6ef59746d7cd7991a4fe36d2b603a407df13f2e8da8de17a54a50fb41cd516c5cdbc04a93f0ebd0cb0902cfdf38fdc24a9532f200560324ddaac7cdce76f9ff60491101463fd58814cef6b113d36638964d2253f95674454c78c1a8bd64a6f44e1c08c76e70422927514a7ba2c095464a02e236aad26e9da06b5158e424b4a13d95a86cd77f8f7fe22c4f6b2dd49a539d35ea00ab4fd6d5a5379bbb4fe9114956ee341b59eabb57e385ac2733332329c26485bf61cc30d47e3dc06dbda8993881ca1c56e697fb81e2dfa4f8d425ed59714bc305b52959c10b37727cf61de77ca41240c0a080f7bfdd265c51bf816dac7bd668ecc50c261484e844e5dea0815f4419becad1e5e7f70d54f0f3ca55f39c445f365e550d473f3f3408114b118652a1884198d8d5e6c5794c1863380dd87aa06c8fda595eede57f33016b9774d7452d0a5736fcee5940e4ee9504411445dd176a93f3f2922b1438a3f7ffa7795d06579a54a4b7079ee501d80397494a06d712b763cd9d037fe1692b15b942ea6e9d7e5fbb45fd3f6058aeeb5273006208d3ec3411d064fde09688ae9bf3356afbaeb8978ca33f1a0d1afe757b7eaada19427909e621097965938fab784adbba0536dfbe716c4a25c1c76e857f89d7ed765ebb7e9c17b0e7fdd61ae5014e65481ca0b2a9ec2c7bb972765624df530db93f22ad119ab4c93453cb25d2a8e22894b25eca9a9d0ef085ce5fe16d760c40bc4b2bf28bedf76f6b22748de1b815bab000984edc7833b3517ac4f3a8c5b6d92f67b95db32de196f57696251c85a8783d88ae554869f5f1002747f3b2cccd7fb019660d9102ca10fe5c01e6c1adf8761c230ccc60eef170ca3b35542c11136fe1c9cb0786b8d24d951f342f52c345549ab653a2d30207be78d43aea6bfae4f230bcb932a141bb9c00544e0376b910fa0a51692d0d3558104a8605658f5fafd69b9381fbeaeb85f9b36f4983b02e38e341ce576e81d144a15ba28cf4da271b0b61005f49c1f52c3ea8c37232bfde63be8c8ea3f463db63973057dff25a403f130f9ba9d69cba876c529f17bdf1e01f3c2ef28610e12cf4af849c3750c1f9dc255bbe84c35049fedb216a4c8da1cb33b4e9e4dcf61ed2c48f6afd154432ea8c4b980981d411e23d6d0d22760c6625bbc4b0ac0bcb9e73de729eb543cc817e3539e5e9f474ce352f022724bc2048989b6e010f6d7fbc5be4bff8f55966e7b5784e69a8675bf2cf440ec8096a696c3d6c34f6346b53491f81b8345a888037c60b533d1566b032ad6b56ac5e537dfbd78269c985d9b389d84ea9e541392ca87b0a254fd778d3b10127fa3b5ebeb95d7ef72923a1eb1c408fa29d9898611187477782ea18e11ed25f6e48113d0bb80a837a057a0e7eaf0507e25b9f01625d8532eec5b7606ad80644406187d6e08e9e4d759a0eae5441634ff9a1797d9d9d39708ae945617b8ff702366e05182be2d91cc5962a929e3344bc84249cf8c8d20d3b93112b48a04b823693ac7d4107fa55714fc45838cc3bb04e5df6df8378aadbc92364f3d3591d66534d02c669db26656396c9ec34a49f11cd25b4d0770619a654e947b93d01e95db3cb4fe26d834b1efd70284ef1f743d43672a5798d0d033f13068b9caf922e713ab6872eca8fa505e03e38dbdb6aaf2a38ae7b8df452063ab94742832f836ac653f93cf5f7380ada90f116584ca3d9c2b271f22560b2eaca70eee8f2eea971d522dd37acccc7c3e4dcac12394dcbb420da0de72c5c2767a2ff85aac223312ff0c093f2bfdd14e916a63ce927209d781d6e648ae79d3c6fde4e14112d90aa3f2cf949ad00b3014dbb7253dcb7acdffd613bb38200820cf609f428369689dc603860eb3ce80f2b88b060ea2fafcf3d1426f5cdc4045d33524a84944f60021f68e647bab085f7317a9afaf5426779e43a4a6af2c19efdbaad103188e2887107f4d910a8572f2cf4b7e4ea09c33c862310cc2233263cf7a1b625ab491831d0d6192601938fc7ff997338eae7c737987b30a25fbd553c728701133b1a2412c05028d4493ac5903a149aaec6274841e0af4fc6ab03e2325f5e1fc052df5acebfa8969906b139fb9fda2f1826a5d51d5e31f29166db0192354d0f89f02fd927900e0e619c30ba457fca133f35594f30abe6bb083f7a8933f909bd5410db7cc090045e7935689fe9a64699eed56747b318bceabedf86e24571d4889532f53de5a8cbb24cdf83d4cf1c4a177973f9a2351538e1682abc8a4e5a6ca0bb9f36a1901aa743587757559af4dbc1afb01ea2fdb44382a8eff9242e23847aeb25e44ab3d309eb4c80d8f7e9cad083b9d5d7b37526a44cb16d35454ff7ff01e387fb251becd1b5476fdeb06734f1f737656f9150fe0c965783f8731330aa653c5c4febaa80b5d183ef5273bf0798fc74aa050658c75f61f60a0e1b4c9653caef881dd08553d9fcf381eaf65fb59a7d1d307b2e5cc5f38ccd1bac3ac708a309322eb23274af8cb33d57ee09dc21da52ffc828fba4924f28371007ceaea785f4dc8677dc7ec416ad1ef17c60706bf3e44e453723c96479c710fb378e009c81011acdbe5a265c8a820d9c0723af1d45c96531453e8bb16cec9c5ab6b020e673ed06ff2ecbc5664529a20c1d7c6753337356e8885dc23d82b4b1ccf24ee2d764aa0fc3d14c4397e3707bf28d09e72f614fed3ef2abf793d06b26f012e989f6b0ea77e21c7e4d5186ecad9c9a1d447b70af72cdb7aaf4490108bb1523d30daa973c8bdbb4cf936056f2de12348e7a44bb4560319eb7559ebb004c86b0f17179a4b93dfd9c8d7760cc38829e612d38414e48a4f95b5a66a864962f36b827edf16bb0185648acff22df199e60ab643a507bdbf429f5e9daefd02f02eaad1a8c5322ed8e09ec4bcc04bb236171e597f8c33234baf3dec9bd1e03dd4822d3aecfde7bb4372daff5d3720b02cdc235332deabba927c092dbb8684f2bf8e89d9968fc2ccfb9850a6cde89bfce78cd150c3feaf9b322504e6f67bc214d691c85416571009784226558fdc68bfbfa1a5cebe52971438f770b8454f072a24ff2d4d27bcbb7f672d27ce844b3462d3aaac4d1f5d40e2a6e718441837632ff076a26e877b12c3c4ea97f57b5ab9c6970026aced7e96c46fc9a7ea283e6e30fd2d73662b1febf967b448c528a6f79f791157eaabc520d6e8f05b101a42bad7d95b7d3b115274331c0a01e6747486dac05fde71f6ceff8a32587e7999b0bb9369d96e3bea4e4c5b8284405906a90c1641e656e6c22155fa797931045132b76b13d6f9d223e5c8e21ccd8d4541d871b075f331923645a4b88f4b24c0cbbc6fed82e6a0cfc3bc0f3fdd7da03178b352b7c73d6e269bb334f1c97e280bf0f2da1f6de809bb3a3b5efd6499a2ccd238e59303ee58d05bd59655eeccb462ecd678d9cf731a86d78763a8c113dc131e0ef72803e472683efb1852d37b810f8a9a1afd287f16af5b879c105298d4d59a7d8afe4fb14d69e4bab347324c707318538604e2672515da63c937c0acde6c24a67575ef25fd12d92134eacd56de073e66ada90f7a40f08a17d4c8540ab73fe633b085b1a3fc5282c95d6b60f784b12b0484118c129c0f4c9f41c847eda578b09e1fe9748d2255e03502a25e9c6fb6b2f25a11deadf66dfe5c6de8d95241087a5df63f95fae9cc5638c95331b18234b0c722d3a3e075b0724d01a63df4d5f4b2f9ae09d48c9de375ca7ace817cdb3ddf76b542e6710f16eccee20dd26743e5cc3ba411378c4188486e5faaada2853e9db375b916312844cd4291d9c7c8cb12990c87a5b6f2c64c648341f524cb41989aa200b7b78dbe08f800c814eb24224ef82696028af9d0d9ae0b23ce36567ecb505d91618f180564c0f5c42c8958a2ff50811346a58835e3687178012e316523bb2bd199751d7325ce95a19b18f525635373c88154bcc75f4dcaf97ab06d4ecf764962a0fb531284ce958c2155f7ecff0be4ca1b12b2bf898ee263b191efd8cdb71ece1c16e7f44d75cc2f6957a662985caa92d4233697a2331e3355d835635c4b3434cf9a1335fb1fcb6be65d3398f6a837a2e23282526b7e72d733febc6d6fa46e8c17e242c88831c225fd52c2d6e2e7ec8cf6293c58d23842c85c86036b941883a6b8e7305e646e10507b773ae8c6170f63ebad47c45f8a71fb2024ec8897ce09fa098c57c2890973c31f73c4fcb94cec5ac7f425b45abc2cf1919213301240d24504ea93b50b150c088767d923510335f1954fe8e8613a564ab2f83ebb8ed5c95be2b9c00e0d6bcb1a39150b448332b354d57ee785b121e7e774179905b0fd6e71f1006a6b23e7e9db4c138443e94d0148b15149bdf63e81dcbe6ec66a055391e9ad8337c89aed571a245e6f5bfc742c94be4214facd6ea9b6fcc036aea0fe0a54a14e632721b907e7885f8f744a8ffbb9e6739766b8c47c37cbdee2e4c3fb2d482ef5cf929e0bc03a1f21a3351e0ec35801a50498a8bd34658499c17889d542fd6ba31faa562fa52aa2afc80be6f20ec33cb2d1fdb59c3864822dfa6f988e3ae307cc23f736ac8b183915fae03b917d12ce96293b38548442449c4f02dc2f012f4139043ca1299f3ac3f8d6f9fc4ee5e37d902c1cfd7a74b7b52aed17c10478ef07c6782db5a4cb30127bc450559b5c6e11d47f0c7390acc13e0456a4de26336a0b623def7db2e9fbd2983ae7fdd69471fbead1431a2e0ab811a3924f9346de62d7ca57ae7deb03ae661711c5bb8666d78e35b81b310b65584855c393162845c609dbb539c8621045cef1e6990113c78ba85e16c375ecb38197f6ae5feb94f29cb539851b344d519e8cc2cae2f0a8c6495be1b55920816e71cc0efa71ec3ddde06fe999520e75ec9dbd2afb5ad533671620a23bc1dd7562fb02d81225561a27dd5e4fe7cc1c81081ec1b5c5f118cf301d158a", 0x1000}, {&(0x7f0000001300)="6985aa1d95f5115eb26dfa798194077231eac8bcf8587d91d675e3f2fbc1c7646a1180f59dcbadef908b0ecbef2ff012b42fd067649d4e8ad7b7279fec55fe045b1f5e9566fa69960816e753cc34030110f0cb81fb5f311697acaaa47b8ee6c84d27cf1c995b8fa0dc5926379220eac6e353c93773b1c0b2b8e8d436b6a6a5d2a09a", 0x82, 0x8}, {&(0x7f00000013c0)="86fc259f6e549a46c6ca7d1a44f161665ab04a845d67f696966f84b98c13c939aa5fc7ff941c3997aceddca3eefff67c5ab62a100d532dd035829173cc93a94f46779b93cf3c6af6e519d19b2283e367c1b82ce95ef3d89c59df87096483c95d7ae45cea5b914c5cb552d40d51f5b5a09199b8d3fca49a89ec45185e12e51cbd9a36e4a3dfba2ca17849031e3af9a90770a160fd1b567ffb072cc6279c7727e8051b0d95aa8ad24a5c1f4331509caaa52dc3724d1c295faa4269b36f30c046c1834240d9014f", 0xc6, 0xffffffffffffffff}], 0x8000, &(0x7f0000001640)=ANY=[])
mkdirat(r0, &(0x7f00000015c0)='./file0\x00', 0x83)
pivot_root(&(0x7f0000001540)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00')

03:41:49 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x600, &(0x7f0000000300)='ramfs\x00')

03:41:49 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:49 executing program 4 (fault-call:1 fault-nth:14):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2174.103375][ T1279] devpts: called with bogus options
[ 2174.156347][ T1268] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2174.164329][ T1268] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2174.175919][ T1268] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2174.183886][ T1268] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2174.389504][ T1268] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2174.397557][ T1268] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2174.413173][ T1268] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2174.413653][ T1297] devpts: called with bogus options
[ 2174.421164][ T1268] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2174.458584][ T1296] FAULT_INJECTION: forcing a failure.
[ 2174.458584][ T1296] name failslab, interval 1, probability 0, space 0, times 0
[ 2174.471337][ T1296] CPU: 1 PID: 1296 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2174.479996][ T1296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2174.490055][ T1296] Call Trace:
[ 2174.493329][ T1296]  dump_stack+0x137/0x19d
[ 2174.497668][ T1296]  should_fail+0x23c/0x250
[ 2174.502098][ T1296]  __should_failslab+0x81/0x90
03:41:49 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, 0x0, 0x0, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:49 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x8000, 0x26)

03:41:49 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5437, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:49 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x700, &(0x7f0000000300)='ramfs\x00')

[ 2174.506839][ T1296]  ? __uprobe_register+0xf8/0x8a0
[ 2174.511930][ T1296]  should_failslab+0x5/0x20
[ 2174.516453][ T1296]  kmem_cache_alloc_trace+0x49/0x310
[ 2174.521767][ T1296]  ? get_page_from_freelist+0x53e/0x800
[ 2174.527366][ T1296]  __uprobe_register+0xf8/0x8a0
[ 2174.532192][ T1296]  ? __alloc_pages+0x194/0x320
[ 2174.536931][ T1296]  uprobe_register_refctr+0x29/0x40
[ 2174.542129][ T1296]  probe_event_enable+0x2be/0x7d0
[ 2174.547138][ T1296]  ? __uprobe_trace_func+0x430/0x430
[ 2174.552472][ T1296]  trace_uprobe_register+0x88/0x410
[ 2174.557722][ T1296]  perf_trace_event_init+0x34e/0x790
[ 2174.562997][ T1296]  perf_uprobe_init+0xf5/0x140
[ 2174.567803][ T1296]  perf_uprobe_event_init+0xde/0x140
[ 2174.573074][ T1296]  perf_try_init_event+0x21a/0x400
[ 2174.578197][ T1296]  perf_event_alloc+0xa60/0x1790
[ 2174.583139][ T1296]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2174.588758][ T1296]  ? vfs_write+0x50c/0x770
[ 2174.593218][ T1296]  __x64_sys_perf_event_open+0x63/0x70
[ 2174.598663][ T1296]  do_syscall_64+0x4a/0x90
[ 2174.603096][ T1296]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2174.609002][ T1296] RIP: 0033:0x4665d9
[ 2174.612882][ T1296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2174.632510][ T1296] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2174.640971][ T1296] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2174.648922][ T1296] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
03:41:49 executing program 2:
mkdir(&(0x7f0000000140)='./file0\x00', 0x40)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='xfs\x00', 0x2004008, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f0000000200)='./file0\x00', 0x50400, 0x26)
rmdir(&(0x7f00000000c0)='./file0\x00')

03:41:49 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x900, &(0x7f0000000300)='ramfs\x00')

03:41:49 executing program 4 (fault-call:1 fault-nth:15):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2174.656934][ T1296] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2174.664886][ T1296] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2174.672851][ T1296] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2174.695508][ T1314] devpts: called with bogus options
03:41:49 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5441, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2174.789952][ T1327] devpts: called with bogus options
[ 2174.797055][ T1328] FAULT_INJECTION: forcing a failure.
[ 2174.797055][ T1328] name failslab, interval 1, probability 0, space 0, times 0
[ 2174.809724][ T1328] CPU: 1 PID: 1328 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2174.818387][ T1328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2174.828471][ T1328] Call Trace:
[ 2174.831757][ T1328]  dump_stack+0x137/0x19d
[ 2174.836096][ T1328]  should_fail+0x23c/0x250
[ 2174.840565][ T1328]  __should_failslab+0x81/0x90
[ 2174.845325][ T1328]  ? register_for_each_vma+0x372/0x890
[ 2174.850783][ T1328]  should_failslab+0x5/0x20
[ 2174.855270][ T1328]  kmem_cache_alloc_trace+0x49/0x310
[ 2174.860554][ T1328]  ? register_for_each_vma+0x372/0x890
[ 2174.866007][ T1328]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2174.871966][ T1328]  register_for_each_vma+0x372/0x890
[ 2174.877270][ T1328]  __uprobe_register+0x3f4/0x8a0
[ 2174.882182][ T1328]  uprobe_register_refctr+0x29/0x40
[ 2174.887361][ T1328]  probe_event_enable+0x2be/0x7d0
[ 2174.892422][ T1328]  ? __uprobe_trace_func+0x430/0x430
[ 2174.897727][ T1328]  trace_uprobe_register+0x88/0x410
[ 2174.902978][ T1328]  perf_trace_event_init+0x34e/0x790
[ 2174.908267][ T1328]  perf_uprobe_init+0xf5/0x140
[ 2174.913031][ T1328]  perf_uprobe_event_init+0xde/0x140
[ 2174.918312][ T1328]  perf_try_init_event+0x21a/0x400
[ 2174.923430][ T1328]  perf_event_alloc+0xa60/0x1790
[ 2174.928354][ T1328]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2174.934037][ T1328]  ? vfs_write+0x50c/0x770
[ 2174.938460][ T1328]  __x64_sys_perf_event_open+0x63/0x70
[ 2174.943925][ T1328]  do_syscall_64+0x4a/0x90
[ 2174.948360][ T1328]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2174.954286][ T1328] RIP: 0033:0x4665d9
[ 2174.958161][ T1328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2174.977805][ T1328] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:41:49 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xa00, &(0x7f0000000300)='ramfs\x00')

[ 2174.986227][ T1328] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2174.994183][ T1328] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2175.002242][ T1328] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2175.010198][ T1328] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2175.018150][ T1328] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2175.124725][ T1339] devpts: called with bogus options
[ 2175.130560][ T1339] devpts: called with bogus options
[ 2175.330286][ T1306] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2175.338326][ T1306] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2175.350035][ T1306] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2175.358012][ T1306] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, 0x0, 0x0, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:50 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x4)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:50 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5450, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:50 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:50 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xb00, &(0x7f0000000300)='ramfs\x00')

03:41:50 executing program 4 (fault-call:1 fault-nth:16):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2175.530801][ T1306] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2175.538901][ T1306] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2175.550338][ T1306] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2175.558378][ T1306] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:50 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x2000, 0x0)
truncate(&(0x7f0000000200)='./file0\x00', 0x5)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount(&(0x7f00000000c0)=@sg0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='bdev\x00', 0x800441, &(0x7f00000001c0)='ramfs\x00')

03:41:50 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2175.618531][ T1352] devpts: called with bogus options
[ 2175.625779][ T1350] FAULT_INJECTION: forcing a failure.
[ 2175.625779][ T1350] name failslab, interval 1, probability 0, space 0, times 0
[ 2175.638375][ T1350] CPU: 1 PID: 1350 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2175.647081][ T1350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2175.657144][ T1350] Call Trace:
[ 2175.660406][ T1350]  dump_stack+0x137/0x19d
[ 2175.664719][ T1350]  should_fail+0x23c/0x250
[ 2175.669116][ T1350]  __should_failslab+0x81/0x90
[ 2175.673906][ T1350]  ? register_for_each_vma+0x372/0x890
[ 2175.679358][ T1350]  should_failslab+0x5/0x20
[ 2175.683923][ T1350]  kmem_cache_alloc_trace+0x49/0x310
[ 2175.689215][ T1350]  ? register_for_each_vma+0x372/0x890
[ 2175.694721][ T1350]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2175.700712][ T1350]  register_for_each_vma+0x372/0x890
[ 2175.706027][ T1350]  __uprobe_register+0x3f4/0x8a0
[ 2175.711011][ T1350]  uprobe_register_refctr+0x29/0x40
[ 2175.716223][ T1350]  probe_event_enable+0x2be/0x7d0
[ 2175.721234][ T1350]  ? __uprobe_trace_func+0x430/0x430
[ 2175.726582][ T1350]  trace_uprobe_register+0x88/0x410
[ 2175.731844][ T1350]  perf_trace_event_init+0x34e/0x790
[ 2175.737114][ T1350]  perf_uprobe_init+0xf5/0x140
[ 2175.741868][ T1350]  perf_uprobe_event_init+0xde/0x140
[ 2175.747295][ T1350]  perf_try_init_event+0x21a/0x400
[ 2175.752390][ T1350]  perf_event_alloc+0xa60/0x1790
[ 2175.757387][ T1350]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2175.763078][ T1350]  ? vfs_write+0x50c/0x770
[ 2175.767505][ T1350]  __x64_sys_perf_event_open+0x63/0x70
[ 2175.772952][ T1350]  do_syscall_64+0x4a/0x90
[ 2175.777379][ T1350]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2175.783263][ T1350] RIP: 0033:0x4665d9
[ 2175.787179][ T1350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2175.806769][ T1350] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:41:50 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xc00, &(0x7f0000000300)='ramfs\x00')

03:41:50 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5451, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2175.815191][ T1350] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2175.823149][ T1350] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2175.831283][ T1350] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2175.839234][ T1350] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2175.847209][ T1350] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:50 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xd00, &(0x7f0000000300)='ramfs\x00')

03:41:50 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2175.883535][ T1363] devpts: called with bogus options
[ 2175.883994][ T1362] bdev: Unknown parameter 'ramfs'
[ 2175.914587][ T1365] bdev: Unknown parameter 'ramfs'
[ 2175.956256][ T1372] devpts: called with bogus options
[ 2176.253592][ T1367] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2176.261586][ T1367] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2176.273248][ T1367] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2176.281232][ T1367] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:51 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:51 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xe00, &(0x7f0000000300)='ramfs\x00')

03:41:51 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:51 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5452, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:51 executing program 4 (fault-call:1 fault-nth:17):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2176.443119][ T1367] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2176.451137][ T1367] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2176.462413][ T1367] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2176.470468][ T1367] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2176.525141][ T1387] FAULT_INJECTION: forcing a failure.
[ 2176.525141][ T1387] name failslab, interval 1, probability 0, space 0, times 0
[ 2176.537757][ T1387] CPU: 0 PID: 1387 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2176.546405][ T1387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2176.556439][ T1387] Call Trace:
[ 2176.559693][ T1387]  dump_stack+0x137/0x19d
[ 2176.564002][ T1387]  should_fail+0x23c/0x250
[ 2176.568392][ T1387]  __should_failslab+0x81/0x90
[ 2176.573166][ T1387]  ? register_for_each_vma+0x372/0x890
[ 2176.578614][ T1387]  should_failslab+0x5/0x20
[ 2176.583180][ T1387]  kmem_cache_alloc_trace+0x49/0x310
[ 2176.588449][ T1387]  ? register_for_each_vma+0x372/0x890
[ 2176.593898][ T1387]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2176.599942][ T1387]  register_for_each_vma+0x372/0x890
[ 2176.605226][ T1387]  __uprobe_register+0x3f4/0x8a0
[ 2176.610151][ T1387]  uprobe_register_refctr+0x29/0x40
[ 2176.615374][ T1387]  probe_event_enable+0x2be/0x7d0
[ 2176.620416][ T1387]  ? __uprobe_trace_func+0x430/0x430
[ 2176.625727][ T1387]  trace_uprobe_register+0x88/0x410
[ 2176.631054][ T1387]  perf_trace_event_init+0x34e/0x790
[ 2176.636332][ T1387]  perf_uprobe_init+0xf5/0x140
[ 2176.641122][ T1387]  perf_uprobe_event_init+0xde/0x140
[ 2176.646424][ T1387]  perf_try_init_event+0x21a/0x400
[ 2176.651570][ T1387]  perf_event_alloc+0xa60/0x1790
[ 2176.656485][ T1387]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2176.662130][ T1387]  ? vfs_write+0x50c/0x770
[ 2176.666530][ T1387]  __x64_sys_perf_event_open+0x63/0x70
[ 2176.671960][ T1387]  do_syscall_64+0x4a/0x90
[ 2176.676357][ T1387]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2176.682266][ T1387] RIP: 0033:0x4665d9
[ 2176.686147][ T1387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2176.705732][ T1387] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2176.714282][ T1387] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:51 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x545d, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:51 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1020, &(0x7f0000000300)='ramfs\x00')

03:41:51 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x110c002, 0x0)
accept4$unix(0xffffffffffffffff, &(0x7f0000000140), &(0x7f00000000c0)=0x6e, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
creat(&(0x7f00000001c0)='./file0\x00', 0x93)

03:41:51 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1100, &(0x7f0000000300)='ramfs\x00')

03:41:51 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x40000, 0x80)

[ 2176.722295][ T1387] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2176.730239][ T1387] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2176.738182][ T1387] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2176.746144][ T1387] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:51 executing program 2:
munlockall()
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
umount2(&(0x7f00000000c0)='./file0\x00', 0x1)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2177.159701][ T1388] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2177.167710][ T1388] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2177.179263][ T1388] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2177.187246][ T1388] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:52 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5460, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1200, &(0x7f0000000300)='ramfs\x00')

03:41:52 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
utime(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0xbe, 0xc4bc})

03:41:52 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:52 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:52 executing program 4 (fault-call:1 fault-nth:18):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2177.342444][ T1388] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2177.350517][ T1388] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2177.361853][ T1388] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2177.369851][ T1388] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2177.419702][ T1424] FAULT_INJECTION: forcing a failure.
[ 2177.419702][ T1424] name failslab, interval 1, probability 0, space 0, times 0
[ 2177.432306][ T1424] CPU: 1 PID: 1424 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2177.440970][ T1424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2177.451021][ T1424] Call Trace:
[ 2177.454287][ T1424]  dump_stack+0x137/0x19d
[ 2177.458645][ T1424]  should_fail+0x23c/0x250
[ 2177.463108][ T1424]  __should_failslab+0x81/0x90
[ 2177.467981][ T1424]  ? register_for_each_vma+0x372/0x890
[ 2177.473417][ T1424]  should_failslab+0x5/0x20
[ 2177.477900][ T1424]  kmem_cache_alloc_trace+0x49/0x310
[ 2177.483189][ T1424]  ? register_for_each_vma+0x372/0x890
[ 2177.488674][ T1424]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2177.494625][ T1424]  register_for_each_vma+0x372/0x890
[ 2177.499963][ T1424]  __uprobe_register+0x3f4/0x8a0
[ 2177.504907][ T1424]  uprobe_register_refctr+0x29/0x40
[ 2177.510163][ T1424]  probe_event_enable+0x2be/0x7d0
[ 2177.515269][ T1424]  ? __uprobe_trace_func+0x430/0x430
[ 2177.520602][ T1424]  trace_uprobe_register+0x88/0x410
[ 2177.525797][ T1424]  perf_trace_event_init+0x34e/0x790
[ 2177.531062][ T1424]  perf_uprobe_init+0xf5/0x140
[ 2177.535810][ T1424]  perf_uprobe_event_init+0xde/0x140
[ 2177.541091][ T1424]  perf_try_init_event+0x21a/0x400
[ 2177.546200][ T1424]  perf_event_alloc+0xa60/0x1790
[ 2177.551184][ T1424]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2177.556790][ T1424]  ? vfs_write+0x50c/0x770
[ 2177.561194][ T1424]  __x64_sys_perf_event_open+0x63/0x70
[ 2177.566634][ T1424]  do_syscall_64+0x4a/0x90
[ 2177.571025][ T1424]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2177.576909][ T1424] RIP: 0033:0x4665d9
[ 2177.580773][ T1424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2177.600349][ T1424] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2177.608747][ T1424] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:52 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x40049409, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2000, &(0x7f0000000300)='ramfs\x00')

03:41:52 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
getsockname(0xffffffffffffffff, &(0x7f0000000140)=@nfc_llcp, &(0x7f00000000c0)=0x80)

[ 2177.616692][ T1424] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2177.624642][ T1424] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2177.632606][ T1424] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2177.640567][ T1424] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2010, &(0x7f0000000300)='ramfs\x00')

03:41:52 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file1\x00')

03:41:52 executing program 2:
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

03:41:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2200, &(0x7f0000000300)='ramfs\x00')

03:41:52 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x40086602, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2500, &(0x7f0000000300)='ramfs\x00')

[ 2178.129567][ T1434] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2178.137598][ T1434] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2178.149016][ T1434] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2178.157096][ T1434] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:53 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:53 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x100)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x2088, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='cpuset\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:53 executing program 4 (fault-call:1 fault-nth:19):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:53 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x3f00, &(0x7f0000000300)='ramfs\x00')

03:41:53 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:53 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x40087602, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2178.321827][ T1434] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2178.330002][ T1434] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2178.341275][ T1434] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2178.349284][ T1434] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:53 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4000, &(0x7f0000000300)='ramfs\x00')

[ 2178.408519][ T1473] new mount options do not match the existing superblock, will be ignored
[ 2178.418692][ T1478] new mount options do not match the existing superblock, will be ignored
[ 2178.427220][ T1475] FAULT_INJECTION: forcing a failure.
[ 2178.427220][ T1475] name failslab, interval 1, probability 0, space 0, times 0
[ 2178.439799][ T1475] CPU: 1 PID: 1475 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2178.448454][ T1475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2178.458490][ T1475] Call Trace:
[ 2178.461751][ T1475]  dump_stack+0x137/0x19d
[ 2178.466068][ T1475]  should_fail+0x23c/0x250
[ 2178.470518][ T1475]  __should_failslab+0x81/0x90
[ 2178.475258][ T1475]  ? register_for_each_vma+0x372/0x890
[ 2178.480718][ T1475]  should_failslab+0x5/0x20
[ 2178.485192][ T1475]  kmem_cache_alloc_trace+0x49/0x310
[ 2178.490472][ T1475]  ? register_for_each_vma+0x372/0x890
[ 2178.495950][ T1475]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2178.501907][ T1475]  register_for_each_vma+0x372/0x890
[ 2178.507209][ T1475]  __uprobe_register+0x3f4/0x8a0
[ 2178.512156][ T1475]  uprobe_register_refctr+0x29/0x40
[ 2178.517337][ T1475]  probe_event_enable+0x2be/0x7d0
[ 2178.522334][ T1475]  ? __uprobe_trace_func+0x430/0x430
[ 2178.527588][ T1475]  trace_uprobe_register+0x88/0x410
[ 2178.532762][ T1475]  perf_trace_event_init+0x34e/0x790
[ 2178.538030][ T1475]  perf_uprobe_init+0xf5/0x140
[ 2178.542781][ T1475]  perf_uprobe_event_init+0xde/0x140
[ 2178.548040][ T1475]  perf_try_init_event+0x21a/0x400
[ 2178.553197][ T1475]  perf_event_alloc+0xa60/0x1790
[ 2178.558148][ T1475]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2178.563751][ T1475]  ? vfs_write+0x50c/0x770
[ 2178.568138][ T1475]  __x64_sys_perf_event_open+0x63/0x70
[ 2178.573633][ T1475]  do_syscall_64+0x4a/0x90
[ 2178.578027][ T1475]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2178.583906][ T1475] RIP: 0033:0x4665d9
[ 2178.587826][ T1475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:41:53 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x401c5820, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:53 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(r0, &(0x7f00000000c0)='./file0\x00', 0x450802, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2178.607518][ T1475] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2178.615907][ T1475] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2178.623923][ T1475] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2178.631879][ T1475] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2178.639922][ T1475] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2178.647882][ T1475] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:53 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4800, &(0x7f0000000300)='ramfs\x00')

03:41:53 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r2)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x208084, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {}, 0x2c, {[{@cache_fscache}, {@mmap}], [{@uid_lt={'uid<', 0xffffffffffffffff}}, {@smackfshat={'smackfshat', 0x3d, 'ramfs\x00'}}, {@smackfshat={'smackfshat', 0x3d, '/'}}, {@permit_directio}, {@uid_eq={'uid', 0x3d, r2}}, {@obj_user={'obj_user', 0x3d, 'ramfs\x00'}}]}})
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2178.686388][ T1488] devpts: called with bogus options
03:41:53 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4c00, &(0x7f0000000300)='ramfs\x00')

[ 2178.736548][ T1494] devpts: called with bogus options
[ 2178.742757][ T1496] 9pnet: Insufficient options for proto=fd
[ 2178.841098][ T1503] devpts: called with bogus options
[ 2179.083682][ T1469] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2179.091751][ T1469] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2179.103211][ T1469] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2179.111317][ T1469] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:54 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6000, &(0x7f0000000300)='ramfs\x00')

03:41:54 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/223, 0xdf)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x4020940d, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:54 executing program 4 (fault-call:1 fault-nth:20):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:54 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:54 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2179.268626][ T1469] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2179.276665][ T1469] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2179.287989][ T1469] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2179.295962][ T1469] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:54 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6800, &(0x7f0000000300)='ramfs\x00')

[ 2179.359565][ T1515] FAULT_INJECTION: forcing a failure.
[ 2179.359565][ T1515] name failslab, interval 1, probability 0, space 0, times 0
[ 2179.372185][ T1515] CPU: 0 PID: 1515 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2179.380912][ T1515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2179.391055][ T1515] Call Trace:
[ 2179.394310][ T1515]  dump_stack+0x137/0x19d
[ 2179.398619][ T1515]  should_fail+0x23c/0x250
[ 2179.403011][ T1515]  __should_failslab+0x81/0x90
03:41:54 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2179.407762][ T1515]  ? register_for_each_vma+0x372/0x890
[ 2179.413206][ T1515]  should_failslab+0x5/0x20
[ 2179.417713][ T1515]  kmem_cache_alloc_trace+0x49/0x310
[ 2179.423046][ T1515]  ? register_for_each_vma+0x372/0x890
[ 2179.428497][ T1515]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2179.434463][ T1515]  register_for_each_vma+0x372/0x890
[ 2179.439832][ T1515]  __uprobe_register+0x3f4/0x8a0
[ 2179.444762][ T1515]  uprobe_register_refctr+0x29/0x40
[ 2179.450013][ T1515]  probe_event_enable+0x2be/0x7d0
[ 2179.455033][ T1515]  ? __uprobe_trace_func+0x430/0x430
[ 2179.460365][ T1515]  trace_uprobe_register+0x88/0x410
[ 2179.465539][ T1515]  perf_trace_event_init+0x34e/0x790
[ 2179.470901][ T1515]  perf_uprobe_init+0xf5/0x140
[ 2179.475656][ T1515]  perf_uprobe_event_init+0xde/0x140
[ 2179.480942][ T1515]  perf_try_init_event+0x21a/0x400
[ 2179.486066][ T1515]  perf_event_alloc+0xa60/0x1790
[ 2179.490979][ T1515]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2179.496581][ T1515]  ? vfs_write+0x50c/0x770
[ 2179.500997][ T1515]  __x64_sys_perf_event_open+0x63/0x70
[ 2179.506427][ T1515]  do_syscall_64+0x4a/0x90
[ 2179.510818][ T1515]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2179.516695][ T1515] RIP: 0033:0x4665d9
[ 2179.520566][ T1515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2179.540259][ T1515] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2179.548670][ T1515] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:54 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
setxattr$incfs_metadata(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), &(0x7f0000000180)="d5bfef96e2a9bbf093a29dafd5c8cb64b70bf90e3ef8b0dd3704071f983842b88c86ffab369def30cd2630236442d65e3c5a4947e478a20e087d1bbf5f5cf5cd6a3e6a80a1126bbb4799796dcdb42612fed3f695075891118da6ba9cca5200e25a", 0x61, 0x2)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:54 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6c00, &(0x7f0000000300)='ramfs\x00')

03:41:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x80045432, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:54 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2179.556616][ T1515] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2179.564560][ T1515] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2179.572515][ T1515] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2179.580464][ T1515] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:54 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7400, &(0x7f0000000300)='ramfs\x00')

03:41:54 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:54 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x20000, 0x50)
mount(&(0x7f0000000140)=@md0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='incremental-fs\x00', 0x80000, &(0x7f0000000200)='ramfs\x00')

03:41:54 executing program 4 (fault-call:1 fault-nth:21):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:54 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7a00, &(0x7f0000000300)='ramfs\x00')

[ 2180.029524][ T1514] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2180.037529][ T1514] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2180.048849][ T1514] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2180.056887][ T1514] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2180.220521][ T1514] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2180.228610][ T1514] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2180.240073][ T1514] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2180.248075][ T1514] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2180.274468][ T1557] FAULT_INJECTION: forcing a failure.
[ 2180.274468][ T1557] name failslab, interval 1, probability 0, space 0, times 0
[ 2180.287085][ T1557] CPU: 1 PID: 1557 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2180.295764][ T1557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2180.305798][ T1557] Call Trace:
[ 2180.309054][ T1557]  dump_stack+0x137/0x19d
[ 2180.313356][ T1557]  should_fail+0x23c/0x250
[ 2180.317823][ T1557]  __should_failslab+0x81/0x90
[ 2180.322558][ T1557]  ? register_for_each_vma+0x372/0x890
[ 2180.328028][ T1557]  should_failslab+0x5/0x20
[ 2180.332554][ T1557]  kmem_cache_alloc_trace+0x49/0x310
[ 2180.337813][ T1557]  ? register_for_each_vma+0x372/0x890
[ 2180.343269][ T1557]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2180.349256][ T1557]  register_for_each_vma+0x372/0x890
[ 2180.354517][ T1557]  __uprobe_register+0x3f4/0x8a0
[ 2180.359502][ T1557]  uprobe_register_refctr+0x29/0x40
[ 2180.364734][ T1557]  probe_event_enable+0x2be/0x7d0
[ 2180.369748][ T1557]  ? __uprobe_trace_func+0x430/0x430
[ 2180.375078][ T1557]  trace_uprobe_register+0x88/0x410
[ 2180.380252][ T1557]  perf_trace_event_init+0x34e/0x790
[ 2180.385524][ T1557]  perf_uprobe_init+0xf5/0x140
[ 2180.390293][ T1557]  perf_uprobe_event_init+0xde/0x140
[ 2180.395626][ T1557]  perf_try_init_event+0x21a/0x400
[ 2180.400714][ T1557]  perf_event_alloc+0xa60/0x1790
[ 2180.405624][ T1557]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2180.411245][ T1557]  ? vfs_write+0x50c/0x770
[ 2180.415667][ T1557]  __x64_sys_perf_event_open+0x63/0x70
[ 2180.421098][ T1557]  do_syscall_64+0x4a/0x90
[ 2180.425488][ T1557]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2180.431358][ T1557] RIP: 0033:0x4665d9
[ 2180.435222][ T1557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2180.454804][ T1557] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2180.463183][ T1557] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:55 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:55 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x6)
mount(&(0x7f0000001280)=@loop={'/dev/loop', 0x0}, &(0x7f00000012c0)='./file1\x00', &(0x7f0000001300)='ext4\x00', 0x100000, &(0x7f0000001340)='ramfs\x00')
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r4, 0x942e, 0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r3, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
recvfrom$unix(r3, &(0x7f0000001140)=""/178, 0xb2, 0x40, &(0x7f0000001200)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
readlink(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)=""/4096, 0x1000)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:55 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x80045440, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:55 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:55 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xedc0, &(0x7f0000000300)='ramfs\x00')

[ 2180.471143][ T1557] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2180.479140][ T1557] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2180.487129][ T1557] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2180.495072][ T1557] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:55 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x2c, &(0x7f0000000040)={0x1}, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0xb0)
rename(&(0x7f0000000340)='./file0\x00', &(0x7f0000000440)='./file0\x00')
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000004c0), 0x98040, 0x0)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000500)={0x0, 0x1000, 0x1000, 0x1})
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='logfs\x00', 0x20001c, &(0x7f0000000300)='[\x01[\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount(&(0x7f0000000200)=ANY=[@ANYBLOB="2f6065762f736730006ef8413e73e2e854481a0000000000000080b21de3b598f1bdf9d58c2123583e3ad1044794cc221c98efa6f5d231d407edf6b603a79259e664d176be0bb75ebb057554d4183af237"], &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='esdfs\x00', 0x300080, &(0x7f00000001c0)='ramfs\x00')
mount(&(0x7f0000000400)=ANY=[@ANYBLOB="2f6425764bf2cc2d2d6e62643000"], &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='pstore\x00', 0x900400, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
uselib(&(0x7f0000000480)='./file0/file0\x00')
mkdir(&(0x7f00000009c0)='./file1\x00', 0x45)
creat(&(0x7f0000000a00)='./file0\x00', 0x11)
getsockname(r0, &(0x7f0000000900)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}}}, &(0x7f0000000980)=0x80)

03:41:55 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xff03, &(0x7f0000000300)='ramfs\x00')

03:41:55 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:55 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x80086601, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:55 executing program 4 (fault-call:1 fault-nth:22):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:55 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000200)=@sr0, &(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000001c0)='nfs4\x00', 0x2, &(0x7f0000000180)='ramfs\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:55 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xff0f, &(0x7f0000000300)='ramfs\x00')

[ 2180.919489][ T1563] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2180.927507][ T1563] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2180.939001][ T1563] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2180.947027][ T1563] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2181.131038][ T1563] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2181.139100][ T1563] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2181.150771][ T1563] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2181.158803][ T1563] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2181.179104][ T1594] FAULT_INJECTION: forcing a failure.
[ 2181.179104][ T1594] name failslab, interval 1, probability 0, space 0, times 0
[ 2181.191784][ T1594] CPU: 1 PID: 1594 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2181.200442][ T1594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2181.210469][ T1594] Call Trace:
[ 2181.213740][ T1594]  dump_stack+0x137/0x19d
[ 2181.218110][ T1594]  should_fail+0x23c/0x250
[ 2181.222499][ T1594]  __should_failslab+0x81/0x90
[ 2181.227239][ T1594]  ? register_for_each_vma+0x372/0x890
[ 2181.232677][ T1594]  should_failslab+0x5/0x20
[ 2181.237206][ T1594]  kmem_cache_alloc_trace+0x49/0x310
[ 2181.242531][ T1594]  ? register_for_each_vma+0x372/0x890
[ 2181.248049][ T1594]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2181.253999][ T1594]  register_for_each_vma+0x372/0x890
[ 2181.259345][ T1594]  __uprobe_register+0x3f4/0x8a0
[ 2181.264257][ T1594]  uprobe_register_refctr+0x29/0x40
[ 2181.269454][ T1594]  probe_event_enable+0x2be/0x7d0
[ 2181.274466][ T1594]  ? __uprobe_trace_func+0x430/0x430
[ 2181.279754][ T1594]  trace_uprobe_register+0x88/0x410
[ 2181.284927][ T1594]  perf_trace_event_init+0x34e/0x790
[ 2181.290211][ T1594]  perf_uprobe_init+0xf5/0x140
[ 2181.295084][ T1594]  perf_uprobe_event_init+0xde/0x140
[ 2181.300344][ T1594]  perf_try_init_event+0x21a/0x400
[ 2181.305455][ T1594]  perf_event_alloc+0xa60/0x1790
[ 2181.310381][ T1594]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2181.316069][ T1594]  ? vfs_write+0x50c/0x770
[ 2181.320469][ T1594]  __x64_sys_perf_event_open+0x63/0x70
[ 2181.325930][ T1594]  do_syscall_64+0x4a/0x90
[ 2181.330366][ T1594]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2181.336258][ T1594] RIP: 0033:0x4665d9
[ 2181.340122][ T1594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2181.359731][ T1594] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2181.368142][ T1594] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:56 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:56 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x40000, &(0x7f0000000300)='ramfs\x00')

03:41:56 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r3, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
renameat(r3, &(0x7f0000000140)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000180)='./file0\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
dup(r4)
fstat(r4, &(0x7f00000001c0))
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:56 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x80087601, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:56 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x100000, &(0x7f0000000300)='ramfs\x00')

03:41:56 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r3, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000140)='./file0\x00', 0x66)

[ 2181.376101][ T1594] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2181.384064][ T1594] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2181.392038][ T1594] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2181.399984][ T1594] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:56 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:56 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1000000, &(0x7f0000000300)='ramfs\x00')

[ 2181.627413][ T1629] devpts: called with bogus options
03:41:56 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2000000, &(0x7f0000000300)='ramfs\x00')

03:41:56 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x801c581f, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:56 executing program 4 (fault-call:1 fault-nth:23):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2181.848873][ T1604] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2181.856858][ T1604] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2181.868500][ T1604] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2181.876521][ T1604] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2182.053423][ T1639] devpts: called with bogus options
[ 2182.061121][ T1604] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2182.069155][ T1604] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2182.080617][ T1604] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2182.088819][ T1604] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2182.112088][ T1640] FAULT_INJECTION: forcing a failure.
[ 2182.112088][ T1640] name failslab, interval 1, probability 0, space 0, times 0
[ 2182.124711][ T1640] CPU: 0 PID: 1640 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2182.133404][ T1640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2182.143446][ T1640] Call Trace:
[ 2182.146855][ T1640]  dump_stack+0x137/0x19d
[ 2182.151251][ T1640]  should_fail+0x23c/0x250
[ 2182.155687][ T1640]  __should_failslab+0x81/0x90
[ 2182.160469][ T1640]  ? register_for_each_vma+0x372/0x890
[ 2182.165995][ T1640]  should_failslab+0x5/0x20
[ 2182.170504][ T1640]  kmem_cache_alloc_trace+0x49/0x310
[ 2182.175772][ T1640]  ? register_for_each_vma+0x372/0x890
[ 2182.181225][ T1640]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2182.187190][ T1640]  register_for_each_vma+0x372/0x890
[ 2182.192461][ T1640]  __uprobe_register+0x3f4/0x8a0
[ 2182.197444][ T1640]  uprobe_register_refctr+0x29/0x40
[ 2182.202629][ T1640]  probe_event_enable+0x2be/0x7d0
[ 2182.207721][ T1640]  ? __uprobe_trace_func+0x430/0x430
[ 2182.213011][ T1640]  trace_uprobe_register+0x88/0x410
[ 2182.218207][ T1640]  perf_trace_event_init+0x34e/0x790
[ 2182.223476][ T1640]  perf_uprobe_init+0xf5/0x140
[ 2182.228288][ T1640]  perf_uprobe_event_init+0xde/0x140
[ 2182.233559][ T1640]  perf_try_init_event+0x21a/0x400
[ 2182.238679][ T1640]  perf_event_alloc+0xa60/0x1790
[ 2182.243628][ T1640]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2182.249243][ T1640]  ? vfs_write+0x50c/0x770
[ 2182.253645][ T1640]  __x64_sys_perf_event_open+0x63/0x70
[ 2182.259101][ T1640]  do_syscall_64+0x4a/0x90
[ 2182.263511][ T1640]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2182.269618][ T1640] RIP: 0033:0x4665d9
[ 2182.273491][ T1640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2182.293234][ T1640] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2182.301619][ T1640] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:57 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x14)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:57 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:57 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:57 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x3000000, &(0x7f0000000300)='ramfs\x00')

03:41:57 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0xc0045878, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:57 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2182.309600][ T1640] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2182.317548][ T1640] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2182.325538][ T1640] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2182.333497][ T1640] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:57 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4000000, &(0x7f0000000300)='ramfs\x00')

03:41:57 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2182.374758][ T1650] devpts: called with bogus options
03:41:57 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001380)=ANY=[@ANYBLOB="84040000", @ANYRES16=r1, @ANYBLOB="010025bd7000fedbdf25880000000c0099007f00000036000000690006"], 0x484}}, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x64, r1, 0x100, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x69}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9f0e}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}, @NL80211_ATTR_SSID={0x19, 0x34, @random="ef2c0d7f75125e0d4f3a2cb39ef1b73d97f4553599"}]}, 0x64}, 0x1, 0x0, 0x0, 0x4004815}, 0x20000000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2182.442874][ T1660] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[ 2182.454983][ T1662] devpts: called with bogus options
[ 2182.474711][ T1665] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
03:41:57 executing program 4 (fault-call:1 fault-nth:24):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:57 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:57 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x5000000, &(0x7f0000000300)='ramfs\x00')

03:41:57 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:57 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0/file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000100)='./file0\x00')
rmdir(&(0x7f00000000c0)='./file0\x00')
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x400, 0x0)

03:41:57 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0xc0045878, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:57 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x208080, &(0x7f0000000180)={[{@huge_never}, {@uid={'uid', 0x3d, 0xffffffffffffffff}}, {@mpol={'mpol', 0x3d, {'bind', '=relative', @val={0x3a, [0x2d, 0x2a, 0x37, 0x32, 0x36, 0x31, 0x16, 0x36]}}}}, {@mode={'mode', 0x3d, 0x8}}, {@size={'size', 0x3d, [0x62, 0x30]}}, {@huge_never}, {@huge_advise}, {@huge_within_size}], [{@subj_user={'subj_user', 0x3d, '^-]\xe4%!!]&\xd68'}}]})
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f0000000240)='./file0\x00', 0x181)

03:41:57 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:57 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6000000, &(0x7f0000000300)='ramfs\x00')

[ 2182.728529][ T1684] devpts: called with bogus options
[ 2182.750674][ T1681] FAULT_INJECTION: forcing a failure.
[ 2182.750674][ T1681] name failslab, interval 1, probability 0, space 0, times 0
[ 2182.763319][ T1681] CPU: 0 PID: 1681 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2182.772024][ T1681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2182.782065][ T1681] Call Trace:
[ 2182.785329][ T1681]  dump_stack+0x137/0x19d
[ 2182.789649][ T1681]  should_fail+0x23c/0x250
[ 2182.794086][ T1681]  __should_failslab+0x81/0x90
[ 2182.798844][ T1681]  ? register_for_each_vma+0x372/0x890
[ 2182.804359][ T1681]  should_failslab+0x5/0x20
[ 2182.808850][ T1681]  kmem_cache_alloc_trace+0x49/0x310
[ 2182.814120][ T1681]  ? register_for_each_vma+0x372/0x890
[ 2182.819589][ T1681]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2182.825632][ T1681]  register_for_each_vma+0x372/0x890
[ 2182.830994][ T1681]  __uprobe_register+0x3f4/0x8a0
[ 2182.835930][ T1681]  uprobe_register_refctr+0x29/0x40
[ 2182.841124][ T1681]  probe_event_enable+0x2be/0x7d0
[ 2182.846161][ T1681]  ? __uprobe_trace_func+0x430/0x430
[ 2182.851457][ T1681]  trace_uprobe_register+0x88/0x410
[ 2182.856672][ T1681]  perf_trace_event_init+0x34e/0x790
[ 2182.861943][ T1681]  perf_uprobe_init+0xf5/0x140
[ 2182.866770][ T1681]  perf_uprobe_event_init+0xde/0x140
[ 2182.872134][ T1681]  perf_try_init_event+0x21a/0x400
[ 2182.877340][ T1681]  perf_event_alloc+0xa60/0x1790
[ 2182.882261][ T1681]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2182.887899][ T1681]  ? vfs_write+0x50c/0x770
[ 2182.892350][ T1681]  __x64_sys_perf_event_open+0x63/0x70
03:41:57 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2182.897847][ T1681]  do_syscall_64+0x4a/0x90
[ 2182.902241][ T1681]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2182.908187][ T1681] RIP: 0033:0x4665d9
[ 2182.912068][ T1681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2182.931692][ T1681] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2182.940137][ T1681] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:57 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0xc0189436, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2182.948153][ T1681] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2182.956159][ T1681] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2182.964103][ T1681] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2182.972053][ T1681] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:57 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7000000, &(0x7f0000000300)='ramfs\x00')

[ 2183.014456][ T1707] tmpfs: Bad value for 'uid'
[ 2183.016049][ T1709] devpts: called with bogus options
[ 2183.020288][ T1710] tmpfs: Bad value for 'uid'
[ 2183.131736][ T1717] devpts: called with bogus options
03:41:58 executing program 4 (fault-call:1 fault-nth:25):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:58 executing program 2:
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={<r0=>0xffffffffffffffff, 0x8, 0x7, 0x2})
sendmsg$NBD_CMD_STATUS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x80, 0x0, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0x8}, {0x8, 0x1, r0}, {0x8}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x8}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x400}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001380)=ANY=[@ANYBLOB="84040000", @ANYRES16=r2, @ANYBLOB="010025bd7000fedbdf25880000000c0099007f00000036000000690006"], 0x484}}, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r2, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0xb57}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x100}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x20040090}, 0x50)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:58 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:58 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:58 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x8000000, &(0x7f0000000300)='ramfs\x00')

03:41:58 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0xc020660b, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2183.346140][ T1727] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[ 2183.353131][ T1729] FAULT_INJECTION: forcing a failure.
[ 2183.353131][ T1729] name failslab, interval 1, probability 0, space 0, times 0
[ 2183.360081][ T1727] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[ 2183.367006][ T1729] CPU: 0 PID: 1729 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2183.383782][ T1729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2183.393815][ T1729] Call Trace:
[ 2183.397076][ T1729]  dump_stack+0x137/0x19d
[ 2183.401391][ T1729]  should_fail+0x23c/0x250
[ 2183.405873][ T1729]  __should_failslab+0x81/0x90
[ 2183.410638][ T1729]  ? register_for_each_vma+0x372/0x890
[ 2183.416142][ T1729]  should_failslab+0x5/0x20
[ 2183.416307][ T1728] devpts: called with bogus options
[ 2183.420631][ T1729]  kmem_cache_alloc_trace+0x49/0x310
[ 2183.420654][ T1729]  ? register_for_each_vma+0x372/0x890
[ 2183.436531][ T1729]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2183.442486][ T1729]  register_for_each_vma+0x372/0x890
[ 2183.447839][ T1729]  __uprobe_register+0x3f4/0x8a0
[ 2183.452857][ T1729]  uprobe_register_refctr+0x29/0x40
[ 2183.458087][ T1729]  probe_event_enable+0x2be/0x7d0
[ 2183.463171][ T1729]  ? __uprobe_trace_func+0x430/0x430
[ 2183.468498][ T1729]  trace_uprobe_register+0x88/0x410
[ 2183.473672][ T1729]  perf_trace_event_init+0x34e/0x790
[ 2183.478992][ T1729]  perf_uprobe_init+0xf5/0x140
[ 2183.483808][ T1729]  perf_uprobe_event_init+0xde/0x140
[ 2183.489068][ T1729]  perf_try_init_event+0x21a/0x400
[ 2183.494153][ T1729]  perf_event_alloc+0xa60/0x1790
[ 2183.499067][ T1729]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2183.504685][ T1729]  ? vfs_write+0x50c/0x770
[ 2183.509082][ T1729]  __x64_sys_perf_event_open+0x63/0x70
[ 2183.514522][ T1729]  do_syscall_64+0x4a/0x90
[ 2183.518961][ T1729]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2183.524870][ T1729] RIP: 0033:0x4665d9
03:41:58 executing program 2:
ptrace$getenv(0x4201, 0xffffffffffffffff, 0x4, &(0x7f0000000840))
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r1=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r1)
syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0xb9, 0x8, &(0x7f00000006c0)=[{&(0x7f0000000180)="b7c826a801739415f8ba3f67483aed8517b43cc7cb1465e289e3fe8f21bbd4d109951584e6f43a5cc1ea5817c941487f4b59b5", 0x33, 0x100000001}, {&(0x7f00000001c0)="1c51506a50bfd151b6ca003ff5c8173ee6becdc98c0093476e5b3fe51bad6199469c8e2f978da60751835a5d3747d3e111aa70be986216a85a3d78ef267c3dabb0c942162a9aef743e69d1f7a2307e99449a4c1c5633", 0x56, 0x1f}, {&(0x7f0000000240)="f3a53ab3952707bd7ba3367c4e718a2a867c16f7054043c07f2f3a90ea919a6bdf841e3a551339c6f82273b7c92b0e75cad4e3dbad28a8e8b21d4ee1438abb71e26280e629308cdcbee647ad06bbe8baefdfdb66", 0x54, 0x80000001}, {&(0x7f00000002c0)="e95aef5e06c7d4cc2dc784845ed8fd087a7439340013738de5b2a24c46d9b1b382c42ff7e3b12313fec997a2bbac7d9999017bfb1b356b3b2f2ad191707687c1a259d98f42532c33243c1d19ad3c92056f98e1d9f982cd43265dafcece1a2f224280ee651615eac0106d3028fadf7c675b39ca0294f69ab6e36117d3b10b51019ecb949e4b7c9326432bf9", 0x8b}, {&(0x7f0000000380)="2b31a550ea61adcc73b8afee788da88390cd4a9eb107ddd2348ecb640aa0b361144f4367c2fca5cd373e76d769f92d1620c62bda993ebc4df7dbccddeab32fa87c496cf5982753088b0e64e90584da317044b7ea47a31adaf2983f7abea253319390b43b6cc50351b7233a7ff6478be10e9e188d05472ea9737bfe7532ab297cf4ed98366124703782b49c2b5bced9051565d476efc3ab40dc299810040fb862fbac31546516d2cafdae616c2818b2178a8495910ebdd2a70abe5b36016b76f52d0f5d7d12bd7baa9c3222f4f67368fc5a72e9cfb6840c4c06b042632f28dc81e7379f049a02754c34fb3c60", 0xec, 0x6}, {&(0x7f0000000480)="68c7a44cf9e5fec7eb6713ecf6e25de093fbde7ff8b405322c4df16a03434782f6ba3a217f1e2a83b02d6d56c0c2768b18673e07701aa3ea0a4a254e15fb5becd296598a4bd588c2d035a14101f731719c9932a1d2f5511945cd102f6c542d13af0bc3c2427dc97736e0a7b458cbb5df04079dd7f98b8a482fb2bcd4a72438cb68d093cdc0cc5b59b6cd67d2b5678ab50f93458aee28a2b68f5fc345945c790cd28b755d3630a52753f586dc4ed0e948af24186c94f3fa777a548eca2944", 0xbe, 0x1ff}, {&(0x7f0000000540)="f60e72e3006d076a5ffccf84b772f671d28ec2ebc6655333d631493f85ff2efa0b20fc70e8a1315b855d5d9c37ae994c89f316b2ed0b78cbe8c31899cb0defefa8baf95b07c655e5212aa4f7ce1d8b56744fac096dc68625b00dc7201b9c126241c531bc8a4cdd3cca503ae197d04ded44b2d26fed4525d98b76d877ab379914836671a65f1918905186897abaa21e869314d1d36dd5a043ae04c2dd5d9a56611618b709fd5b9df97dfd10b99036fb2db7f0c4892b45251553900be4700b8856ef52cf651ee9f768a08d65766104ff4232c3b0fb7ef37c92654e4e4f9381caf580a1438e", 0xe4, 0xe7c5}, {&(0x7f0000000640)="948e2cd7cfb74d9388d490533ff25f2d3374361ca7bf5db9f99999dd81e65ad2c363ec55fdc40f0c1ff86443fd2d2beef5e60439eb67ba53eb693756b97708b4ca2666ee", 0x44, 0x8}], 0x2, &(0x7f0000000880)=ANY=[@ANYBLOB='huge=within_size,mode=00000000000000000150757,huge=within_size,defcontext=unconfined_u,uid>', @ANYRESDEC=r1, @ANYBLOB="0e0000100000005023643c00a9f025708dac7653de", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])

03:41:58 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x5, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:58 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x9000000, &(0x7f0000000300)='ramfs\x00')

[ 2183.528784][ T1729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2183.548366][ T1729] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2183.556763][ T1729] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2183.564718][ T1729] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2183.572687][ T1729] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2183.580630][ T1729] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2183.588578][ T1729] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:58 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xa000000, &(0x7f0000000300)='ramfs\x00')

03:41:58 executing program 2:
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000000c0)=0x5, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2183.651378][ T1750] devpts: called with bogus options
[ 2183.657638][ T1750] devpts: called with bogus options
03:41:58 executing program 4 (fault-call:1 fault-nth:26):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:58 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:58 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/23, 0x17)

[ 2183.731813][ T1762] devpts: called with bogus options
03:41:58 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:58 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xb000000, &(0x7f0000000300)='ramfs\x00')

03:41:58 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0xa, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2183.972034][ T1781] FAULT_INJECTION: forcing a failure.
[ 2183.972034][ T1781] name failslab, interval 1, probability 0, space 0, times 0
[ 2183.984757][ T1781] CPU: 0 PID: 1781 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2183.993472][ T1781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2184.003697][ T1781] Call Trace:
[ 2184.006980][ T1781]  dump_stack+0x137/0x19d
[ 2184.011295][ T1781]  should_fail+0x23c/0x250
[ 2184.015818][ T1781]  __should_failslab+0x81/0x90
[ 2184.020560][ T1781]  ? register_for_each_vma+0x372/0x890
[ 2184.025997][ T1781]  should_failslab+0x5/0x20
[ 2184.030536][ T1781]  kmem_cache_alloc_trace+0x49/0x310
[ 2184.035808][ T1781]  ? register_for_each_vma+0x372/0x890
[ 2184.041246][ T1781]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2184.047304][ T1781]  register_for_each_vma+0x372/0x890
[ 2184.052651][ T1781]  __uprobe_register+0x3f4/0x8a0
[ 2184.057584][ T1781]  uprobe_register_refctr+0x29/0x40
[ 2184.062867][ T1781]  probe_event_enable+0x2be/0x7d0
[ 2184.067865][ T1781]  ? __uprobe_trace_func+0x430/0x430
[ 2184.073195][ T1781]  trace_uprobe_register+0x88/0x410
[ 2184.078384][ T1781]  perf_trace_event_init+0x34e/0x790
[ 2184.083688][ T1781]  perf_uprobe_init+0xf5/0x140
[ 2184.088424][ T1781]  perf_uprobe_event_init+0xde/0x140
[ 2184.093684][ T1781]  perf_try_init_event+0x21a/0x400
[ 2184.098767][ T1781]  perf_event_alloc+0xa60/0x1790
[ 2184.103675][ T1781]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2184.109328][ T1781]  ? vfs_write+0x50c/0x770
[ 2184.113747][ T1781]  __x64_sys_perf_event_open+0x63/0x70
[ 2184.119277][ T1781]  do_syscall_64+0x4a/0x90
[ 2184.123697][ T1781]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2184.129574][ T1781] RIP: 0033:0x4665d9
[ 2184.133443][ T1781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2184.153055][ T1781] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2184.161491][ T1781] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:41:59 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000001c0)='./file0/file0\x00', 0x40000004)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
move_mount(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x52)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x88)

[ 2184.169447][ T1781] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2184.177394][ T1781] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2184.185373][ T1781] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2184.193320][ T1781] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:59 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xc000000, &(0x7f0000000300)='ramfs\x00')

[ 2184.238141][ T1792] devpts: called with bogus options
03:41:59 executing program 4 (fault-call:1 fault-nth:27):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:59 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x581002, 0x40)
futimesat(r0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0xea60}, {0x77359400}})
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:59 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xd000000, &(0x7f0000000300)='ramfs\x00')

[ 2184.312446][ T1802] devpts: called with bogus options
03:41:59 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2184.373684][ T1808] FAULT_INJECTION: forcing a failure.
[ 2184.373684][ T1808] name failslab, interval 1, probability 0, space 0, times 0
[ 2184.386300][ T1808] CPU: 0 PID: 1808 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2184.395020][ T1808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2184.396999][ T1813] devpts: called with bogus options
[ 2184.405088][ T1808] Call Trace:
[ 2184.405113][ T1808]  dump_stack+0x137/0x19d
[ 2184.417877][ T1808]  should_fail+0x23c/0x250
[ 2184.422310][ T1808]  __should_failslab+0x81/0x90
[ 2184.427070][ T1808]  ? register_for_each_vma+0x372/0x890
[ 2184.432520][ T1808]  should_failslab+0x5/0x20
[ 2184.437005][ T1808]  kmem_cache_alloc_trace+0x49/0x310
[ 2184.442353][ T1808]  ? register_for_each_vma+0x372/0x890
[ 2184.447799][ T1808]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2184.453761][ T1808]  register_for_each_vma+0x372/0x890
[ 2184.459105][ T1808]  __uprobe_register+0x3f4/0x8a0
[ 2184.464028][ T1808]  uprobe_register_refctr+0x29/0x40
[ 2184.469295][ T1808]  probe_event_enable+0x2be/0x7d0
[ 2184.474298][ T1808]  ? __uprobe_trace_func+0x430/0x430
[ 2184.479582][ T1808]  trace_uprobe_register+0x88/0x410
[ 2184.484753][ T1808]  perf_trace_event_init+0x34e/0x790
[ 2184.490087][ T1808]  perf_uprobe_init+0xf5/0x140
[ 2184.494848][ T1808]  perf_uprobe_event_init+0xde/0x140
[ 2184.500111][ T1808]  perf_try_init_event+0x21a/0x400
[ 2184.505238][ T1808]  perf_event_alloc+0xa60/0x1790
[ 2184.510172][ T1808]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2184.515782][ T1808]  ? vfs_write+0x50c/0x770
[ 2184.520257][ T1808]  __x64_sys_perf_event_open+0x63/0x70
[ 2184.525736][ T1808]  do_syscall_64+0x4a/0x90
[ 2184.530160][ T1808]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2184.536028][ T1808] RIP: 0033:0x4665d9
[ 2184.539970][ T1808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2184.559633][ T1808] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:41:59 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xe000000, &(0x7f0000000300)='ramfs\x00')

[ 2184.568017][ T1808] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2184.575989][ T1808] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2184.583939][ T1808] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2184.591898][ T1808] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2184.599847][ T1808] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:41:59 executing program 2:
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
unlink(&(0x7f0000000140)='./file0\x00')
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0xb2800, 0x0)
mkdirat(r0, &(0x7f00000001c0)='./file0\x00', 0x0)
r1 = openat(r0, &(0x7f0000000000)='./file1\x00', 0x2000, 0x0)
mmap(&(0x7f0000522000/0x1000)=nil, 0x1000, 0x2, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x0, 0xd9f, 0x9)
r2 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000003c0)="94eb778872fe5f383d1637b49edc3807f539364ddaf95336c959ae826d1c28f8916d9525ea770bc397a9c0e54fa120b6e90e3c47798f900bd45bb296ad30238dc6f351b63e2f344196759896cfaef685148e9b6227b32855ca4701248e97b3bd7cd1d15e01723bb9f4c30d3aefc278a8bd7b7693980e897214fbc496a96a92c30a2fd036800a44ce70a188f9b0f4d73beca9bd1c69ff3975f26add26966851e1c336350f11356cae94967ec052e17241322f9d206fbe001d8b7af6198659c0b8f2c41e3c809628f15eb908612c0bb03f7ba78125e7a75249ee0044326c2f499ea0bb632efbfabddf33d1d1b091569a34d843028aab85ee1682301d5844b4e9d7addecb56a69ed21340cdf287cb101fc6de3d2c31acf8aeef3d23dd45655bc6d47f0a651338988d023492e9bc0be8d4df227c05c3248dca7b5ffa45f38f3c22db613e041b539373aace2153951d006cd0e163443858f2586bf5c4792e7ded31e22d0c9da28ccc469abee247812796e1b1a68d928097577f646b4b4c7f6dfebed2d0b5d687a9ba619464272bcd94fc769ade4be13390cdf8502dbb48cba1b6d4b262a12067d7300a8a70f5fc366ae10f5641648ca61e05fe353b9f18e27226d4379a9e55ca06edb9028c1d4784267ca0c60dfe4e829ee9927d70e00b166d8896d5153ecb0e7697a489e9ec988b63a3fdad226f786cf0de322bb9dcba251d4d4c193b95a5e1c9c6d9f4cdee1f79655449dc3378750f7b1dca45e6eccd832b336c2740b306c78665835fa3697d81db47555ad3713a2b279b44ac442d33717115cc7bd8001fa616cb5e12f65ea7ab283297fa062b39f6a155f4849bbffe3c15e01d00bb58ecb736b82a95822d78180ab5f5261c6359789ce00210f36d65b59d508f731f3bb37cf7a31b170d2c309b218eb4a8e10dfc50173ac536f016bed8feb7893d8d30021f63c50e8fc5c551177a983be841fe04481b0085d4d2711a8acd1d9e8b2713c28d195abef2f848da07a4eacf92b21131edd88f60cefe50b4f0eeb93faaf6de34cf8de3b8021ff8d9bc0a44c3837ed35a340daf0d96f4c6132ef3b584c0e3577f8aa15c8dc6c2379d0d07908f7f49d8b6149fcae4646ec307a5d2250c3ba152b5f6a5a30f29feef4df98edc72e8cec1d8ee6ed8ae725fe79ceab124e6f61636a03625e47b777e16ddc5c80c4aa5beda8bca2c04e2e14213b7ec60110a44d9d281df95736935528d47c94d34a6fb3ee78a98afe4a867b95f72de73d18a7431827792102ae236a2dc2a709d712fb1f024fed70ac21e7a11531fc0d7446915e6e5284fe38ae4935843acdbd96a876ba0d2685b11bb3003543ff3ce05ab7b68f5dea09115629a44b719f24220afcf4419b9935ae599be2a3e44c8470663bd9f478999dba73a24c4f62a1e48ed65531ef6d711c59c8533e5bd67c47a72dff626249f3a3265183a7d8bf0fc7d10020bc6256ffe9d90a092c865da1a0f33dcc72a1d9ea2bc0259cd7082b6482e2272ec193af0d453df37217f090a06ba8125b2872799d04f851361985ff773ff8daed208658fa3911457103453383bfa131426853a63bb549105f9afcf628c1c40a9ed3dbd4fe1fcfd60b84f211f1173fcba5ce7ae44af11fd33434bd036e14e25c82c5ee66cad9e2e54d62764d54d9b8669ec07b20fcb14a368d414d9b9fe47f26f3f70411fdcc9a4d80f80535680c1bbf66b43c38c899e143c51b230cc57fe84fad297cc4e563d7117728eb11cce9092b022ee80cc368bfd00b0cc576fe0ead5bb0b9ead43dab0156d7114dbb4031cff77a3e04ef9f6758aaa15f8ab0f7e3e13aec8372429e85633ebec0cefa67aca9aae8e33d9e8fd17f74f928a113fe2bff9026e7a3b4f8c7b4c6227cbc136a737e7621de2f86ebf613798394078e2c711fe45a8305b81ceddfe92a9555e722666b4126fb55fe51945eea11ed26bf045428ba3936f5ef0785a1e75696773d7075f424ce58f90724587a00c89b73f6e19a0506ea22aa987331ee9aca6a3336c2092730bbe429486a2d283a9cc553e419b15a8d00eabe23dd9f719854a172890a55f58fdb41842c2fe713c0e0e610e9b20cdf662f1a92a4e253983bca30a11a3abcad00e6f041943e06667544e146bdb8d6c02c26112137ea4404e1c7bc21f762fb82e3fd1f183d592be3bfa01c9588790dc8787e243b2b6540831baae6a379edd83ea8e17bd15c5bafdb8ce30a325e2e89b796af3a7ec6c42e2b1b67ad1cfd987e922b7a2b504d42a34b670271df6df7f949d3b8014b909335be76a7df6a83d5d3af0f56bcdd096b434f5381035465bef3669c0d894245e83aae5806a84ad8600791e52cdb10d01ad7ab4ece6eb1ebc062ad22e661f8064c625bec28c92c145299bc602f6c9c379d6b8314b44059aa66cae40451424d13817b72a93dd208e793cae2ace55490f9e926bfc12351a79b5ace608463b726824bffcd1f55d2f811f0e1c875249a0eeda5f226cc7087441f3f2d093fc6c5570c7e10fbb3e7bb2eab87713d6efca1322de9347a92330547c1ebe22276daf12105f9e37964a7b5420d8494cd2f2caa6d03c556944826ddf368f9d617ebd26e30c6c022b152a5ce1c0f4727b4b9c59737422f840e36182d140afc35da42d554ff9de8540a1278403d1f9fb7e0b401bcf0db07fbe06fc632805277c70e8b92c90f6b8ece720e245ffdbc0258ae5f7f3b17c21767af9780a7bc49045fa7c8dcc09009a7cf9dddbb7a722c5f3ed8cef115e8d3fc5fdbdf8030575895728e16f32524b9256d54bdaa1a377c00c21c0b0fa7409eb7d055949664911d4bcc751bd3db33a87f9b1e0667aa9f28114ee33edd6cbe5aeab60095bac9d9e9ac05e8b2a7df22721f849ce136a3be1628565dc523e01dc139a65b88793baf485ce1fe3e49aac51fbd6accdf43a59e5217d171fdc86f2d50fd1db45a4ab89ef40a53faec49cf5f4f675d925e88c7f83e25a6d70edc14027edd26a80633fc7bd4e60743dadaf6cf21863465c5e24a1487067f19c761ed9248c9cc03ba2f1dc8a62d58206ee84ce8662b9b079b5669bc7e3aa66ffff774255b0b5a4b550866ae1c45b9ff4d99fe01ebf0427317349da554b7967b11e42d1de2bce336a05f8ad87a15a91280d04cb68c19bac683befab43d2c3481d4d3c03e8ffc64c0e5b10e7fe66f775e198451fd28d956386c3cd14cf114ddb1a1f6f4bb4e702ad9dc7529865f8abe61d9a0c562fabd46a2296ed6ee2c836876082f3406cfeda2994131804e14e10c6abf1770f3af4cac5f895a722333134f8ed392ea94be366d2bf030eb40e9108855e5a4eee17950ca3d0a3d42ca9fe5c2d92f8658bcf5418e2a02e5dce7275b3ed69dd43310709fc8ea8fb1629803561366307c1d14b85600d698db3a0bf06938f5f4c882f39c3c4320ab6f711b5d4aea875d094550bdcccfe32e6949d2a6445292425e383ae58dccacf1231465e533fa73c4d4d14031600e789b3448a8918a81e94076e3caf636c705bef08caa7822066d144dd127be77fa1a9cb64f5d2bf43ac014add33bbd4e7e62e535aeba724f1dd6dd549c14049078edc913e91a5140bca68e72870e531e1df88556f745e59e637d62ef89a95f4a99162269c62f739f017f693d43fd3c3d3250436b690c5ee6fd076a66581fab8fa230e5fdfb9f6f0f886b62bed68314494473839ac003523803b733425349cc2f615fe7c4073c7695ce8570feb8dacc79de7f50a693f30f7db8f3fa7df1f44a26eb4153bb50aaf4f54451bfeb412cd21322e01a4e798c23d1eb36be53e5e3e0a9f0ad7b63fe7525a135c6c12c5894b80b5f2e7bf65188084d2b616e5650a7181c25c2e0edaef95bfc87d54ecba3f2d665d5d46ad558cfbf10a4594b3e093c84b24a7134ccc932c7c052655551363753598f85710662bd87d2642ac788c33e471799d36b4be3cb003c4e5b60db5688145703902266b93dc1f7bbce8abb8079bb4644ce48102f615b9eb0f45dafa615b31a011cd51d2df35ba810d643396bd3f990fe280141db5f7bd645168bbc5380e901b80e6db73aeca44cc13a52576a25033f2310f8ad212f8e0099ed57f8a55df702d19acecea233bfdf1bd6a4b4f578b87f132fb0d0f4a8e40be8780b6b719130f67674abd5de93ce448427e49a7fff534f4f1311058f52acac27c0ebad355f44bad6fadace3e8e5af87a555d19d95dd64635520458dd88e33723b9359176d146e0f6a5844385b24f6f52b8515bd06c48d74c6ebf94d15938e8069911de219578c7e2e5d0a5e8167db247bf7e9aa1e404133cadfebae91901ea74a688ffc3b8bc03c49af68fb1d90f0aa00330321b87e812cf9ec46b1f4ac853d10c457e7676a0724bf3bec4caa78361fbc5322ed7649dbd34adc3147a49e786783574266529126803e35db00c5dae89ad126b27d0681151ef811256d19c3d60e34face965cd331127b867eff306cde18dfcdce1920498902903f484ee15d2c15e7513f8a231a5facf668b19dd538fd11342de637b2d10d3275c6297754da346afe6d6bb1d944897c2c2add108d18ab0535b033ee6f18ea60acecee20aa524297dfb4405e4a5d7b4b58608985bdd069c2b2e372795c0f822225a60e4fe7aa793b102a39278b28f7bb766ad2921052b141ec4fcf7c2124f69656e59cf2b0dc7a38918dbd73f69ff5331b8945042e1662d4bd30ce9a6ebd4e1d6b578a5890dc586dfeecee424e1fdcdf73a642d3ace6b7cad2c3a4eaafb28eaf370c078079267e5c7512678662abe1d32a5a435c1f22c5bb13fce4754ac40bc3b7f3f418b1c89ecd51dedc1bfe4bf14f201e7cb94a383e93f7dfb2d53210387df7fc897415ea57ed5dbac72f7551ea9acfe21127849cdf39791ae7fccabc2a412d0b856794929d4e79f0f21e4542ed8d19513ad84198a6480f24e40e020c36bb8bb7fdf0096e224adbb53b88cee046030c98d6125ba84300022a0498ead14ead466670d413fe8ef143699b8b8c6b76ea6de304f88bcbf2bbba59d2391dbf1ce8ed86c3c8bdda152d4fa72225706cd1654402c985d85f63208d632a52515a024b5360171d9261889e6817473baedccdb975af90e57c87d184f214aaf407dc93a2ca6cf457673a67215bf0a5be413c31bd0c426b89e7544bf9545ebc85c6a3dfacb21608d5ed3ec91023a3f920010b0054731fef11a8a1739e015400949a8078eb3b67cf7165d0764e574ec71a403a35f8b9e44933ed4b0a13417fa73d79502434770129b6c6fc046291bc813a8ef03d6977090b4b417d2d6e752c6df89f5b61e59e3ebe539b18a7da42deba41e1331fb1420ab62d5de8860217a9ce5bd257e2d64255e6b86f87bd2b5142b527b34a7d4515f804450d100fc31e2aa14d5d999eecb0975a59d2c036f129260bab7da73c4913cb9751e168e04ade8396923d5acd7e51332273d81bf743d5cec274afcca65aacdde5d5eefc243b81da91a34b31fff36084ff7890f5c3e1ae2c3b351cff980a0d9cff04a9187c53702b6cc6e237d287a3a9351b65628cdc8711d2b324bcd6fa36f71a36eb4f138740f13d67dd4f296bacfe787fed000e728bef974eb3765feb927d3b7c571d9a4811fc3976cdcfe96c05c164c25a6ca87f26a90509e85b234e8ebb5e49d88cb8175f7631cbfe9ab4f45c6c21bd14df4a7e4d51486c4491aa81041bf7098cdaab9ebaf5b4ed521ab116aecc7ecb18b4d6e3bcded944adbcf2b2b8547c6b554fc13745383e7fe4de8cab509b6099d8aa5f89b31048e78f4a27b83deb6f9cf1780946150e340db7", 0x1000, 0x10001)
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
ftruncate(r3, 0x2081fc)
r4 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x380000a, 0x11, r4, 0x0)
fcntl$setstatus(r4, 0x4, 0x40400)
write(r4, &(0x7f0000000280)="b6", 0x1)
open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$binfmt_elf64(r3, &(0x7f00000013c0)=ANY=[@ANYBLOB="7f454c4b00000000ffff0000000000000000000000000000000000e4ff00000040000000000000000200000000000000000000d5a2b7be3ef638b7ba00000038000000000000000000000000000000000000000000000000000000fff7ffffffffffff835eda1628457e1c1c1bf96eda66ac45fe79edc01db1f8d37ced67a41d661d2fc21b6cd6647c8b4483b17d3b8065580000000000f5af704a4c16a665fcdde32ecbadc807d687a29cdbba589632d7feee28144b7dc95e877e4cd24de6e2edbc7ce6e9d48d5dd9022803ed8210f42787136afbf7ff6c1722c81863641c5394d2f16ab38884c23dce7fcde20a436759b253f3c672cd70214704b45ce6a1160519d5b52109e843f030c6f6fc3f0ab498534b24d0c3448fe6c562be09e2400c4f16bc555a00"/306], 0xa7)
pivot_root(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file1\x00')
renameat2(r1, &(0x7f0000000000)='./file0/file0\x00', r2, &(0x7f00000000c0)='./file0\x00', 0x5)

03:41:59 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x10000000, &(0x7f0000000300)='ramfs\x00')

[ 2184.638853][ T1820] devpts: called with bogus options
[ 2184.682676][ T1826] devpts: called with bogus options
03:41:59 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x11000000, &(0x7f0000000300)='ramfs\x00')

03:41:59 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0xd, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:41:59 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:59 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open$dir(&(0x7f00000000c0)='./file0\x00', 0x2, 0x100)

03:41:59 executing program 4 (fault-call:1 fault-nth:28):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:41:59 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:41:59 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x12000000, &(0x7f0000000300)='ramfs\x00')

[ 2184.964592][ T1834] devpts: called with bogus options
[ 2184.985375][ T1817] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2184.993442][ T1817] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2185.005209][ T1817] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2185.013196][ T1817] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:41:59 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0xfffffff0, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2185.228693][ T1846] devpts: called with bogus options
[ 2185.245370][ T1817] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2185.253348][ T1817] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2185.265332][ T1817] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
03:42:00 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:00 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x20000000, &(0x7f0000000300)='ramfs\x00')

03:42:00 executing program 2:
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2185.273302][ T1817] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2185.359714][ T1847] FAULT_INJECTION: forcing a failure.
[ 2185.359714][ T1847] name failslab, interval 1, probability 0, space 0, times 0
[ 2185.372328][ T1847] CPU: 1 PID: 1847 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2185.381021][ T1847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2185.381282][ T1860] devpts: called with bogus options
[ 2185.391143][ T1847] Call Trace:
[ 2185.391153][ T1847]  dump_stack+0x137/0x19d
[ 2185.391173][ T1847]  should_fail+0x23c/0x250
[ 2185.408340][ T1847]  __should_failslab+0x81/0x90
[ 2185.413106][ T1847]  ? register_for_each_vma+0x372/0x890
[ 2185.418669][ T1847]  should_failslab+0x5/0x20
[ 2185.423158][ T1847]  kmem_cache_alloc_trace+0x49/0x310
[ 2185.428430][ T1847]  ? register_for_each_vma+0x372/0x890
[ 2185.433884][ T1847]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2185.439912][ T1847]  register_for_each_vma+0x372/0x890
[ 2185.445199][ T1847]  __uprobe_register+0x3f4/0x8a0
[ 2185.450137][ T1847]  uprobe_register_refctr+0x29/0x40
[ 2185.455332][ T1847]  probe_event_enable+0x2be/0x7d0
[ 2185.460395][ T1847]  ? __uprobe_trace_func+0x430/0x430
[ 2185.465673][ T1847]  trace_uprobe_register+0x88/0x410
[ 2185.470869][ T1847]  perf_trace_event_init+0x34e/0x790
[ 2185.476216][ T1847]  perf_uprobe_init+0xf5/0x140
[ 2185.481018][ T1847]  perf_uprobe_event_init+0xde/0x140
[ 2185.486311][ T1847]  perf_try_init_event+0x21a/0x400
[ 2185.491396][ T1847]  perf_event_alloc+0xa60/0x1790
[ 2185.496320][ T1847]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2185.501934][ T1847]  ? vfs_write+0x50c/0x770
[ 2185.506325][ T1847]  __x64_sys_perf_event_open+0x63/0x70
[ 2185.511772][ T1847]  do_syscall_64+0x4a/0x90
[ 2185.516224][ T1847]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2185.522114][ T1847] RIP: 0033:0x4665d9
[ 2185.525982][ T1847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2185.545579][ T1847] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:00 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x20100000, &(0x7f0000000300)='ramfs\x00')

03:42:00 executing program 2:
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r3, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
ioctl$sock_SIOCGSKNS(r3, 0x894c, &(0x7f0000000100)=0x9)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./file0\x00')

03:42:00 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2185.553976][ T1847] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2185.561921][ T1847] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2185.569879][ T1847] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2185.577820][ T1847] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2185.585765][ T1847] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:00 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
syz_io_uring_setup(0x6ce0, &(0x7f0000000240)={0x0, 0x0, 0x2}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
chmod(&(0x7f00000001c0)='./file0\x00', 0x40)
pipe(&(0x7f0000000180))
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
r6 = dup(r5)
syz_io_uring_submit(r3, r4, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r6, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd=r7}, 0xf2)
fcntl$getflags(r7, 0x40a)
lsetxattr$security_evm(&(0x7f0000000200)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000300)=@ng={0x4, 0x13, "3e210ffcd7fb322dfefce4"}, 0xd, 0x0)
r8 = dup(r2)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r8, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
openat(r8, &(0x7f00000000c0)='./file0\x00', 0x880, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000340)='.\x00', 0x80000, 0x0)

03:42:00 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x22000000, &(0x7f0000000300)='ramfs\x00')

03:42:00 executing program 4 (fault-call:1 fault-nth:29):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0xfffffff0, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:00 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xc, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:00 executing program 2:
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f00000000c0)={0xffff, 0x29, 0x5, 0x4, 0x7, 0x400, 0x3, 0x10f, 0xffffffffffffffff})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r0, 0x2ff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000140))

[ 2185.946178][ T1878] devpts: called with bogus options
[ 2185.959022][ T1857] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2185.967078][ T1857] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2185.978611][ T1857] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2185.986585][ T1857] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2186.170619][ T1857] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2186.178790][ T1857] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2186.192209][ T1857] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2186.200333][ T1857] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2186.244199][ T1891] FAULT_INJECTION: forcing a failure.
[ 2186.244199][ T1891] name failslab, interval 1, probability 0, space 0, times 0
[ 2186.256909][ T1891] CPU: 0 PID: 1891 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2186.265569][ T1891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2186.275641][ T1891] Call Trace:
[ 2186.278900][ T1891]  dump_stack+0x137/0x19d
[ 2186.283279][ T1891]  should_fail+0x23c/0x250
[ 2186.287686][ T1891]  __should_failslab+0x81/0x90
[ 2186.292473][ T1891]  ? register_for_each_vma+0x372/0x890
[ 2186.297992][ T1891]  should_failslab+0x5/0x20
[ 2186.302474][ T1891]  kmem_cache_alloc_trace+0x49/0x310
[ 2186.307741][ T1891]  ? register_for_each_vma+0x372/0x890
[ 2186.313282][ T1891]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2186.319316][ T1891]  register_for_each_vma+0x372/0x890
[ 2186.324641][ T1891]  __uprobe_register+0x3f4/0x8a0
[ 2186.329559][ T1891]  uprobe_register_refctr+0x29/0x40
[ 2186.334744][ T1891]  probe_event_enable+0x2be/0x7d0
[ 2186.339750][ T1891]  ? __uprobe_trace_func+0x430/0x430
[ 2186.345034][ T1891]  trace_uprobe_register+0x88/0x410
[ 2186.350222][ T1891]  perf_trace_event_init+0x34e/0x790
[ 2186.355516][ T1891]  perf_uprobe_init+0xf5/0x140
[ 2186.360299][ T1891]  perf_uprobe_event_init+0xde/0x140
[ 2186.365578][ T1891]  perf_try_init_event+0x21a/0x400
[ 2186.370683][ T1891]  perf_event_alloc+0xa60/0x1790
[ 2186.375682][ T1891]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2186.381302][ T1891]  ? vfs_write+0x50c/0x770
[ 2186.385699][ T1891]  __x64_sys_perf_event_open+0x63/0x70
[ 2186.391138][ T1891]  do_syscall_64+0x4a/0x90
[ 2186.395542][ T1891]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2186.401612][ T1891] RIP: 0033:0x4665d9
[ 2186.405630][ T1891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2186.425214][ T1891] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2186.433601][ T1891] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:01 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x25000000, &(0x7f0000000300)='ramfs\x00')

03:42:01 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
listxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/23, 0x17)

03:42:01 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0/file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f00000001c0), 0x800040, 0x0)

03:42:01 executing program 3:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:01 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xc00, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2186.441542][ T1891] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2186.449494][ T1891] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2186.457449][ T1891] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2186.465417][ T1891] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:01 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x3f000000, &(0x7f0000000300)='ramfs\x00')

[ 2186.520608][ T1902] devpts: called with bogus options
03:42:01 executing program 2:
shmget$private(0x0, 0x3000, 0x2, &(0x7f0000ffa000/0x3000)=nil)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x114808, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40, 0x10)

03:42:01 executing program 0:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:01 executing program 4 (fault-call:1 fault-nth:30):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:01 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xff0f, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:01 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
chdir(&(0x7f00000000c0)='./file0\x00')

03:42:01 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x40000000, &(0x7f0000000300)='ramfs\x00')

[ 2186.772890][ T1914] devpts: called with bogus options
03:42:01 executing program 0:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:01 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x48000000, &(0x7f0000000300)='ramfs\x00')

03:42:01 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00')
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2186.872456][ T1929] devpts: called with bogus options
[ 2186.900044][ T1901] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2186.908139][ T1901] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2186.919554][ T1901] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2186.927537][ T1901] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2187.116527][ T1901] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2187.124547][ T1901] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2187.139315][ T1901] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2187.143159][ T1940] devpts: called with bogus options
[ 2187.147304][ T1901] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2187.192751][ T1926] FAULT_INJECTION: forcing a failure.
[ 2187.192751][ T1926] name failslab, interval 1, probability 0, space 0, times 0
[ 2187.205373][ T1926] CPU: 1 PID: 1926 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2187.214041][ T1926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2187.224091][ T1926] Call Trace:
[ 2187.227348][ T1926]  dump_stack+0x137/0x19d
[ 2187.231711][ T1926]  should_fail+0x23c/0x250
[ 2187.236185][ T1926]  __should_failslab+0x81/0x90
[ 2187.240928][ T1926]  ? register_for_each_vma+0x372/0x890
[ 2187.246365][ T1926]  should_failslab+0x5/0x20
[ 2187.250844][ T1926]  kmem_cache_alloc_trace+0x49/0x310
[ 2187.256149][ T1926]  ? register_for_each_vma+0x372/0x890
[ 2187.261585][ T1926]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2187.267536][ T1926]  register_for_each_vma+0x372/0x890
[ 2187.272852][ T1926]  __uprobe_register+0x3f4/0x8a0
[ 2187.277794][ T1926]  uprobe_register_refctr+0x29/0x40
[ 2187.283045][ T1926]  probe_event_enable+0x2be/0x7d0
[ 2187.288042][ T1926]  ? __uprobe_trace_func+0x430/0x430
[ 2187.293326][ T1926]  trace_uprobe_register+0x88/0x410
[ 2187.298564][ T1926]  perf_trace_event_init+0x34e/0x790
[ 2187.303819][ T1926]  perf_uprobe_init+0xf5/0x140
[ 2187.308555][ T1926]  perf_uprobe_event_init+0xde/0x140
[ 2187.313847][ T1926]  perf_try_init_event+0x21a/0x400
[ 2187.319076][ T1926]  perf_event_alloc+0xa60/0x1790
[ 2187.323986][ T1926]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2187.329631][ T1926]  ? vfs_write+0x50c/0x770
[ 2187.334015][ T1926]  __x64_sys_perf_event_open+0x63/0x70
[ 2187.339446][ T1926]  do_syscall_64+0x4a/0x90
[ 2187.343835][ T1926]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2187.349700][ T1926] RIP: 0033:0x4665d9
[ 2187.353563][ T1926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2187.373207][ T1926] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2187.381626][ T1926] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:02 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xc0000, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:02 executing program 0:
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:02 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4c000000, &(0x7f0000000300)='ramfs\x00')

03:42:02 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
syz_io_uring_setup(0x6ce0, &(0x7f0000000240)={0x0, 0xb053}, &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000001c0)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r3, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
getsockname(r3, &(0x7f0000000140)=@xdp, &(0x7f00000000c0)=0x80)
flistxattr(r3, &(0x7f0000000200)=""/48, 0x30)

03:42:02 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2187.389577][ T1926] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2187.397569][ T1926] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2187.405530][ T1926] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2187.413480][ T1926] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2187.452113][ T1947] devpts: called with bogus options
03:42:02 executing program 4 (fault-call:1 fault-nth:31):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:02 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x60000000, &(0x7f0000000300)='ramfs\x00')

03:42:02 executing program 3:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:02 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x32)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:02 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00')

03:42:02 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x1000000, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:02 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x68000000, &(0x7f0000000300)='ramfs\x00')

03:42:02 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='bdev\x00', 0x20000, &(0x7f00000001c0)='ramfs\x00')
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2187.756812][ T1969] devpts: called with bogus options
[ 2187.827329][ T1966] FAULT_INJECTION: forcing a failure.
[ 2187.827329][ T1966] name failslab, interval 1, probability 0, space 0, times 0
[ 2187.839950][ T1966] CPU: 0 PID: 1966 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2187.848658][ T1966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2187.858690][ T1966] Call Trace:
[ 2187.861981][ T1966]  dump_stack+0x137/0x19d
[ 2187.866286][ T1966]  should_fail+0x23c/0x250
[ 2187.870673][ T1966]  __should_failslab+0x81/0x90
[ 2187.875423][ T1966]  ? register_for_each_vma+0x372/0x890
[ 2187.880973][ T1966]  should_failslab+0x5/0x20
[ 2187.885451][ T1966]  kmem_cache_alloc_trace+0x49/0x310
[ 2187.890754][ T1966]  ? register_for_each_vma+0x372/0x890
[ 2187.896185][ T1966]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2187.902145][ T1966]  register_for_each_vma+0x372/0x890
[ 2187.907409][ T1966]  __uprobe_register+0x3f4/0x8a0
[ 2187.912345][ T1966]  uprobe_register_refctr+0x29/0x40
[ 2187.917602][ T1966]  probe_event_enable+0x2be/0x7d0
[ 2187.922604][ T1966]  ? __uprobe_trace_func+0x430/0x430
[ 2187.927886][ T1966]  trace_uprobe_register+0x88/0x410
[ 2187.933062][ T1966]  perf_trace_event_init+0x34e/0x790
[ 2187.938320][ T1966]  perf_uprobe_init+0xf5/0x140
[ 2187.943059][ T1966]  perf_uprobe_event_init+0xde/0x140
[ 2187.948327][ T1966]  perf_try_init_event+0x21a/0x400
[ 2187.953433][ T1966]  perf_event_alloc+0xa60/0x1790
[ 2187.958344][ T1966]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2187.963948][ T1966]  ? vfs_write+0x50c/0x770
[ 2187.968339][ T1966]  __x64_sys_perf_event_open+0x63/0x70
[ 2187.973836][ T1966]  do_syscall_64+0x4a/0x90
[ 2187.978302][ T1966]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2187.984197][ T1966] RIP: 0033:0x4665d9
[ 2187.988138][ T1966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2188.007724][ T1966] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2188.016127][ T1966] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2188.024104][ T1966] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2188.032141][ T1966] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2188.040098][ T1966] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2188.048082][ T1966] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:02 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6c000000, &(0x7f0000000300)='ramfs\x00')

03:42:02 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x400000, 0x82)
creat(&(0x7f0000000100)='./file0\x00', 0x42)

03:42:03 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='cpuset\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file0\x00', 0x10a42, 0x40)

[ 2188.079726][ T1980] devpts: called with bogus options
03:42:03 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='aio\x00', 0x1318080, 0x0)

[ 2188.151829][ T1988] devpts: called with bogus options
[ 2188.176747][ T1991] new mount options do not match the existing superblock, will be ignored
[ 2188.458714][ T1962] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2188.466785][ T1962] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2188.478279][ T1962] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2188.486247][ T1962] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:03 executing program 4 (fault-call:1 fault-nth:32):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:03 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xfdfdffff, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:03 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x74000000, &(0x7f0000000300)='ramfs\x00')

03:42:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5423, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:03 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
acct(&(0x7f0000000040)='./file0\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)

03:42:03 executing program 3 (fault-call:6 fault-nth:0):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2188.650574][ T1962] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2188.658761][ T1962] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2188.669889][ T1962] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2188.677857][ T1962] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2188.732705][ T2004] devpts: called with bogus options
[ 2188.744950][ T2006] FAULT_INJECTION: forcing a failure.
[ 2188.744950][ T2006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2188.758054][ T2006] CPU: 0 PID: 2006 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2188.766742][ T2006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2188.776887][ T2006] Call Trace:
[ 2188.780157][ T2006]  dump_stack+0x137/0x19d
[ 2188.784470][ T2006]  should_fail+0x23c/0x250
[ 2188.788875][ T2006]  should_fail_usercopy+0x16/0x20
[ 2188.793877][ T2006]  _copy_from_user+0x1c/0xd0
[ 2188.798455][ T2006]  perf_copy_attr+0x156/0x650
[ 2188.803120][ T2006]  __se_sys_perf_event_open+0xb6/0x2740
[ 2188.808654][ T2006]  ? vfs_write+0x50c/0x770
[ 2188.813046][ T2006]  __x64_sys_perf_event_open+0x63/0x70
[ 2188.818511][ T2006]  do_syscall_64+0x4a/0x90
[ 2188.822930][ T2006]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2188.828810][ T2006] RIP: 0033:0x4665d9
[ 2188.832685][ T2006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2188.852269][ T2006] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2188.860654][ T2006] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2188.868603][ T2006] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
03:42:03 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7a000000, &(0x7f0000000300)='ramfs\x00')

03:42:03 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000001c0)=ANY=[@ANYRES16=r1], 0x410)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x32, &(0x7f00000000c0)=0x400, 0x4)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r2, 0x0)
preadv(r2, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
ioctl$VT_ACTIVATE(r2, 0x5606, 0x80)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2188.876560][ T2006] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2188.884516][ T2006] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2188.892544][ T2006] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2188.931467][ T2008] FAULT_INJECTION: forcing a failure.
[ 2188.931467][ T2008] name failslab, interval 1, probability 0, space 0, times 0
[ 2188.944101][ T2008] CPU: 1 PID: 2008 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2188.952834][ T2008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2188.955892][ T2019] devpts: called with bogus options
[ 2188.962871][ T2008] Call Trace:
[ 2188.962878][ T2008]  dump_stack+0x137/0x19d
[ 2188.975640][ T2008]  should_fail+0x23c/0x250
03:42:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5423, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2188.980052][ T2008]  __should_failslab+0x81/0x90
[ 2188.984968][ T2008]  ? register_for_each_vma+0x372/0x890
[ 2188.990485][ T2008]  should_failslab+0x5/0x20
[ 2188.995039][ T2008]  kmem_cache_alloc_trace+0x49/0x310
[ 2189.000350][ T2008]  ? register_for_each_vma+0x372/0x890
[ 2189.005791][ T2008]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2189.011751][ T2008]  register_for_each_vma+0x372/0x890
[ 2189.017014][ T2008]  __uprobe_register+0x3f4/0x8a0
[ 2189.021955][ T2008]  uprobe_register_refctr+0x29/0x40
[ 2189.027127][ T2008]  probe_event_enable+0x2be/0x7d0
[ 2189.032193][ T2008]  ? __uprobe_trace_func+0x430/0x430
[ 2189.037460][ T2008]  trace_uprobe_register+0x88/0x410
[ 2189.042654][ T2008]  perf_trace_event_init+0x34e/0x790
[ 2189.047936][ T2008]  perf_uprobe_init+0xf5/0x140
[ 2189.052773][ T2008]  perf_uprobe_event_init+0xde/0x140
[ 2189.058030][ T2008]  perf_try_init_event+0x21a/0x400
[ 2189.063174][ T2008]  perf_event_alloc+0xa60/0x1790
[ 2189.068112][ T2008]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2189.073745][ T2008]  ? vfs_write+0x50c/0x770
[ 2189.078145][ T2008]  __x64_sys_perf_event_open+0x63/0x70
[ 2189.083579][ T2008]  do_syscall_64+0x4a/0x90
[ 2189.087973][ T2008]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2189.093911][ T2008] RIP: 0033:0x4665d9
[ 2189.097790][ T2008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2189.117384][ T2008] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:04 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x8cffffff, &(0x7f0000000300)='ramfs\x00')

03:42:04 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x28, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x40800, 0x84)
statx(r0, &(0x7f0000000140)='./file0\x00', 0x100, 0x80, &(0x7f0000000180))

03:42:04 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xff0f0000, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2189.125788][ T2008] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2189.133734][ T2008] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2189.141677][ T2008] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2189.149690][ T2008] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2189.157633][ T2008] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2189.258291][ T1999] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2189.266451][ T1999] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2189.278291][ T1999] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2189.286282][ T1999] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:04 executing program 4 (fault-call:1 fault-nth:33):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:04 executing program 3 (fault-call:6 fault-nth:1):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5423, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:04 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x4)

03:42:04 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xc0ed0000, &(0x7f0000000300)='ramfs\x00')

03:42:04 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0xfffffdfd, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2189.461095][ T1999] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2189.469184][ T1999] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2189.480213][ T1999] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2189.488176][ T1999] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:04 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000380)={[0x61]}, 0x8, 0x80000)
r1 = openat(r0, &(0x7f0000000000)='/proc/self/exe\x00', 0x351480, 0x0)
fcntl$setstatus(r1, 0x4, 0x2800)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r1, 0x0)
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000240), &(0x7f0000000280)=ANY=[@ANYBLOB="00fb8205086343f6b5ae7178f512fd62eaf1c69915f04e37f56bb0f8455cdff631c8145f7055c5f6288dd4eb3cbc6ca5f1c4b76dce014017e225b6282c7d86ac73dff48ed5d52e28a8b007ed1a73e275a2aa710303c6ba3b95952d1543cb1fcabce52b6a9c8abb412793380db1478fdf1d75a5d9898653e44ba3215655496ae892a0"], 0x82, 0x0)
preadv(r1, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
readlinkat(r1, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/214, 0xd6)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x8)
chmod(&(0x7f0000000340)='./file0\x00', 0x0)

03:42:04 executing program 0 (fault-call:4 fault-nth:0):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2189.549212][ T2042] devpts: called with bogus options
[ 2189.564032][ T2042] devpts: called with bogus options
[ 2189.569286][ T2045] FAULT_INJECTION: forcing a failure.
[ 2189.569286][ T2045] name failslab, interval 1, probability 0, space 0, times 0
[ 2189.581887][ T2045] CPU: 1 PID: 2045 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2189.590619][ T2045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2189.600728][ T2045] Call Trace:
[ 2189.603991][ T2045]  dump_stack+0x137/0x19d
[ 2189.608317][ T2045]  should_fail+0x23c/0x250
[ 2189.612718][ T2045]  __should_failslab+0x81/0x90
[ 2189.617538][ T2045]  ? register_for_each_vma+0x372/0x890
[ 2189.622999][ T2045]  should_failslab+0x5/0x20
[ 2189.627591][ T2045]  kmem_cache_alloc_trace+0x49/0x310
[ 2189.631846][ T2052] FAULT_INJECTION: forcing a failure.
[ 2189.631846][ T2052] name failslab, interval 1, probability 0, space 0, times 0
[ 2189.632856][ T2045]  ? register_for_each_vma+0x372/0x890
[ 2189.650850][ T2045]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2189.656843][ T2045]  register_for_each_vma+0x372/0x890
[ 2189.662121][ T2045]  __uprobe_register+0x3f4/0x8a0
[ 2189.667111][ T2045]  uprobe_register_refctr+0x29/0x40
[ 2189.672307][ T2045]  probe_event_enable+0x2be/0x7d0
[ 2189.677375][ T2045]  ? __uprobe_trace_func+0x430/0x430
[ 2189.682646][ T2045]  trace_uprobe_register+0x88/0x410
[ 2189.687865][ T2045]  perf_trace_event_init+0x34e/0x790
[ 2189.693155][ T2045]  perf_uprobe_init+0xf5/0x140
[ 2189.697920][ T2045]  perf_uprobe_event_init+0xde/0x140
[ 2189.703253][ T2045]  perf_try_init_event+0x21a/0x400
[ 2189.708342][ T2045]  perf_event_alloc+0xa60/0x1790
[ 2189.713292][ T2045]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2189.718899][ T2045]  ? vfs_write+0x50c/0x770
[ 2189.723286][ T2045]  __x64_sys_perf_event_open+0x63/0x70
[ 2189.728802][ T2045]  do_syscall_64+0x4a/0x90
[ 2189.733215][ T2045]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2189.739088][ T2045] RIP: 0033:0x4665d9
[ 2189.742998][ T2045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2189.762578][ T2045] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2189.770983][ T2045] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2189.778992][ T2045] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2189.786939][ T2045] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2189.794888][ T2045] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2189.802926][ T2045] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2189.810884][ T2052] CPU: 0 PID: 2052 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2189.819576][ T2052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2189.829619][ T2052] Call Trace:
[ 2189.832886][ T2052]  dump_stack+0x137/0x19d
[ 2189.837199][ T2052]  should_fail+0x23c/0x250
[ 2189.841593][ T2052]  __should_failslab+0x81/0x90
[ 2189.846342][ T2052]  should_failslab+0x5/0x20
[ 2189.850824][ T2052]  kmem_cache_alloc_node+0x58/0x2b0
[ 2189.856131][ T2052]  ? cred_has_capability+0x1af/0x210
[ 2189.861475][ T2052]  ? perf_event_alloc+0x160/0x1790
[ 2189.866622][ T2052]  perf_event_alloc+0x160/0x1790
[ 2189.871551][ T2052]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2189.877170][ T2052]  ? vfs_write+0x50c/0x770
[ 2189.881598][ T2052]  __x64_sys_perf_event_open+0x63/0x70
[ 2189.887044][ T2052]  do_syscall_64+0x4a/0x90
[ 2189.891480][ T2052]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2189.897402][ T2052] RIP: 0033:0x4665d9
[ 2189.901277][ T2052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2189.920866][ T2052] RSP: 002b:00007fb6293ba188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2189.929256][ T2052] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9
[ 2189.937241][ T2052] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
03:42:04 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xdaffffff, &(0x7f0000000300)='ramfs\x00')

03:42:04 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:04 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:04 executing program 3 (fault-call:6 fault-nth:2):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2189.945215][ T2052] RBP: 00007fb6293ba1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2189.953224][ T2052] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2189.961180][ T2052] R13: 00007ffcba864c8f R14: 00007fb6293ba300 R15: 0000000000022000
[ 2190.053950][ T2066] FAULT_INJECTION: forcing a failure.
[ 2190.053950][ T2066] name failslab, interval 1, probability 0, space 0, times 0
[ 2190.066746][ T2066] CPU: 0 PID: 2066 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2190.075415][ T2066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2190.085463][ T2066] Call Trace:
[ 2190.088734][ T2066]  dump_stack+0x137/0x19d
[ 2190.093054][ T2066]  should_fail+0x23c/0x250
[ 2190.097449][ T2066]  ? perf_uprobe_init+0x45/0x140
[ 2190.102374][ T2066]  __should_failslab+0x81/0x90
[ 2190.107151][ T2066]  should_failslab+0x5/0x20
[ 2190.111633][ T2066]  __kmalloc_track_caller+0x64/0x340
[ 2190.116932][ T2066]  ? strnlen_user+0x137/0x1c0
[ 2190.121622][ T2066]  strndup_user+0x73/0x120
[ 2190.126034][ T2066]  perf_uprobe_init+0x45/0x140
[ 2190.130855][ T2066]  perf_uprobe_event_init+0xde/0x140
[ 2190.136134][ T2066]  perf_try_init_event+0x21a/0x400
[ 2190.141264][ T2066]  perf_event_alloc+0xa60/0x1790
[ 2190.146304][ T2066]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2190.151978][ T2066]  ? vfs_write+0x50c/0x770
[ 2190.156390][ T2066]  __x64_sys_perf_event_open+0x63/0x70
[ 2190.161825][ T2066]  do_syscall_64+0x4a/0x90
[ 2190.166248][ T2066]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2190.172216][ T2066] RIP: 0033:0x4665d9
[ 2190.176121][ T2066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2190.176337][ T2041] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2190.195746][ T2066] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2190.195766][ T2066] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2190.195775][ T2066] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2190.195784][ T2066] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2190.195793][ T2066] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2190.195802][ T2066] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2190.251906][ T2041] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2190.263131][ T2041] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2190.271115][ T2041] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:05 executing program 4 (fault-call:1 fault-nth:34):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:05 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xc0, 0x2)

03:42:05 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xf6ffffff, &(0x7f0000000300)='ramfs\x00')

03:42:05 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xc, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:05 executing program 3 (fault-call:6 fault-nth:3):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2190.453757][ T2041] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2190.461840][ T2041] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2190.472925][ T2041] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2190.480916][ T2041] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:05 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xfeffffff, &(0x7f0000000300)='ramfs\x00')

03:42:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:05 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x164)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(r0, &(0x7f0000000140)='./file0\x00', 0x44)

[ 2190.549520][ T2084] FAULT_INJECTION: forcing a failure.
[ 2190.549520][ T2084] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2190.562644][ T2084] CPU: 1 PID: 2084 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2190.571345][ T2084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2190.581383][ T2084] Call Trace:
[ 2190.584650][ T2084]  dump_stack+0x137/0x19d
[ 2190.588974][ T2084]  should_fail+0x23c/0x250
[ 2190.593419][ T2084]  should_fail_usercopy+0x16/0x20
[ 2190.598431][ T2084]  _copy_from_user+0x1c/0xd0
[ 2190.603005][ T2084]  strndup_user+0xb0/0x120
[ 2190.607405][ T2084]  perf_uprobe_init+0x45/0x140
[ 2190.612234][ T2084]  perf_uprobe_event_init+0xde/0x140
[ 2190.617500][ T2084]  perf_try_init_event+0x21a/0x400
[ 2190.622658][ T2084]  perf_event_alloc+0xa60/0x1790
[ 2190.627576][ T2084]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2190.633187][ T2084]  ? vfs_write+0x50c/0x770
[ 2190.637589][ T2084]  __x64_sys_perf_event_open+0x63/0x70
[ 2190.643028][ T2084]  do_syscall_64+0x4a/0x90
[ 2190.647508][ T2084]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2190.653432][ T2084] RIP: 0033:0x4665d9
[ 2190.657361][ T2084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2190.676954][ T2084] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2190.685345][ T2084] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x20000200, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:05 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
fspick(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2190.693309][ T2084] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2190.701266][ T2084] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2190.709297][ T2084] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2190.717253][ T2084] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:05 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2190.749153][ T2081] FAULT_INJECTION: forcing a failure.
[ 2190.749153][ T2081] name failslab, interval 1, probability 0, space 0, times 0
[ 2190.761758][ T2081] CPU: 1 PID: 2081 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2190.770421][ T2081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2190.780457][ T2081] Call Trace:
[ 2190.783717][ T2081]  dump_stack+0x137/0x19d
[ 2190.788034][ T2081]  should_fail+0x23c/0x250
[ 2190.792472][ T2081]  __should_failslab+0x81/0x90
[ 2190.797220][ T2081]  ? register_for_each_vma+0x372/0x890
[ 2190.802652][ T2081]  should_failslab+0x5/0x20
[ 2190.807125][ T2081]  kmem_cache_alloc_trace+0x49/0x310
[ 2190.812383][ T2081]  ? register_for_each_vma+0x372/0x890
[ 2190.817816][ T2081]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2190.823835][ T2081]  register_for_each_vma+0x372/0x890
[ 2190.829101][ T2081]  __uprobe_register+0x3f4/0x8a0
[ 2190.834074][ T2081]  uprobe_register_refctr+0x29/0x40
[ 2190.839263][ T2081]  probe_event_enable+0x2be/0x7d0
[ 2190.844265][ T2081]  ? __uprobe_trace_func+0x430/0x430
[ 2190.849531][ T2081]  trace_uprobe_register+0x88/0x410
[ 2190.854714][ T2081]  perf_trace_event_init+0x34e/0x790
[ 2190.859986][ T2081]  perf_uprobe_init+0xf5/0x140
[ 2190.864721][ T2081]  perf_uprobe_event_init+0xde/0x140
[ 2190.869976][ T2081]  perf_try_init_event+0x21a/0x400
[ 2190.875118][ T2081]  perf_event_alloc+0xa60/0x1790
[ 2190.880042][ T2081]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2190.885687][ T2081]  ? vfs_write+0x50c/0x770
[ 2190.890079][ T2081]  __x64_sys_perf_event_open+0x63/0x70
[ 2190.895535][ T2081]  do_syscall_64+0x4a/0x90
[ 2190.899931][ T2081]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2190.905915][ T2081] RIP: 0033:0x4665d9
[ 2190.909784][ T2081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2190.929376][ T2081] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2190.937756][ T2081] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2190.945708][ T2081] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2190.953711][ T2081] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2190.961663][ T2081] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2190.969605][ T2081] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2191.062018][ T2078] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2191.069997][ T2078] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2191.081188][ T2078] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2191.089158][ T2078] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:06 executing program 4 (fault-call:1 fault-nth:35):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:06 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xc00, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:06 executing program 3 (fault-call:6 fault-nth:4):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:06 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xff030000, &(0x7f0000000300)='ramfs\x00')

03:42:06 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000200)=@sr0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='v7\x00', 0x2800, &(0x7f0000000240)='ramfs\x00\xec\xd7oei\xdb\x12\x1bw\b\xba\xe7\xba\xac\xc4\x8fOF\x9f\xcd\x11\x06\xff\xce\xa4\xcci\x8dY\"\xed\xf9\xb6\xba\x88s$\xd1\xe33\xbeb\xa8a\xa3Q&\x1br\x0f\xbe\xbda\xb2z.\xe1\xc3\xe7 \v\xad\x80\x86E\xd8{6\xcd\xf0\x8e$\xc5\x96\xd6i\xd0=h\xfc\xe3\x18\xe1 \xa0\xcf \xfa\x81s\x06\x80T\xc8[\xff7s\xd28\x9b\x04\xf4c\xeeH\x81\'k\x81\x86N\x95\x87w\xc19)\xa7\xad\xd3\xc9?\xb3@\xb7\xeeY\x8b\xf2E\xde\xe7\xa5\xfbq\xb6\xe1\xc5\x1d\xc1\xae\xc6\x1d\xb19\x03\xc8\xff}z\xbb\x95owK\x9cF')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2191.247124][ T2078] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2191.255110][ T2078] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2191.266772][ T2078] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2191.274806][ T2078] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:06 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xff0f0000, &(0x7f0000000300)='ramfs\x00')

03:42:06 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

[ 2191.337477][ T2122] FAULT_INJECTION: forcing a failure.
[ 2191.337477][ T2122] name failslab, interval 1, probability 0, space 0, times 0
[ 2191.350260][ T2122] CPU: 1 PID: 2122 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2191.359008][ T2122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2191.359320][ T2123] FAULT_INJECTION: forcing a failure.
[ 2191.359320][ T2123] name failslab, interval 1, probability 0, space 0, times 0
[ 2191.369051][ T2122] Call Trace:
[ 2191.369059][ T2122]  dump_stack+0x137/0x19d
[ 2191.369079][ T2122]  should_fail+0x23c/0x250
[ 2191.393566][ T2122]  ? getname_kernel+0x37/0x1d0
[ 2191.398403][ T2122]  __should_failslab+0x81/0x90
[ 2191.403161][ T2122]  should_failslab+0x5/0x20
[ 2191.407657][ T2122]  kmem_cache_alloc+0x46/0x2f0
[ 2191.412414][ T2122]  getname_kernel+0x37/0x1d0
[ 2191.416994][ T2122]  kern_path+0x19/0x40
[ 2191.421037][ T2122]  create_local_trace_uprobe+0x3f/0x3c0
[ 2191.426603][ T2122]  perf_uprobe_init+0xbe/0x140
[ 2191.431405][ T2122]  perf_uprobe_event_init+0xde/0x140
[ 2191.436700][ T2122]  perf_try_init_event+0x21a/0x400
[ 2191.441834][ T2122]  perf_event_alloc+0xa60/0x1790
[ 2191.446750][ T2122]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2191.452355][ T2122]  ? vfs_write+0x50c/0x770
[ 2191.456745][ T2122]  __x64_sys_perf_event_open+0x63/0x70
[ 2191.462177][ T2122]  do_syscall_64+0x4a/0x90
[ 2191.466588][ T2122]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2191.472460][ T2122] RIP: 0033:0x4665d9
[ 2191.476325][ T2122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2191.495905][ T2122] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2191.504293][ T2122] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2191.512239][ T2122] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2191.520180][ T2122] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2191.528124][ T2122] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
03:42:06 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2191.536070][ T2122] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2191.544037][ T2123] CPU: 0 PID: 2123 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2191.552698][ T2123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2191.562748][ T2123] Call Trace:
[ 2191.566015][ T2123]  dump_stack+0x137/0x19d
[ 2191.570336][ T2123]  should_fail+0x23c/0x250
[ 2191.574795][ T2123]  __should_failslab+0x81/0x90
[ 2191.579545][ T2123]  ? register_for_each_vma+0x372/0x890
[ 2191.585106][ T2123]  should_failslab+0x5/0x20
[ 2191.589597][ T2123]  kmem_cache_alloc_trace+0x49/0x310
[ 2191.594858][ T2123]  ? register_for_each_vma+0x372/0x890
[ 2191.600306][ T2123]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2191.606293][ T2123]  register_for_each_vma+0x372/0x890
[ 2191.611572][ T2123]  __uprobe_register+0x3f4/0x8a0
[ 2191.616518][ T2123]  uprobe_register_refctr+0x29/0x40
[ 2191.621777][ T2123]  probe_event_enable+0x2be/0x7d0
[ 2191.626774][ T2123]  ? __uprobe_trace_func+0x430/0x430
[ 2191.632066][ T2123]  trace_uprobe_register+0x88/0x410
[ 2191.637307][ T2123]  perf_trace_event_init+0x34e/0x790
[ 2191.642619][ T2123]  perf_uprobe_init+0xf5/0x140
[ 2191.647373][ T2123]  perf_uprobe_event_init+0xde/0x140
[ 2191.652700][ T2123]  perf_try_init_event+0x21a/0x400
[ 2191.657791][ T2123]  perf_event_alloc+0xa60/0x1790
[ 2191.662696][ T2123]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2191.668368][ T2123]  ? vfs_write+0x50c/0x770
[ 2191.672763][ T2123]  __x64_sys_perf_event_open+0x63/0x70
[ 2191.678192][ T2123]  do_syscall_64+0x4a/0x90
[ 2191.682594][ T2123]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2191.688463][ T2123] RIP: 0033:0x4665d9
[ 2191.692330][ T2123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2191.711916][ T2123] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2191.720295][ T2123] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2191.728248][ T2123] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
03:42:06 executing program 3 (fault-call:6 fault-nth:5):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:06 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xff0f, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2191.736192][ T2123] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2191.744143][ T2123] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2191.752086][ T2123] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:06 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xffffff7f, &(0x7f0000000300)='ramfs\x00')

[ 2191.852237][ T2146] FAULT_INJECTION: forcing a failure.
[ 2191.852237][ T2146] name failslab, interval 1, probability 0, space 0, times 0
[ 2191.864862][ T2146] CPU: 0 PID: 2146 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2191.869654][ T2114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2191.873575][ T2146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2191.873584][ T2146] Call Trace:
[ 2191.873589][ T2146]  dump_stack+0x137/0x19d
[ 2191.881560][ T2114] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2191.891589][ T2146]  should_fail+0x23c/0x250
[ 2191.891608][ T2146]  __should_failslab+0x81/0x90
[ 2191.897017][ T2114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2191.899184][ T2146]  ? proc_self_get_link+0x90/0x100
[ 2191.899200][ T2146]  should_failslab+0x5/0x20
[ 2191.910202][ T2114] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2191.914590][ T2146]  kmem_cache_alloc_trace+0x49/0x310
[ 2191.953185][ T2146]  proc_self_get_link+0x90/0x100
[ 2191.958104][ T2146]  ? proc_setup_self+0x1d0/0x1d0
[ 2191.963081][ T2146]  step_into+0x9b4/0xec0
[ 2191.967351][ T2146]  walk_component+0x190/0x350
[ 2191.972007][ T2146]  link_path_walk+0x4ba/0x780
[ 2191.976672][ T2146]  path_lookupat+0x7b/0x570
[ 2191.981158][ T2146]  filename_lookup+0xff/0x390
[ 2191.985827][ T2146]  ? kmem_cache_alloc+0x201/0x2f0
[ 2191.990922][ T2146]  ? getname_kernel+0x37/0x1d0
[ 2191.995672][ T2146]  kern_path+0x2e/0x40
[ 2191.999743][ T2146]  create_local_trace_uprobe+0x3f/0x3c0
[ 2192.005400][ T2146]  perf_uprobe_init+0xbe/0x140
[ 2192.010147][ T2146]  perf_uprobe_event_init+0xde/0x140
[ 2192.015415][ T2146]  perf_try_init_event+0x21a/0x400
[ 2192.020578][ T2146]  perf_event_alloc+0xa60/0x1790
[ 2192.025500][ T2146]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2192.031116][ T2146]  ? vfs_write+0x50c/0x770
[ 2192.035515][ T2146]  __x64_sys_perf_event_open+0x63/0x70
[ 2192.040971][ T2146]  do_syscall_64+0x4a/0x90
[ 2192.045450][ T2146]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2192.051400][ T2146] RIP: 0033:0x4665d9
[ 2192.055281][ T2146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2192.074954][ T2146] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2192.083342][ T2146] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2192.091289][ T2146] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2192.099245][ T2146] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2192.107207][ T2146] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2192.115151][ T2146] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:07 executing program 4 (fault-call:1 fault-nth:36):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:07 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x202000, 0xc0)

03:42:07 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xc0000, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:07 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xffffff8c, &(0x7f0000000300)='ramfs\x00')

[ 2192.191245][ T2114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2192.199232][ T2114] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2192.210369][ T2114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2192.218339][ T2114] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:07 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xffffffda, &(0x7f0000000300)='ramfs\x00')

03:42:07 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount(&(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='securityfs\x00', 0x2082002, 0x0)

03:42:07 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x1000000, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x10, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2192.557785][ T2159] FAULT_INJECTION: forcing a failure.
[ 2192.557785][ T2159] name failslab, interval 1, probability 0, space 0, times 0
[ 2192.570417][ T2159] CPU: 0 PID: 2159 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2192.579075][ T2159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2192.589160][ T2159] Call Trace:
[ 2192.592447][ T2159]  dump_stack+0x137/0x19d
[ 2192.596825][ T2159]  should_fail+0x23c/0x250
[ 2192.601218][ T2159]  __should_failslab+0x81/0x90
[ 2192.605975][ T2159]  ? register_for_each_vma+0x372/0x890
[ 2192.611430][ T2159]  should_failslab+0x5/0x20
[ 2192.615919][ T2159]  kmem_cache_alloc_trace+0x49/0x310
[ 2192.621222][ T2159]  ? register_for_each_vma+0x372/0x890
[ 2192.626673][ T2159]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2192.632656][ T2159]  register_for_each_vma+0x372/0x890
[ 2192.637999][ T2159]  __uprobe_register+0x3f4/0x8a0
[ 2192.642925][ T2159]  uprobe_register_refctr+0x29/0x40
[ 2192.648125][ T2159]  probe_event_enable+0x2be/0x7d0
[ 2192.653174][ T2159]  ? __uprobe_trace_func+0x430/0x430
[ 2192.658461][ T2159]  trace_uprobe_register+0x88/0x410
[ 2192.663668][ T2159]  perf_trace_event_init+0x34e/0x790
[ 2192.668939][ T2159]  perf_uprobe_init+0xf5/0x140
[ 2192.673689][ T2159]  perf_uprobe_event_init+0xde/0x140
[ 2192.678957][ T2159]  perf_try_init_event+0x21a/0x400
[ 2192.684049][ T2159]  perf_event_alloc+0xa60/0x1790
[ 2192.688966][ T2159]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2192.694579][ T2159]  ? vfs_write+0x50c/0x770
[ 2192.698986][ T2159]  __x64_sys_perf_event_open+0x63/0x70
[ 2192.704504][ T2159]  do_syscall_64+0x4a/0x90
[ 2192.708929][ T2159]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2192.714807][ T2159] RIP: 0033:0x4665d9
[ 2192.718682][ T2159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2192.738408][ T2159] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2192.746804][ T2159] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:07 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0xd8, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:07 executing program 3 (fault-call:6 fault-nth:6):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:07 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xff, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2192.754778][ T2159] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2192.762719][ T2159] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2192.770664][ T2159] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2192.778634][ T2159] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2192.834103][ T2189] FAULT_INJECTION: forcing a failure.
[ 2192.834103][ T2189] name failslab, interval 1, probability 0, space 0, times 0
[ 2192.846776][ T2189] CPU: 0 PID: 2189 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2192.849912][ T2154] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2192.855479][ T2189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2192.855490][ T2189] Call Trace:
[ 2192.855496][ T2189]  dump_stack+0x137/0x19d
[ 2192.863460][ T2154] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2192.873592][ T2189]  should_fail+0x23c/0x250
[ 2192.873614][ T2189]  __should_failslab+0x81/0x90
[ 2192.878838][ T2154] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2192.881170][ T2189]  ? create_local_trace_uprobe+0xa9/0x3c0
[ 2192.892175][ T2154] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2192.896547][ T2189]  should_failslab+0x5/0x20
[ 2192.896560][ T2189]  kmem_cache_alloc_trace+0x49/0x310
[ 2192.935659][ T2189]  create_local_trace_uprobe+0xa9/0x3c0
[ 2192.941191][ T2189]  perf_uprobe_init+0xbe/0x140
[ 2192.945934][ T2189]  perf_uprobe_event_init+0xde/0x140
[ 2192.951216][ T2189]  perf_try_init_event+0x21a/0x400
[ 2192.956368][ T2189]  perf_event_alloc+0xa60/0x1790
[ 2192.961281][ T2189]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2192.966895][ T2189]  ? vfs_write+0x50c/0x770
[ 2192.971290][ T2189]  __x64_sys_perf_event_open+0x63/0x70
[ 2192.976868][ T2189]  do_syscall_64+0x4a/0x90
[ 2192.981349][ T2189]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2192.987221][ T2189] RIP: 0033:0x4665d9
[ 2192.991108][ T2189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2193.010774][ T2189] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2193.019172][ T2189] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2193.027170][ T2189] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2193.035198][ T2189] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2193.043198][ T2189] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2193.051140][ T2189] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2193.059187][ T2189] trace_uprobe: Failed to allocate trace_uprobe.(-12)
03:42:08 executing program 4 (fault-call:1 fault-nth:37):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:08 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xfffffff6, &(0x7f0000000300)='ramfs\x00')

03:42:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xfdfdffff, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:08 executing program 2:
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:08 executing program 3 (fault-call:6 fault-nth:7):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:08 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2193.129721][ T2154] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2193.137809][ T2154] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2193.148853][ T2154] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2193.156845][ T2154] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2193.217343][ T2203] FAULT_INJECTION: forcing a failure.
[ 2193.217343][ T2203] name failslab, interval 1, probability 0, space 0, times 0
[ 2193.223428][ T2204] FAULT_INJECTION: forcing a failure.
[ 2193.223428][ T2204] name failslab, interval 1, probability 0, space 0, times 0
[ 2193.230146][ T2203] CPU: 1 PID: 2203 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2193.251335][ T2203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2193.261391][ T2203] Call Trace:
[ 2193.264645][ T2203]  dump_stack+0x137/0x19d
[ 2193.268951][ T2203]  should_fail+0x23c/0x250
[ 2193.273339][ T2203]  ? kzalloc+0x16/0x20
[ 2193.277404][ T2203]  __should_failslab+0x81/0x90
[ 2193.282144][ T2203]  should_failslab+0x5/0x20
[ 2193.286623][ T2203]  __kmalloc+0x66/0x340
[ 2193.290842][ T2203]  kzalloc+0x16/0x20
[ 2193.294713][ T2203]  trace_probe_init+0x41/0x250
[ 2193.299491][ T2203]  create_local_trace_uprobe+0xd1/0x3c0
[ 2193.305030][ T2203]  perf_uprobe_init+0xbe/0x140
[ 2193.309795][ T2203]  perf_uprobe_event_init+0xde/0x140
[ 2193.315118][ T2203]  perf_try_init_event+0x21a/0x400
[ 2193.320209][ T2203]  perf_event_alloc+0xa60/0x1790
[ 2193.325142][ T2203]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2193.330778][ T2203]  ? vfs_write+0x50c/0x770
[ 2193.335173][ T2203]  __x64_sys_perf_event_open+0x63/0x70
[ 2193.340611][ T2203]  do_syscall_64+0x4a/0x90
[ 2193.345005][ T2203]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2193.350976][ T2203] RIP: 0033:0x4665d9
[ 2193.354847][ T2203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2193.374493][ T2203] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2193.382939][ T2203] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2193.390891][ T2203] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2193.398893][ T2203] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2193.406836][ T2203] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
03:42:08 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xfffffffe, &(0x7f0000000300)='ramfs\x00')

[ 2193.414779][ T2203] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2193.422756][ T2203] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2193.422740][ T2204] CPU: 0 PID: 2204 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2193.438131][ T2204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2193.448171][ T2204] Call Trace:
[ 2193.451456][ T2204]  dump_stack+0x137/0x19d
[ 2193.455781][ T2204]  should_fail+0x23c/0x250
[ 2193.460184][ T2204]  __should_failslab+0x81/0x90
[ 2193.464935][ T2204]  ? register_for_each_vma+0x372/0x890
[ 2193.470469][ T2204]  should_failslab+0x5/0x20
[ 2193.474973][ T2204]  kmem_cache_alloc_trace+0x49/0x310
[ 2193.480253][ T2204]  ? register_for_each_vma+0x372/0x890
[ 2193.485727][ T2204]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2193.491701][ T2204]  register_for_each_vma+0x372/0x890
[ 2193.496979][ T2204]  __uprobe_register+0x3f4/0x8a0
[ 2193.501972][ T2204]  uprobe_register_refctr+0x29/0x40
[ 2193.507162][ T2204]  probe_event_enable+0x2be/0x7d0
[ 2193.512311][ T2204]  ? __uprobe_trace_func+0x430/0x430
[ 2193.517590][ T2204]  trace_uprobe_register+0x88/0x410
[ 2193.522811][ T2204]  perf_trace_event_init+0x34e/0x790
[ 2193.528087][ T2204]  perf_uprobe_init+0xf5/0x140
[ 2193.532837][ T2204]  perf_uprobe_event_init+0xde/0x140
[ 2193.538122][ T2204]  perf_try_init_event+0x21a/0x400
[ 2193.543232][ T2204]  perf_event_alloc+0xa60/0x1790
[ 2193.548144][ T2204]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2193.553829][ T2204]  ? vfs_write+0x50c/0x770
[ 2193.558232][ T2204]  __x64_sys_perf_event_open+0x63/0x70
[ 2193.563673][ T2204]  do_syscall_64+0x4a/0x90
[ 2193.568069][ T2204]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2193.573942][ T2204] RIP: 0033:0x4665d9
[ 2193.577820][ T2204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2193.597404][ T2204] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2193.605805][ T2204] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:08 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:08 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x80)
open(&(0x7f00000000c0)='./file0\x00', 0x400, 0x5)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = dup(r2)
syz_io_uring_submit(r0, r1, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r3, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
r4 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000180), 0x42000, 0x0)
write$binfmt_elf64(r4, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x8, 0x20, 0x1, 0x4, 0x2, 0x3e, 0x1000, 0x7c, 0x40, 0x182, 0xfff, 0x8001, 0x38, 0x1, 0x7, 0x5, 0x1}, [{0x3, 0xffffffff, 0x3, 0x7, 0x29573258, 0x200, 0x1, 0x3}], "b553414ec37d91ee05ba2e6812f3694d68a7903676fa27661718f90fa84ce06e5de816f773a7e920e3d9c72109d55fee05826d2d0c0a5869697b9b1d5e2233d689eb4de2afb29fa1f83aab4e4291aebee2dfd0814efe083e119069d670eb75eed21072c3a3e5edb7119db99b8191d2d3f933a7eed01d514b840e04503fe3cadd70299699a7c929f48768f9f8fa54e2b8e1c968b66b5c305d5ac597d99183ad1fcf1e39e0a1e695ce3b1b7e0d1e1f44dc47d5fb0b0cea2fe62e1bb8277273bb", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xb37)
syz_io_uring_setup(0x6ce0, &(0x7f0000000240), &(0x7f0000002000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
r8 = dup(r7)
syz_io_uring_submit(r5, r6, &(0x7f0000001740)=@IORING_OP_RECVMSG={0xa, 0x5c95d8f2a851f33c, 0x0, r8, 0x0, &(0x7f0000001700)={0x0, 0x0, 0x0}}, 0x0)
dup2(r3, r8)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:08 executing program 3 (fault-call:6 fault-nth:8):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xff0f0000, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2193.613770][ T2204] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2193.621732][ T2204] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2193.629688][ T2204] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2193.637646][ T2204] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:08 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x8000000000, &(0x7f0000000300)='ramfs\x00')

[ 2193.707968][ T2219] FAULT_INJECTION: forcing a failure.
[ 2193.707968][ T2219] name failslab, interval 1, probability 0, space 0, times 0
[ 2193.720560][ T2219] CPU: 0 PID: 2219 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2193.729373][ T2219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2193.739443][ T2219] Call Trace:
[ 2193.742700][ T2219]  dump_stack+0x137/0x19d
[ 2193.747014][ T2219]  should_fail+0x23c/0x250
[ 2193.751499][ T2219]  ? trace_probe_init+0x1bd/0x250
[ 2193.756528][ T2219]  __should_failslab+0x81/0x90
[ 2193.761279][ T2219]  should_failslab+0x5/0x20
[ 2193.765785][ T2219]  __kmalloc_track_caller+0x64/0x340
[ 2193.771148][ T2219]  ? __kmalloc+0x23d/0x340
[ 2193.775548][ T2219]  ? kzalloc+0x16/0x20
[ 2193.779593][ T2219]  kstrdup+0x31/0x70
[ 2193.783501][ T2219]  trace_probe_init+0x1bd/0x250
[ 2193.788365][ T2219]  create_local_trace_uprobe+0xd1/0x3c0
[ 2193.793884][ T2219]  perf_uprobe_init+0xbe/0x140
[ 2193.798661][ T2219]  perf_uprobe_event_init+0xde/0x140
[ 2193.803918][ T2219]  perf_try_init_event+0x21a/0x400
[ 2193.809004][ T2219]  perf_event_alloc+0xa60/0x1790
[ 2193.813961][ T2219]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2193.819565][ T2219]  ? vfs_write+0x50c/0x770
[ 2193.823952][ T2219]  __x64_sys_perf_event_open+0x63/0x70
[ 2193.829382][ T2219]  do_syscall_64+0x4a/0x90
[ 2193.833810][ T2219]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2193.839680][ T2219] RIP: 0033:0x4665d9
[ 2193.843547][ T2219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2193.863268][ T2219] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2193.871652][ T2219] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2193.879610][ T2219] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2193.887553][ T2219] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2193.895526][ T2219] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[ 2193.903578][ T2219] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2193.911647][ T2219] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2193.992103][ T2200] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2194.000104][ T2200] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2194.011658][ T2200] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2194.019636][ T2200] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:09 executing program 4 (fault-call:1 fault-nth:38):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 3 (fault-call:6 fault-nth:9):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
open$dir(&(0x7f0000000200)='./file0\x00', 0x80a00, 0xb1)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x1, &(0x7f00000001c0)='ramfs\x00')
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:09 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xedc000000000, &(0x7f0000000300)='ramfs\x00')

03:42:09 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xfffffdfd, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2194.198395][ T2200] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2194.206453][ T2200] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2194.218004][ T2200] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2194.226021][ T2200] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2194.264946][ T2239] FAULT_INJECTION: forcing a failure.
[ 2194.264946][ T2239] name failslab, interval 1, probability 0, space 0, times 0
[ 2194.277661][ T2239] CPU: 0 PID: 2239 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2194.286331][ T2239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2194.296471][ T2239] Call Trace:
[ 2194.299733][ T2239]  dump_stack+0x137/0x19d
[ 2194.303024][ T2244] nfs4: Unknown parameter 'ramfs'
[ 2194.304085][ T2239]  should_fail+0x23c/0x250
[ 2194.304103][ T2239]  ? trace_probe_init+0x1e1/0x250
[ 2194.309828][ T2244] nfs4: Unknown parameter 'ramfs'
[ 2194.313484][ T2239]  __should_failslab+0x81/0x90
[ 2194.328220][ T2239]  should_failslab+0x5/0x20
[ 2194.332846][ T2239]  __kmalloc_track_caller+0x64/0x340
[ 2194.338121][ T2239]  ? trace_probe_init+0x1bd/0x250
[ 2194.343142][ T2239]  kstrdup+0x31/0x70
[ 2194.347031][ T2239]  trace_probe_init+0x1e1/0x250
[ 2194.351868][ T2239]  create_local_trace_uprobe+0xd1/0x3c0
[ 2194.357398][ T2239]  perf_uprobe_init+0xbe/0x140
[ 2194.362154][ T2239]  perf_uprobe_event_init+0xde/0x140
[ 2194.367460][ T2239]  perf_try_init_event+0x21a/0x400
[ 2194.372581][ T2239]  perf_event_alloc+0xa60/0x1790
[ 2194.377509][ T2239]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2194.383121][ T2239]  ? vfs_write+0x50c/0x770
[ 2194.387531][ T2239]  __x64_sys_perf_event_open+0x63/0x70
[ 2194.393008][ T2239]  do_syscall_64+0x4a/0x90
[ 2194.397405][ T2239]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2194.403379][ T2239] RIP: 0033:0x4665d9
[ 2194.407252][ T2239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2194.426839][ T2239] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2194.435276][ T2239] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2194.443232][ T2239] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2194.451190][ T2239] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
03:42:09 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 2:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff})
ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000140)=0x81)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:09 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2194.459143][ T2239] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2194.467097][ T2239] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2194.475139][ T2239] trace_uprobe: Failed to allocate trace_uprobe.(-12)
[ 2194.493483][ T2248] FAULT_INJECTION: forcing a failure.
[ 2194.493483][ T2248] name failslab, interval 1, probability 0, space 0, times 0
[ 2194.506081][ T2248] CPU: 0 PID: 2248 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2194.514759][ T2248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2194.524793][ T2248] Call Trace:
[ 2194.528065][ T2248]  dump_stack+0x137/0x19d
[ 2194.532376][ T2248]  should_fail+0x23c/0x250
[ 2194.536802][ T2248]  __should_failslab+0x81/0x90
[ 2194.541651][ T2248]  ? register_for_each_vma+0x372/0x890
[ 2194.547097][ T2248]  should_failslab+0x5/0x20
[ 2194.551632][ T2248]  kmem_cache_alloc_trace+0x49/0x310
[ 2194.557005][ T2248]  ? register_for_each_vma+0x372/0x890
03:42:09 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x10, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2194.562451][ T2248]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2194.568464][ T2248]  register_for_each_vma+0x372/0x890
[ 2194.573744][ T2248]  __uprobe_register+0x3f4/0x8a0
[ 2194.578754][ T2248]  uprobe_register_refctr+0x29/0x40
[ 2194.583938][ T2248]  probe_event_enable+0x2be/0x7d0
[ 2194.588996][ T2248]  ? __uprobe_trace_func+0x430/0x430
[ 2194.594307][ T2248]  trace_uprobe_register+0x88/0x410
[ 2194.599482][ T2248]  perf_trace_event_init+0x34e/0x790
[ 2194.604782][ T2248]  perf_uprobe_init+0xf5/0x140
[ 2194.609518][ T2248]  perf_uprobe_event_init+0xde/0x140
[ 2194.614774][ T2248]  perf_try_init_event+0x21a/0x400
[ 2194.619927][ T2248]  perf_event_alloc+0xa60/0x1790
[ 2194.624858][ T2248]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2194.630463][ T2248]  ? vfs_write+0x50c/0x770
[ 2194.634892][ T2248]  __x64_sys_perf_event_open+0x63/0x70
[ 2194.640415][ T2248]  do_syscall_64+0x4a/0x90
[ 2194.644910][ T2248]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2194.650826][ T2248] RIP: 0033:0x4665d9
[ 2194.654701][ T2248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2194.674277][ T2248] RSP: 002b:00007f544ac7b188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2194.682660][ T2248] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9
[ 2194.690613][ T2248] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2194.698587][ T2248] RBP: 00007f544ac7b1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2194.706601][ T2248] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
03:42:09 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x10000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:09 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000000c0)='./file1\x00', 0x10840, 0x5)

[ 2194.714571][ T2248] R13: 00007ffea5eceb1f R14: 00007f544ac7b300 R15: 0000000000022000
[ 2194.812006][ T2242] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2194.820018][ T2242] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2194.831578][ T2242] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2194.839544][ T2242] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:09 executing program 4 (fault-call:1 fault-nth:39):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:09 executing program 3 (fault-call:6 fault-nth:10):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:09 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x100000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:09 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x18601, 0x84)
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1, 0x8, 0x7fffffff)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x8a982)
write$evdev(r1, &(0x7f0000000080)=[{}], 0xfffffdef)
ioctl$EVIOCGREP(r1, 0x80084503, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x8a982)
write$evdev(r2, &(0x7f0000000080)=[{}], 0xfffffdef)
ioctl$EVIOCGSW(r2, 0x8040451b, 0x0)
stat(&(0x7f0000008900)='./bus\x00', &(0x7f0000008940)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008dc0)=[{&(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000140)="2e585869102d216a9bfba9215502b0d6375bfca174426ccd69b2e6af494b98c71354a2a38bf91f10f8948d7bb9e8ded5b2", 0x31}], 0x1, &(0x7f0000000380)=[@rights={{0x1c, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00, 0xee01}}}], 0x60}, {&(0x7f0000000440)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000003780)=[{&(0x7f00000004c0)}, {&(0x7f00000014c0)}, {0x0}, {&(0x7f0000003680)="e0dcceda8a62674ec9143e7392c34d5dd298c15a51a445222565520911a01e8fb3fc383701a84c7a89730f765236dd1cd63dd41e297a804d883c0062f324780eb8405e4d74d5c87c634ade85c5f71a6b75073be42b5000bda9fb06a012cb4f9c43a5375b8f7891dedbe8c27a5f4e34c1c33d6eee7916ec56ac07c3c57991a13dd89fe878fb5d6d490ea29c4f4a0cd99bf1284f6fe4c0113ab8b45c3fd3acf48253154ea2427ccc49c38e78dd61586cf8bffe65656ac36665524460ea6e20e2d392a80c317553f33add5f710007d4541bdc640095cd601b99d53e4e310257aeef550d879d5098f6ff8ac439be9a", 0xed}], 0x4, 0x0, 0x0, 0x20008040}, {&(0x7f0000003840)=@abs, 0x6e, &(0x7f0000003ac0)=[{&(0x7f00000038c0)}, {&(0x7f0000003980)="86dfb0fc04260d595761c79314bbc9760777b318ffcc90014be7b82fdb3e2500457b4569724fb50d798a77c85827082e3b74ca0371e06c774fe6a879c83178fec4cfa66af54a8ef764aea6a49053c9492d254d8171325fa9bf806a10e898aca820d8228d11e042fe730346f55bb428d8936e082d031fca330e802c7ef8d1f740aef80a0a2a4e128f92ceea5472db0209662236ce582edde3447a8d2105a576f4f4f85811d0f252eb2c4b6ca787cb945f8e0d9b30d8e07930d059e4f708a5754d0db98a9959bd960cdb891ca987ea4efd07fff29624a4d489349cf67995ec68e922d900b7c1802eea67686c9d86d3abdac8d7010ccc", 0xf5}, {&(0x7f0000003a80)="4de57851ce1602eb7b0d7dcaac0852e28721", 0x12}], 0x3, &(0x7f0000003d00)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYBLOB="0000000028000040000000000100000002008000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xc8, 0x4801}, {&(0x7f0000003e00)=@file={0x0, './bus\x00'}, 0x6e, &(0x7f0000004480)=[{&(0x7f0000003e80)="324c5095c05fd10bd8db5b562b694d2630f6d15de523954b7dd33ce86a7a203204cc45cd6b34b77dc0204c435214c2cbcb6532030a22750aa62f108722a8c080f85d5caa5bcc84ba2d2ebe7daf36c3b3246d57bcb6b9bc0dfb826d1a939624341c5e1186df74ef4092ee7e65fba1bad0f315c92bad27765285d0f293a4f07aceb2d6524be937de05fa5502bccc5881582a46092096eb6be4855d67d9afb26b38a623323f66743dbedc5adde9525a94c5b0b6a512106e5e", 0xb7}, {&(0x7f0000003f40)="ff41f3bf0715d391d4f24d74372a8c639d92f34df9bf34749ef00db6752a7670224e94c302de19b2b3f606d9a4c37c746e4f6b8d26e3a1f177f576f74ea78fed54f1ad67ad403bd84b11c888cdb86936d6b9dc887f88a5e5ae2d21cda89525cab0a462ba208e950be463c4d85f64e7995120172ba846ad38674caf55c9314c07f64a5282", 0x84}, {&(0x7f0000004000)="f2db83f7b4e46961726d9320c1262476d8351fd78b22ac8e5228de4fe695f943ba0e09dc88921267d4b0edaca891b9b07fa52cec46f865a7641ed8620eb893d78099dc7a22418035d584f33598730544b351c0c3e7d298e7a63009e65dbe1dcca99590d83507ca7760f3005971db0adf7679f849bbb15513cf8a8cd4f0e05ee7f936bb80dcecc5cf9e85d6ff1b07ad2a583329690fec3440c893471a264d23329b1cd529dd77b79d9f598ae4c6ee80f4829ba3e22490f5dacf2ee5fd0164cb7ca5", 0xc1}, {&(0x7f0000004100)}, {&(0x7f00000041c0)="0fe721525207587e44742df5cfaf9f80d57bf116901596ddf3bd0bca15d98263529dd4b774e40bf6183575cfed91beeb6939dcaa30ba0f71455dc706aa899520ad0e05acdf59738fffa5b1f15af81390112f6365eef00c2015a0456d5643c98788baae3bdf904d51c4c38ae920c05af6d861be7f6ede2d2ac3aaadb70ade8c13e91a29d2de3e3b3320bf44ac6b828677304c34af417157e22371358b2eaf203b176c1b", 0xa3}, {&(0x7f0000004280)="24a69ba134cd9cebc926eef00fd2460a566158598f9e3d6f38a0a8c056adff48f65eced056440abca2a831d6ca6aed75e238b7bbccdbb25c676459d4d2458d47b35e1e2f250f72723b8ca27cb4be43684cf266fdc8f6210fef6863b273dfb34d9f44ca6307a035dc72659ac4cb8bb3c475ec9f069a516ba8e4be58619d9ea4e33e752dda52040dd0e88c3fdb30e61f4895f8a3c0c62f7f6c37ead8af32415194d9e8d354155bde2b23719bcf4f85e2b4dd66c49818b6360e4ad454f802fb4c95211606725f623900d9595fbdc178b33f844eaa35", 0xd4}, {&(0x7f0000004380)}], 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c00000000b73a45d86d3d1e97a80800d50dfae1bdfe4ffd5a9bf2da98f7e23e438d7c47c28cbad35bfa8a10ed8bcd03eae153cb8384d4df57f6e64311e4d05e107e45fd2aa946dfaf84e20a2a0e2cf0f2b61e065827640f75198074a3d7a42c126f9f164a1ae94b0a3b82e9f4b875e5419abf02d91c241c27e7b3d1cf1b1f884a8806367c29617dfea0be9ee17cad3d719f199e38022e5b91d559acb12c447f71d6bcc2ae119fac5f6fa0653df495efc0b4eb3307d2437ae404bf4b37c2c8e76eb3f22852768814", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32, @ANYRES32=0xee00, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32], 0x118, 0x80}, {&(0x7f0000004a40)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000006f80)=[{0x0}, {&(0x7f0000004b80)="8052ace8eef9e64f5e1b82dd019e6b0d3d6132955b005dcf9c59db", 0x1b}, {&(0x7f0000004bc0)="617126f7936eeea786dbe0dcee967686835411168a4b978f826775143590721a83bca8b918c1a533e2ebe397865990e8de6933e5c9908556d2523ab446", 0x3d}, {&(0x7f0000004c00)="3fe646e109d9791507f7961984c8eb03c3428775ca9ec607e2b754397c92ceaa547db58ff6296a15277d7d67ba2195f20a9b581216db31202c2fcc4e1da3d9f3f1eb2438b0fa6e36118bdf7c9aa2ccaf1946b77e53f9cbce1f35b995a4a2c3720b3e5279aa6ef877c0a32e22dbab9da77398b96fe85f3ace62bdda160b86b191f29e2039287d5adff8fffe0f921c30b6dfbea378c102e4073513f222ac566762c11e8885f4803ba71e0da8a20e0ab8fbc57d8ff9a0590a5b96f03fcaee9bcc1c4f77361f8e2c4166f7d4afd242cd5e8d03caf8769f8fd299c4cb6f63d6951f3267aa24edf678b7200f203c78c8a911b3f52bbbc86d04763e834ea1eeeda603b55e32c7706b16a9307bc9d5a32ac8663640d278d167310cf6a27bce94712f8f1e010bb8cb2493cf244ad65290f5be71f9cdf9c14884a0089738c767484ea5d3b04a5c46ef381a5081261bf7d1d1ccabed6c5587167ea095ccc5f49e80df542c04ffce29729955a76ff04fe1b947d6c7fb438f8bb41557e8ceb29a27b70fbcd483b09385d9435de95703f380ad973d04d8789bfc1416234c0f0d27e753ab47e202987952cfd44d7fe82a609da7a67ef0d7e7771c711873c461ba978970366aecaa19c7475b58ab59566fe74d5981f67b30e4286a3c2cadba85ee5caaa29b7c7ab01634668eaf447c362c499c2d88b71b009b745144f439fd70043123d3e889752d3347d7a4b767ebc59c9ed17fef8c1211f3bf645ccc6b7478cdd5a45e3c682ad75c3766e7c00eb8e7d77f6a650bf7b3e32f17950462b41536995f0ce3030f422da1871183eeb882f47ad04ec1d937833de43025d6758eeca2bbdb6287e501abebd4b23690eff7b69dc35b0d2248ca58f0478644f3115f5c892644885e4c15811c79f81e81dd806d0f4c3002e2d9a4afde1e08a59bb5757d1687d0419e517131f5c49cd3ac0e855a5d9beca481f678f7fc4850f7a6c89f1b9e1de4f6424a69f1fb1639f0c7df11eb8405e9b9651bd3115f43d33630bb937abc134afe59e033886ecf056292b9868db385ec6c3dbfcc335a6fbaac2890934bb14a1f6b4984ef19dc1f23f946c42fe11c7eadd431dea0843baac24178fec1c281b6dc69bf1bbca961882adef3880dd16c4d7da7e72b9bf52ea154ad067693a87db246e340fb2a2a1a8e54058c7c1ad42557d6d7d58c15c238595d4f7f8864f605431cbf3c68dcede26faba190ed1ebf676b907e8c4f4b37ebbd4d849dc2fcee581892f07f52d7e859fbff516886e083a66079d57e1cbe0e4e153a41a321e617a6d6b3795088ac55fa3b65f8deb505f6a3317ea2136bfc5f9d4a4bb3524da4511f51396c84d6237df6cb71c290fb700f0cedff9e3d181264348aa1ee061fc7e09d1f2ca0c921f057c1f2c8ac7a8da4eb7eaf94f89597e40c0009cb1a79b505969adb6c3f1784a2cecbd3c18a81750f7b7612e7c612c774c701533b9412ba89919cb3081d0a9cca4b9e02f21e9a23571732690435ebb697ec8d8af2660ba04393c0c8f71f4363a64b0c6208e25d4af2c9d5c74f746bf7162bc68fe098f9c5798bd9577ba9c05f0242f680310106e6732993a4149cafc87aeee0a1d3086dfc61978d3c10efbbf57a239323243444ac7be3c5d883f7fb7605ba18709104b41c9c171c056c5cd98e5fecb0d627bd2f5ba4db9277247552880ce9392a603c6d6ca2a8b27e9406881416e7345081dba3490441157a5f5cb54f2e14c47d0f64d4ef57f93550765deb539a2edd2ca923cc868dd62cce210f796ed1cf76c9986462f00bbb724ef1324906c8d9d09ddd7828fe0f63318780ee368f7b9e171cca68522191ae995a0829117bb96fdd3b44037423a50d96856d6d39dead2a8f713922d92d9d142b7c675d151e3e05bb93ed841f912ef719ac3435de0f9600bbc60e3072f096a313f43298f85b11f34ae988265d28a79509862bad8861e33eedb8c1a9ffc8a8f5e06f0ed4b86b72dc760a80c6917bcecee50ae4f71a57eba8c5e7d12aabd854f9960bbbc3f226a11f486c761e80cef1c26ef2dd42e9ee5197450d25a6459452aa1eaf3661dd2f75ee59e5cbf1298c2c0a1443fd2055d44b02a581d51f9e9f375c5aa76bdeae8c378710c4cf78ebb472fe5aae26f47aa962e844186e4c45b39e34ade048729726c3cb0adbc2761a68e7aeedf1f1049d466566241b502fc5cd502fb56af404c55a0c726989df5b63c2309d9b98f8464223e0edfa7f294a223b03432dc326368f2a366e1c571eb4b07e181bc4bf75fcf4fa2a3f0f87ad663a2527c9d286ec4cb980de62d37d5090a6826c0cb6fbbb45606c231247857e9ae0e6ba434811a4364953ac8240dfd75bcd57e0db5ee4a5f98b4f58006668718c67d40e8e96dd2a285bc1a3f70acdca2e749ea129c0e68027bb085167af28046fe3fa59ca19e99c9da1eb314717760f2c8db9bee54e334ce529571d56902ced39ee8b24ba472432b916d0f7de26c9b51acb1983fc35de9e6655b34750f8a1c8839488cb8f04c60aff82d99512be6bd59da8e98e31abd2559bfaa310fdf66b172fe3bc10992d81f77a19b42e99b6a6f6f478c90f65aa14c7a953f46ed1ef79edb34bbbbc65ee12f5e399dc51bd19a3a2f6d1af1230124ed2a0a460f9ac38b5bc80a4bc398b6ab5f1be03bdd4fadcecffd6654a885950527522dc351ff57e9ee5a3b138310566be24ccc019db004d8b88f2be85f351c8b67fde14f67d3cf47a02b0896b6c0b58c541bb18c954149353ed901d95cc283acb120938f1c15ebe19fe3d1f0b42b51ef37e7882cdfb9b51374f61988b8f6350449625fe852a1e00d81f0ff536ae9e555d0804519c33936111f37eb4bc5909c42c1b4d110178bcc6f7f461f21f121908f0a1918df7d390bc6fbf4952864b3a81e109f4eed470da20e4121b32fa93ade0e23332ca709269e2c25d41bc0fc624dc2ba24d4e64b7d31b8bc59593b0266a0d15f375368b7c7e95bef1d967beb916141507708dfbc596d587efe8a96fe3bf105ac16ac6682c0487fb2bd6e88b6a277c5cba8f046923f9152d1bc5a3b5793ec444573a7ce8a8897e5dfa4866e1d6cc9e5f0467efa006d58077d6ab2ec2c82014efec0e084a659a93122eb22fa18730cacdc236b54208639b41ba27b6455e9eae2617cc89165495db0fa9a5c08c17f8b0d938dfe4a6df4321d0d22f4752ced875f57ae078ab076bfdd734ed67d5110c82fb579353a99c9afcd29d5a53c34af0e7ef54770eb4f8838a902669ff9449d2ff88175d9ade5e82b9c1dea343ac5064241e7eaadf201b875130119fd4f0e0e2e12cc85d89e8c72296cffb4bcce1ca0e480ee5b81d4643dd9dd1a591ae16ad5b48ac7b48287edb751f5e428662334dbddd1f148a49220e8401ab2598d138a08f9165f5bc0ed76522709f2b0e93f92498a874d6d4433203da9f0c21948fb31b23528beeaa2eebba97026c1145042347c5df94429e43415e2079236da75b40f2da6fe78f906f02f79e4f5093d36e692df2e6bb8bc6f4893de5509b1720713e9eaff12349f302a90cd234c0b35adef1917db7d5a5f8f9c0a72dceaac391b53ba3978ef4d38fd6f6e7fce50087bd58d3e069d2c4b66f5ca8bd30ede963bbf01feb85bbf9f88d68cf12b79c89ce4574414967c57e019a2a967ab0ba0823762ed30fa1a9bb437d30093e1b60714006d6838f363fe93119f9bd7b2833894eb00826eb8e3a645bf6b9960209d5913297b1c130b64cea3d093ffb0f98e4dfa7940cad6dcf9fe613035eb9fd2e6814c7589365e58171c498bf2ca04048e5cde0e71e5a1d00c44ac22538fa051e6565a1b545b61d293845002436ab694f56f3467803bd395cdae604cf9908d734a8690b17173fff0235315256f99b067f997a277c5fd990aa4ea14a8f2f178253126c60bbd5eb7c62f3495dc6dcaa328a302e09193cb4be2fdcbb3c9599009627a5a455f1537e5cb8877b03dbda3c907b0f14b2b65fdf04aa3695fb6cb2650c5971a81019004ebe99abd3c682a4bd65eec6462e8ed18b3afa40fe5ee6400ad99c808c386bc9fdac8596249bbc2838753cf2945ea7dbe7901131977c84c2965778fbd1e4a1735316d27e8edb69aab2198d9afbfa312cfa942f3f6447d7e79e7ec85ac283ea415c1291ed1e91f32379414e5e7ab49b487347c6ae3a2222a7f4c3d717e119adc9e868660fa902df6b7cd8a3ef0bf650ccf21265d5b48e29a3122089ae9979a8ac507b177cef704df2a78cd9dfce01dd4fb8ce91682aed602d5ebe761ec489ba758372381e25758ec232f1225f3400ef6ef10ecfede2f48cb1974234f741730d3c84799dc41f5a80d7f721104a124cb1314558cca0160c72ddd1dbe0cba2e721208cd1eb66c15beff6f04a5cf489c882589efeb0bdf5c7c82bb08f99af79a10c7f6309f1d0e6f657a6e838a746431deda76d953a7969b371b210345a3c7a51b67bbc5062d6e807d92d80c745615f8cd4c15ed8d2cc761b4439bd69b51668416e7375625aae40fe726e624e38d17d39b1bd51fdbb4c319bc1fd6194a1c09f808a1fd8aa87b0df531bdf231cf660669121d3b477a2ca6ba0bc766e85ad3421a3a812fca95e4f13bdcd25b2aa0568552e865619201afe8ff2ce07f0d6f5eea6269442353a405601ea1a016da6a444ffaca81593843783e04bae89c850578701ea46a58b1a4715ee072a381ae699283dba77cb76e05383c8eff388af2bc979562964f031478efdf26c050ee450745bf21e47fbb036208cb1518a0678435dc854449e6dd501f2f91bbba4725d3bc0c8b893ddc13d93e6ad0d7c90583d0fdd4c9c35706b03261cb67c448dae438b436fef30b095806786f8d155b93f39d938ed72798c237ff884a692f9bf019fab30fb44f613faad6fa3580c263f7c47fecfc509e902af69d693e0e7edc4f9729e87351e465c71afe9dc1e2d6416b2379c18c845070474ea87f631a6d54a6e8ffb20a82f53cfa3a72ce8c297eba56ba37a04c8ec3f6fe268ab0d388f831547483f356fa2426f0889fce87a7823920ec444be855dac75917df994e086c0b62a616b3f627e52b639b7f1f0fca317aa3c59a49432a2e666c7468e5c43f316e29b15880b977a33791cbec3b0b8ea539a64cd5b6f39e4ad94ca6ee95545013f13bdf89ba292c944b28f7ca5efd4eda86c3bb59232023cc6d0613ada5706078d5387794d5aef994d67b6c4d0c633c3ef225f892357e55711513d676bcd4853c04baa8a95cdc1b6f5d12b2230b5796e5b247091395aaa9c517676049e408a4f64cd27b4ef4513e3f7907045a44ffc93599fd52ecddb0187d4c218c111bfc425079196797cfd77541ac9634dbc546c4dea0e07d8451189e99ec6440501db28c1095908badb4c82019efdc0e024f83fd4518077dceaffd4f02c6147b210acc8ce9403b62bbba524167f802a0820c4ff81423625b00f9f61052664b2e2164003b9703c5ce75e0dea61283c80e7618cec35c21dd2720a76b2be0f75ae57ff1ab1a30554080a719f6ee58dc3274fa56c3691b0c9db0d5023a47c0fea3eaac3badddb18e087224eba70bdb39247428e5d20f6fb1603b342c7b019fd3d99fd52cdb99fc8fd06affe7e4a049e0d017487f77f99ddc7c4ede75e22065462a72d1429d03412cd82ab5101133d7a12b30aeb4b4d06dfbc0b37913be14853639496615bcc412108e260713cca32386a4280480a9119df46ca70b26a70f0e13e495bd163e6650decaeb308405680fd9874b4a85ae74f0186a0068aa1566b044d66977304df2c994bf21663201d", 0x1000}, {&(0x7f0000005c00)="11308e2ed92de4473a524383eb2c1af36bb2fe526ad4cbb0c621d1b7ceb4d4ca0bdfcad9d8ee5fdcdfd7eb26f929d00aa52cf59a1b6f4b0a6611a77a19f52d17feaa407a92d43513194dc9f6fc1b5b1e4021e386f2f747da2a464db2a1f63249a22f9abf5ef48554392cb7815c56247ad9d59fd15136", 0x76}, {&(0x7f0000005cc0)="de4d1ce81778a14e8314dd533dda0edc4d8d62f153da5a6736589181d42faf0927645c941ebc64809106b85793dc8375d1ad4d915d516589d0603e742065c20d6079114bd1418a7d7de70eb2dda8f6739d13f432a94c1c293a8f4c9d844dfb74930be7709839cc6e79c0f164a7f1dd655f23f05354e1be7bc0b650bad705f67d4128066b9f55e3d3890b335aa16d7b19cf0dbaf39ae1486897bb236d27972691ebca24346e6defc2e650117c6a455674ca0f56084827d8ec3ed4f2ee0c7b9c862761e5e307342e6d8b39e6afb8c85be52bb8709e79ce", 0xd6}, {&(0x7f0000005dc0)="ab093603709850594071fc765faebd6142373c008d1df0bbc0b82157005eaa8888a8108234f63750f68fa207f9c32f582971d2cf4e11f16c551fdbeb82e74ef05d1a791f429bd26c48077a311634e6ba6b308f", 0x53}, {&(0x7f0000005e40)="32e984e959a5cd2b3b192976b8be607a75c8693a74a3e17fe30f0c29cfe921f058baa97e885e423989092760cccb2de6d8b08f0af466b3b2ba41afcfeafcbc97e05c20e5a82d826d332789ec7320c1aab9433fd9138bedd1ad419187", 0x5c}, {&(0x7f0000005ec0)="da9f05f0ce7867a2429c67e86e215c79d92ce58d285ecf036107b8e2d94a712e97b7e367a5583e30352d6f123e8257de1b266f073925b44fb7d3e5f48e5cf1b5648d9266c4f691488dd9ab0fb927be32cbb49038d058d47dfb521db9bdb1b01c65c56858eab1760934e4d07a8f0032fda9790efce29ca749f8a684b3cff6c2242b2880f2262a6266ed", 0x89}, {&(0x7f0000005f80)="5528542ca4356c452abead3db8c0e51bead95361262dec69a5b686e9236e1384cc4fc7e7fbf59b656fb3279f8cd8d6d9880732e6c6335aa7b7565cba5a21329321072227fcfe340737e07ab21c93f03f80f24ea05c96e2d8f467898470163bd2b5874290981a552ece333a8ad3d2bdf8ea2ae741266cc6a4b8ea5e5c2f5c2abe7995442931d012a303c3ab11ee5fc5a278babfe0c7d5a1789810cf673d2d7632a3caaf1920751c438a96ac9212f4a82fc88f3c2fe311a4b02f3f9153a59aa76e00c1b69322dfa762747ee92c29d54143cadc95e5caf2457b03f48c43eaeb15040ace2d1a62bc3a326741babe310cd00f4e82ef3e7945ff355dc780af7e26140fedb5a57bec860dacab96c8db341d2bc02a8eca37b137d9ce808c4ab4510b6bef51ed4aecb2806e5e651b1534a784b14ac0cddde4d7b6b65487c6b4864915617ee90b3c281e1729ea49bf5020eab34aa365f0553418695353e3236262000cf10ab9a035e972c9dfe953267dbe6a2a816b62398b9ec2829e3f88740165c5ecfc34b0a98a61b6efd601185bcbde403f69538d62b73482ec7a902b6205e49bf787256f44e8a6b87765ab6dfec482227edd451c9f8746f97d9502ecb8181ac6397e94a2e950e7e827507dc3ba2d6300e62c2e004c4b903228cf75dadc212cc891beb06427566f12af7f6edad2f8ee4ba3cdee4e7bfdc5d14524e08ba672f0eba01e0f91a6600a65e84d395b12173782641ba26bdf6b09087fedd2a23dde55b5e02de4e8e8c196eb4170aa27550945066fc528a00209b0b21ad85910db254a1977ff404bf3cb865ee6b298f12f10ac2dcec83074ac2f67519f0a5014ac253d6a6f459fccba1df96984ae7e1190611a22e628dbe30c025b175f32849fd910a12d7eaf4ebb2a2186945ee80ef2af138d3d9bc6853be38f519411968d57751626ff72d28a5bb089b332b6f4b271a61422788b370818bde4453d9a505913f78234995d5192cd5f3020604eab63362642eced833168bf8a2a7754afcb096722175cbf2ba5a5c344767d6145cbd23985ee0f8b8e33366b24071d44b327187ea93a351bc1d570b9fe941d3aee88af76373984e594d0e79eced5431c09997c78ec65bcd229d31b6322738de9afe161518c69082af623f8c17ece8b8831bc739fb498f4301c74d0f7ce1c6b6ced4d409aca9a5656ea874ec23a3144cc5e1b106071de8fd341deb6e61a271bee5e4bb5e6dc875a5b95306f2d96f1ce3043532f0a5b45b2268ed57ac82ef9b4dc85be98a0b50eb726dec8701c980ff83d4ab26fd4a7365da39f1aaf90770bae68befbe04da89600d94916387bb0e4a11c860ad7d6d308152f6a96f0a84da7560e1c84a37f91b5ed5e1ac8b4cc58fdf3a3ff8d33d7378b08d9e9b7e21149ebe1662bb0e4653300589b287f32077b78f869dcd6f7343e6a890713b4a27b53cbc095a95f9517432c5cb4f807f21040448e9bd0f175678f5200be632973d0eeb6be6b6c875d37a64f66a3ff57d467afb3a6b6b825bb3e72b83299e9a6881f18ede03b08a0964698a2e498fe0bc34cf494eeb191cdd8e70dbb86f775f919f52245962d1997762277a860f4eee44a9551232f9adb31eef2c4323c3a887a1857ef2cdd0fa1ed7a8414a14c22ecb6767cd2deaccfb4dece74c6ff282f251e1463e71f6ddeefe3a39ee553632c6bd08e5cbfde5c4d730e0f8c72e500701fe9e2f298a94d25cb041c6837ee2bfb57467afdaaa9beb641a1247d8f32e36b0d6984deedde91518b0d80e3ebc5c9a39f6ef3c5a19a80f3fdb908597b5affcb6eb2dae3912fabae5e8e479d4961e2143f1bcc605f98085be602728c9977c5b9068bd4514160a4dc4633279baa7b3f83f0cce8fdfb660a6d3776ef7f4f020f9248a41b18de2c14eb818b5e412c8144c0cc1f12ad2735319363201f4080cebea66e6ec4c1e112cedd3a4143102092a01bc75c98e7ca6661a0c696106388337b8ac80a486c08df0cdf7c3d827a5ccc5d335d803c96257bb50ecc148d2e1d08d16896bdae45993e4a991cf579990e1d5612b674e14f942cebcbfa0043147d7526a50a22b6a983dbccbb9928f5ec14cc4196a08f1779e467da9178fb0f78aeea14b9d1d20fa8f75f854474d942da8b4659c1347d861cede61bdc04fbe22719486868bd4ffe6ad150033feede06b0f07c3349e1a62e8ac8324c31b836641ba65e904daa2fc31907b6a725df8a82044187d5e082ba572d4f3403a36a790b5e26b254293bd2de31e9ddcc351d1bdb227fa79e37117aac9691d695f0c278c09dabb58957746f9b6678e7cadaf3f837626ddd83b7ad607f05056fad9eceafa9d262205003443b2d879d89d2ce2823ceb6b3efd67ae29c72f71fae95c504377bf4338e6546dae6a0548406b6bdae635a26d001a1cf735909a2d988efdc66f4dc87549514cb0cd06904952b5904637123babdde69158955b708ccb376a8ec871bb91f5106c911b9e606a5c1767b7ff27f2319fa0c0170484fe186a32e3a23424d08d9b3757ee049e06e3c5bc50bbfa79ac77b7d75d4394cabbe492d9d764dfe6b7895f0ed5333c399c73415581735d49e9b09d159e893252d6ec3c66ce8c60407113724f3e3490799450ce0858fb1eb5df623f055f4972f9880cc69d0caee2575577c7f720ceaec5e3ec53c85f47f0a1609fe8ecac87241cffafe8142b1dd6684d1d93297894282b2c066a94cf3d2f64a534ea2a440d02c3829eda8f6094417a21db9c2811f1ffdb45023349a17516378a776774f3266ec93c78ab59a19decea4dbf48ea80f3e381aebb4a866291eaa04fd19f4b0dc28a4b7346af6cc1f9a73d5acee3968311fd1c1c0e8d992f2e56e0278867c84644a4d500c815acf43900c219d2cea63a3be1e8ee91fd13c4b309ddc5c2630c62cf3c298759a2727bf0c02bc173ca12380f6f0f52f9916e9369f42eb8044d6878de24a3d7d2e0fa7d113444c4d861e8b2bbaa2cd24ce480be1c109de935890e62760cf24872b28bc898a9313763f8c59134496996ad0d0a8bea8f5d565d4b0c953b318762670116e3d2ae326bd678edb74f8365ad7b0a6a6223b5f6ac659af121a439ab001f56a4db76ddd557105a3cbe013ae5e2106b9de1424203a22c557fa929acb944626b9255d901100245dffcfc4a101520caf55908d12163011b87745566fbe3d205b614734d9c77c671e6af8f417562b55be3cc4f4436929889bc5b34acd92c9e16e7e9e962961633507ecc35f4aeba2d41237187ea7eb32f19fcdb9d7fdc8c167720fada23f0d2430f13afbd2fc5dc62da1f42c8a3130bd79f5a6b7acd5adf8c2e20fbfd5bebbfc0ad14ba09847c850e23ea58b26c493686647931ffc740a8353c7fc822e230e12b847ce0fc770413d60e2f1347c31255b8ef4b4609260ef55e3986d47f6bd146d6b56c103fc174cdfab3cc929a412c97f2f8ec1766e9925a51d9d1d8e6d274271a1eb4c925c21dde0bce27bf9fea2cad378625b97630fac2f2b8bd684cc3a9a77b7a13764e47ff8095a82abada468a61bfeb227c7420570fb518df1066ef396e709434f0088d8227ea3c9a755192b231acb09c2aac9214f7f19fdb445090ce586e24b1ce4d24882e2ec150995eff9a209d9ad561e294bdeb22c8aac51f64c4bc6278047dcf80f18b47510d839cc4c440a3e25a1162477b49231246e13c7fd06dcabb35ed7d77e976de19b7402a444c033838756afebe597d5d13d0de81b32e5309450ab37de1a02f3a3240448b2cc006a38e80dfb028909b7d8870ab1407eed3c983017345682561eeefa81a4e739a894b142dd4ee54654c90ebbe39a3de85f16054e1aed3111674a7366a9fe507605d6ca32d273f22b45640ce59f058492b5411304bb6fdbf9a916fffb34952cc10f004b686a8b18fdf61e7a6cf0e9d7888e63838d8e9cc0795f47acf7341441ce5d5d41b8566a44238923740d175fc3f68095206ed4a3be77807186d3dbc96a2946074b3a46af7e9eddc809a53b672501fac766d87c1abf2b9dea61811b3a630c7c5c7e9fc69d4cb64d380fd7570d1293c9ac28a81d962d7aa20a506de8635730278f777166a9a5694778dc5f3a0b2c06a7f53b6f4ab5fad6876ce809568c8f0765d7cf610a8334a7db6965b3d2a787c0f0305c72e4e0f860503659ccb394e2713b67323ee7c40a037b1901feb95763a236b365fde27596ae973708b346095ed051c55e996e16613b95ba1270e9d7225e89be1d984199e43469a547fd191b36a9ed4335c7654ecfcb4f8cae6d432a53402f7b560c6b67a364dda15b449694fca007bdf24503fd36e61e7de5c985a13b843fff488d4ab28b22034505ef0716018ecaf9f77b0537b26aa7abfd5d57a80305a1fea9839f2a2e77a8384bb453dfcfcc1cf9798da0be203027ee785387892dfaf486a0cea04f766e35f002b72d703836ad94b5eb53e6b87df9bb0805b3f26f3cb70adb945539f2284b348ee6f52a05cf0f81a3918d7400d989b3f6955b4dd8dbcd8d58173e02924d5b51793eec9ef4ccca2e55fd890857acf2815ac7e07b92e84de71a9016be43a1715cb576015d9b23d6b93bbcadce5b2d846875159b623c4400e51609d04c31632f39df16b89ca322c9c1a72b934423edeb422d51ae5a9924e685734dfcbbd126ea3e862f122a64fcd4e1bd345b51adf82eeb5c3eded37d5cb70d0b0d32350e9d3092e38ec7d518415a09311a013dded0860f2aa4f48ba8b7d0ddfdb3ebe1315b81a6a731f2846a1305ed66140fb728249523a43c9e2b675d30a086082a61378078d3e6ac68c8578a57353ff639e472ff91a9fe1a16f067b8cbce028a8e115e38ef808fe4ce1e1cb64402452143d4d7cff055daca4d1b2c0096765a1fac4da09ec4ea3411cfbe5955384c2c1fb48ab9e0866b29d14bff32bd79f3d67394b783fab643ef432b37abba77c5588139bb278b1a4ebcef812d64431911288671a7a4e39a6c72cca22b69a11bd046218c04f40ccd95ecb2bd405c945225348c0b8ba47424440ee1e690cbd58c18c35b1107bf4d3feb3c408775cc9aaf3adea0aaf100442f369ea3483da3ce2115a679239470a3584303cd66ea34a1ff77a272b4e5714876ce0c44bf2b3595fb05a56302baac80e82f14ea5c46c59a8e5cfad27bb21c05c6f0673bd19acc6f1a23e58a05604756fd5d9d6c4da34c978aa0c38aa9c407754597990530187f31b1c34a08c2417c05e4ecdde68cd223beb5ee86e44c724b80083c092da91ce848f90f04fbddcc7ec78d3c3ebc9bfcb94edbd81bcc6e2af9eed0892356418335e0522fde2a5a4c347db6bf48a3369b7462c45259aeba2be373bfa934b11a87fc73c5bca3b6fa72812d969102cd197a06372f73e785241f52505e47d3d951b10d26c3a823bd94623897f57f0cef5c797919bca7a9da1954a830aaf4613e9d2399a254eaf68b6e051f84ada54c3a058482a4b4381f76c654f7a0dc3859bb690a0cfe63a7a336b7d8d25d8aa420ba9e594f1c1b6f53a11ed4e097bf6f5f2614c1429a7b4b90552329aa4af1232f460f4ff6837d263018bf13fd78e9e1ec654266e5a7a1bbbbc4c787958e84703c8d91d9d04f0faf7735e9f49dfdac8c1ed06af7e529ab1b02959c7497e1a3ad78a859117918e97f172e5c154df79a73e8a784f28710841bcf54b1e02a8a98cfa33947a83c01ae55b96d3bb98523fd45a317c15351b9650a749d8292fbd4c8997381cc468792e91fdc4f049b104518cba3d18c73d03e835b929b0fddffd8bb87181ed8846f861a9a1cb874185cefdbe4", 0x1000}], 0xa, &(0x7f0000007040)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee01}}}], 0x20, 0x20040085}, {&(0x7f0000007080)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000072c0)=[{&(0x7f0000007100)="85074b6a2fdc34dfca64a8dd212082fcafe69ce15bf1d459ec3a47246eda808fc67784b21e189924a054ac30b656bbecae534f7608e51f432e6faa39cf0c5c90b4fbb8c76fcb55b4127aef9675852dc0767a162f917385a5ed7d47b87a5dd20be84a432581943cce091d8ea36c4b5438df364ad18a11b148a57818b8566f2231d5d452c6daedc4f85e7baeb8be6910da2b30e9e51107a7ebef", 0x99}, {&(0x7f00000071c0)="130310d2c71d9db48f80a2ed1aba1c83629d8157873ecd45c1ab179e2701c608ccd062dedd59a20d64c2b5f8c47604a99512ae2488f9d29b6af84337c3e30e79b59f6db318fe6b67752b7057336bdab441804af3ee8a696da655115b807dccce0bbf0c08a23dc9", 0x67}], 0x2, &(0x7f00000089c0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, r3}}}], 0x88, 0x20000000}, {&(0x7f0000008a80)=@file={0x1, './bus\x00'}, 0x6e, &(0x7f0000008d40)=[{&(0x7f0000008b00)="592ac99bc3f84b59fbb03f8b8b029c171251fd1d0aaf566ed39430a00594fa4e8bbbaf52bed3", 0x26}, {&(0x7f0000008b40)="173ba48541ad32617a220a51edcf213d6b61f74b8efb05e56d86a751f201096bdc7bb9a637a8ea2d3c4b3299351e6ee6a2d5b70b44f2c5b09fcc371fefecc8851fea", 0x42}, {0x0}], 0x3, &(0x7f0000008d80), 0x0, 0x10}], 0x7, 0x44090)
mount$9p_unix(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x10081, &(0x7f00000001c0)={'trans=unix,', {[{@cache_mmap}, {@dfltgid={'dfltgid', 0x3d, r3}}, {@version_9p2000}], [{@appraise}, {@smackfstransmute={'smackfstransmute', 0x3d, '!))\\'}}, {@smackfsdef={'smackfsdef', 0x3d, 'ramfs\x00'}}]}})

[ 2195.009022][ T2242] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2195.017121][ T2242] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2195.028215][ T2242] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2195.036336][ T2242] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2195.087754][ T2284] FAULT_INJECTION: forcing a failure.
[ 2195.087754][ T2284] name failslab, interval 1, probability 0, space 0, times 0
[ 2195.100360][ T2284] CPU: 1 PID: 2284 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2195.109032][ T2284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2195.119072][ T2284] Call Trace:
[ 2195.122341][ T2284]  dump_stack+0x137/0x19d
[ 2195.126665][ T2284]  should_fail+0x23c/0x250
[ 2195.131064][ T2284]  __should_failslab+0x81/0x90
[ 2195.135825][ T2284]  ? register_for_each_vma+0x372/0x890
[ 2195.141276][ T2284]  should_failslab+0x5/0x20
[ 2195.145754][ T2284]  kmem_cache_alloc_trace+0x49/0x310
[ 2195.151104][ T2284]  ? register_for_each_vma+0x372/0x890
[ 2195.156555][ T2284]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2195.162551][ T2284]  register_for_each_vma+0x372/0x890
[ 2195.167820][ T2284]  __uprobe_register+0x3f4/0x8a0
[ 2195.172801][ T2284]  uprobe_register_refctr+0x29/0x40
[ 2195.178083][ T2284]  probe_event_enable+0x2be/0x7d0
[ 2195.183103][ T2284]  ? __uprobe_trace_func+0x430/0x430
[ 2195.188374][ T2284]  trace_uprobe_register+0x88/0x410
[ 2195.193556][ T2284]  perf_trace_event_init+0x34e/0x790
[ 2195.198827][ T2284]  perf_uprobe_init+0xf5/0x140
[ 2195.203631][ T2284]  perf_uprobe_event_init+0xde/0x140
[ 2195.208897][ T2284]  perf_try_init_event+0x21a/0x400
[ 2195.214000][ T2284]  perf_event_alloc+0xa60/0x1790
[ 2195.218927][ T2284]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2195.224579][ T2284]  ? vfs_write+0x50c/0x770
[ 2195.228974][ T2284]  __x64_sys_perf_event_open+0x63/0x70
03:42:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2195.234415][ T2284]  do_syscall_64+0x4a/0x90
[ 2195.238821][ T2284]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2195.244710][ T2284] RIP: 0033:0x4665d9
[ 2195.248621][ T2284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2195.268205][ T2284] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2195.276622][ T2284] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:10 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180), 0x400, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')

03:42:10 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x200000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2195.284628][ T2284] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2195.292569][ T2284] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2195.300511][ T2284] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2195.308460][ T2284] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2195.325620][ T2286] FAULT_INJECTION: forcing a failure.
[ 2195.325620][ T2286] name failslab, interval 1, probability 0, space 0, times 0
[ 2195.338259][ T2286] CPU: 0 PID: 2286 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2195.346949][ T2286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2195.356989][ T2286] Call Trace:
[ 2195.360253][ T2286]  dump_stack+0x137/0x19d
[ 2195.364578][ T2286]  should_fail+0x23c/0x250
[ 2195.368991][ T2286]  ? create_local_trace_uprobe+0x235/0x3c0
[ 2195.374829][ T2286]  __should_failslab+0x81/0x90
[ 2195.379659][ T2286]  should_failslab+0x5/0x20
[ 2195.384142][ T2286]  __kmalloc_track_caller+0x64/0x340
[ 2195.389439][ T2286]  ? kstrdup+0x4c/0x70
[ 2195.393481][ T2286]  kstrdup+0x31/0x70
[ 2195.397378][ T2286]  create_local_trace_uprobe+0x235/0x3c0
[ 2195.402997][ T2286]  perf_uprobe_init+0xbe/0x140
[ 2195.407763][ T2286]  perf_uprobe_event_init+0xde/0x140
[ 2195.413020][ T2286]  perf_try_init_event+0x21a/0x400
[ 2195.418104][ T2286]  perf_event_alloc+0xa60/0x1790
[ 2195.423081][ T2286]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2195.428760][ T2286]  ? vfs_write+0x50c/0x770
[ 2195.433267][ T2286]  __x64_sys_perf_event_open+0x63/0x70
[ 2195.438721][ T2286]  do_syscall_64+0x4a/0x90
[ 2195.443167][ T2286]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2195.449035][ T2286] RIP: 0033:0x4665d9
[ 2195.452900][ T2286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2195.472543][ T2286] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2195.480928][ T2286] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:10 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xc, 0x0, "0000000300000000db82456fa79c812600"})

03:42:10 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x300000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2195.488877][ T2286] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2195.496871][ T2286] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2195.504839][ T2286] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2195.512837][ T2286] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2195.571663][ T2279] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2195.579649][ T2279] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2195.591168][ T2279] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2195.599137][ T2279] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:10 executing program 4 (fault-call:1 fault-nth:40):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:10 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x191480, 0x120)
creat(&(0x7f0000000000)='./file0\x00', 0x20)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x1004, 0x1)

[ 2195.772340][ T2279] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2195.780335][ T2279] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2195.795975][ T2279] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2195.803947][ T2279] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2196.063817][ T2328] FAULT_INJECTION: forcing a failure.
[ 2196.063817][ T2328] name failslab, interval 1, probability 0, space 0, times 0
[ 2196.076561][ T2328] CPU: 0 PID: 2328 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2196.085225][ T2328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2196.095326][ T2328] Call Trace:
[ 2196.098583][ T2328]  dump_stack+0x137/0x19d
[ 2196.102930][ T2328]  should_fail+0x23c/0x250
[ 2196.107324][ T2328]  __should_failslab+0x81/0x90
[ 2196.112063][ T2328]  ? register_for_each_vma+0x372/0x890
[ 2196.117519][ T2328]  should_failslab+0x5/0x20
[ 2196.122053][ T2328]  kmem_cache_alloc_trace+0x49/0x310
[ 2196.127368][ T2328]  ? register_for_each_vma+0x372/0x890
[ 2196.132802][ T2328]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2196.138777][ T2328]  register_for_each_vma+0x372/0x890
[ 2196.144033][ T2328]  __uprobe_register+0x3f4/0x8a0
[ 2196.148943][ T2328]  uprobe_register_refctr+0x29/0x40
[ 2196.154119][ T2328]  probe_event_enable+0x2be/0x7d0
[ 2196.159170][ T2328]  ? __uprobe_trace_func+0x430/0x430
[ 2196.164500][ T2328]  trace_uprobe_register+0x88/0x410
[ 2196.169768][ T2328]  perf_trace_event_init+0x34e/0x790
[ 2196.175037][ T2328]  perf_uprobe_init+0xf5/0x140
[ 2196.179792][ T2328]  perf_uprobe_event_init+0xde/0x140
[ 2196.185066][ T2328]  perf_try_init_event+0x21a/0x400
[ 2196.190309][ T2328]  perf_event_alloc+0xa60/0x1790
[ 2196.195250][ T2328]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2196.200857][ T2328]  ? vfs_write+0x50c/0x770
[ 2196.205246][ T2328]  __x64_sys_perf_event_open+0x63/0x70
[ 2196.210686][ T2328]  do_syscall_64+0x4a/0x90
[ 2196.215099][ T2328]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2196.220969][ T2328] RIP: 0033:0x4665d9
[ 2196.224837][ T2328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2196.244528][ T2328] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2196.253063][ T2328] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:11 executing program 3 (fault-call:6 fault-nth:11):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:11 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x400000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:11 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xc00, 0x0, "0000000300000000db82456fa79c812600"})

03:42:11 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='logfs\x00', 0x2000000, &(0x7f00000001c0)='\\&:&\x00')

03:42:11 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x500000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2196.261003][ T2328] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2196.268946][ T2328] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2196.276898][ T2328] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2196.284841][ T2328] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2196.347979][ T2337] FAULT_INJECTION: forcing a failure.
[ 2196.347979][ T2337] name failslab, interval 1, probability 0, space 0, times 0
[ 2196.360656][ T2337] CPU: 1 PID: 2337 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2196.369342][ T2337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2196.379377][ T2337] Call Trace:
[ 2196.382676][ T2337]  dump_stack+0x137/0x19d
[ 2196.387015][ T2337]  should_fail+0x23c/0x250
[ 2196.391434][ T2337]  ? traceprobe_set_print_fmt+0x45/0xa0
03:42:11 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x600000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2196.396998][ T2337]  __should_failslab+0x81/0x90
[ 2196.401779][ T2337]  should_failslab+0x5/0x20
[ 2196.406268][ T2337]  __kmalloc+0x66/0x340
[ 2196.410474][ T2337]  ? __kmalloc_track_caller+0x23b/0x340
[ 2196.416065][ T2337]  traceprobe_set_print_fmt+0x45/0xa0
[ 2196.421476][ T2337]  create_local_trace_uprobe+0x2eb/0x3c0
[ 2196.427125][ T2337]  perf_uprobe_init+0xbe/0x140
[ 2196.431912][ T2337]  perf_uprobe_event_init+0xde/0x140
[ 2196.437258][ T2337]  perf_try_init_event+0x21a/0x400
[ 2196.439217][ T2324] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2196.442372][ T2337]  perf_event_alloc+0xa60/0x1790
[ 2196.450373][ T2324] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2196.455253][ T2337]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2196.455274][ T2337]  ? vfs_write+0x50c/0x770
[ 2196.469514][ T2324] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2196.471858][ T2337]  __x64_sys_perf_event_open+0x63/0x70
[ 2196.471877][ T2337]  do_syscall_64+0x4a/0x90
[ 2196.476317][ T2324] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2196.484268][ T2337]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2196.511013][ T2337] RIP: 0033:0x4665d9
[ 2196.514898][ T2337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2196.534533][ T2337] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:11 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000340)=ANY=[@ANYBLOB="16c1ad4d0cd2a43bf27c0cc0fe2edaa185db88bccd903b091797b13a839cc15262acd551e774170801d719f97e4a7becfb3800ae4c6a4d2987c622c1acfc883d66612257703306ecea01be7dbb83239eef711a547a41424adf049107b5cc04a50fe371a47095efbd87cec6d24ca05755504de6b61c1a2e1a93e2b111b7d5bbb5d95a3b275fc5a1b6ed4041618af6a343ecc32733a511b524bb95"], &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='virtiofs\x00', 0x800000, &(0x7f00000002c0)='$,/},\x00')
mount(&(0x7f00000000c0)=ANY=[@ANYBLOB='?dev/md0\x00'], &(0x7f0000000200)='./file1\x00', &(0x7f0000000140)='ocfs2_dlmfs\x00', 0x64440, &(0x7f0000000180)='{+\xefZ\xed\xaf\x0f\x01\xb8\x10G+\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
open(&(0x7f00000001c0)='./file0\x00', 0x200002, 0x26)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1/file0\x00', 0x20000, 0x80)

03:42:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2196.542965][ T2337] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2196.550915][ T2337] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2196.558879][ T2337] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2196.566829][ T2337] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2196.574807][ T2337] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2196.702822][ T2324] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2196.710955][ T2324] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2196.732200][ T2324] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2196.740217][ T2324] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:11 executing program 4 (fault-call:1 fault-nth:41):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:11 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xff0f, 0x0, "0000000300000000db82456fa79c812600"})

03:42:11 executing program 3 (fault-call:6 fault-nth:12):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:11 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x700000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:11 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x2)

[ 2196.814084][ T2368] FAULT_INJECTION: forcing a failure.
[ 2196.814084][ T2368] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2196.827420][ T2368] CPU: 0 PID: 2368 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2196.836135][ T2368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2196.846192][ T2368] Call Trace:
[ 2196.849458][ T2368]  dump_stack+0x137/0x19d
[ 2196.853769][ T2368]  should_fail+0x23c/0x250
[ 2196.858168][ T2368]  __alloc_pages+0x102/0x320
[ 2196.862750][ T2368]  probe_event_enable+0x421/0x7d0
[ 2196.867765][ T2368]  ? __uprobe_trace_func+0x430/0x430
[ 2196.873042][ T2368]  trace_uprobe_register+0x88/0x410
[ 2196.878231][ T2368]  perf_trace_event_init+0x34e/0x790
[ 2196.883518][ T2368]  perf_uprobe_init+0xf5/0x140
[ 2196.888274][ T2368]  perf_uprobe_event_init+0xde/0x140
[ 2196.893544][ T2368]  perf_try_init_event+0x21a/0x400
[ 2196.898669][ T2368]  perf_event_alloc+0xa60/0x1790
[ 2196.903724][ T2368]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2196.909362][ T2368]  ? vfs_write+0x50c/0x770
[ 2196.913761][ T2368]  __x64_sys_perf_event_open+0x63/0x70
[ 2196.919198][ T2368]  do_syscall_64+0x4a/0x90
[ 2196.923602][ T2368]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2196.929484][ T2368] RIP: 0033:0x4665d9
[ 2196.933402][ T2368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2196.953074][ T2368] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:11 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x800000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:11 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xff0f0000, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:11 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xc0000, 0x0, "0000000300000000db82456fa79c812600"})

03:42:11 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:11 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xff0f0000, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2196.961469][ T2368] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2196.969450][ T2368] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2196.977402][ T2368] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2196.985363][ T2368] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2196.993319][ T2368] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:11 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x900000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2197.093291][ T2380] FAULT_INJECTION: forcing a failure.
[ 2197.093291][ T2380] name failslab, interval 1, probability 0, space 0, times 0
[ 2197.105976][ T2380] CPU: 1 PID: 2380 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2197.114636][ T2380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2197.124784][ T2380] Call Trace:
[ 2197.128047][ T2380]  dump_stack+0x137/0x19d
[ 2197.132382][ T2380]  should_fail+0x23c/0x250
[ 2197.136772][ T2380]  __should_failslab+0x81/0x90
[ 2197.141558][ T2380]  ? register_for_each_vma+0x372/0x890
[ 2197.147072][ T2380]  should_failslab+0x5/0x20
[ 2197.151650][ T2380]  kmem_cache_alloc_trace+0x49/0x310
[ 2197.156918][ T2380]  ? register_for_each_vma+0x372/0x890
[ 2197.162350][ T2380]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2197.168304][ T2380]  register_for_each_vma+0x372/0x890
[ 2197.173647][ T2380]  __uprobe_register+0x3f4/0x8a0
[ 2197.178634][ T2380]  uprobe_register_refctr+0x29/0x40
[ 2197.183811][ T2380]  probe_event_enable+0x2be/0x7d0
[ 2197.188948][ T2380]  ? __uprobe_trace_func+0x430/0x430
[ 2197.194299][ T2380]  trace_uprobe_register+0x88/0x410
[ 2197.199477][ T2380]  perf_trace_event_init+0x34e/0x790
[ 2197.204736][ T2380]  perf_uprobe_init+0xf5/0x140
[ 2197.209547][ T2380]  perf_uprobe_event_init+0xde/0x140
[ 2197.214855][ T2380]  perf_try_init_event+0x21a/0x400
[ 2197.219940][ T2380]  perf_event_alloc+0xa60/0x1790
[ 2197.224918][ T2380]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2197.230522][ T2380]  ? vfs_write+0x50c/0x770
[ 2197.234964][ T2380]  __x64_sys_perf_event_open+0x63/0x70
[ 2197.240450][ T2380]  do_syscall_64+0x4a/0x90
[ 2197.244927][ T2380]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2197.250880][ T2380] RIP: 0033:0x4665d9
[ 2197.254782][ T2380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2197.274365][ T2380] RSP: 002b:00007f544ac7b188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2197.282758][ T2380] RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9
[ 2197.290785][ T2380] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2197.298738][ T2380] RBP: 00007f544ac7b1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2197.306740][ T2380] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2197.314685][ T2380] R13: 00007ffea5eceb1f R14: 00007f544ac7b300 R15: 0000000000022000
[ 2197.376075][ T2369] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2197.384082][ T2369] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2197.395443][ T2369] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2197.403484][ T2369] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:12 executing program 4 (fault-call:1 fault-nth:42):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:12 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0xff0f0000, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:12 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:12 executing program 3 (fault-call:6 fault-nth:13):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:12 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xa00000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:12 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x1000000, 0x0, "0000000300000000db82456fa79c812600"})

03:42:12 executing program 2 (fault-call:4 fault-nth:0):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2197.555878][ T2369] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2197.563982][ T2369] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2197.575103][ T2369] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2197.583061][ T2369] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2197.628328][ T2413] FAULT_INJECTION: forcing a failure.
[ 2197.628328][ T2413] name failslab, interval 1, probability 0, space 0, times 0
[ 2197.640960][ T2413] CPU: 0 PID: 2413 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2197.649633][ T2413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2197.659663][ T2413] Call Trace:
[ 2197.662925][ T2413]  dump_stack+0x137/0x19d
[ 2197.667238][ T2413]  should_fail+0x23c/0x250
[ 2197.671650][ T2413]  __should_failslab+0x81/0x90
[ 2197.676406][ T2413]  ? register_for_each_vma+0x372/0x890
[ 2197.681869][ T2413]  should_failslab+0x5/0x20
[ 2197.686359][ T2413]  kmem_cache_alloc_trace+0x49/0x310
[ 2197.691631][ T2413]  ? register_for_each_vma+0x372/0x890
[ 2197.697072][ T2413]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2197.703040][ T2413]  register_for_each_vma+0x372/0x890
[ 2197.708317][ T2413]  __uprobe_register+0x3f4/0x8a0
[ 2197.713303][ T2413]  uprobe_register_refctr+0x29/0x40
[ 2197.718500][ T2413]  probe_event_enable+0x2be/0x7d0
[ 2197.723514][ T2413]  ? __uprobe_trace_func+0x430/0x430
[ 2197.728774][ T2413]  trace_uprobe_register+0x88/0x410
[ 2197.733999][ T2413]  perf_trace_event_init+0x34e/0x790
[ 2197.739342][ T2413]  perf_uprobe_init+0xf5/0x140
[ 2197.744088][ T2413]  perf_uprobe_event_init+0xde/0x140
[ 2197.749432][ T2413]  perf_try_init_event+0x21a/0x400
[ 2197.754554][ T2413]  perf_event_alloc+0xa60/0x1790
[ 2197.759493][ T2413]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2197.765217][ T2413]  ? vfs_write+0x50c/0x770
[ 2197.769744][ T2413]  __x64_sys_perf_event_open+0x63/0x70
03:42:12 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2197.775186][ T2413]  do_syscall_64+0x4a/0x90
[ 2197.779628][ T2413]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2197.785646][ T2413] RIP: 0033:0x4665d9
[ 2197.789526][ T2413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2197.809159][ T2413] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2197.817593][ T2413] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:12 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xb00000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:12 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xfdfdffff, 0x0, "0000000300000000db82456fa79c812600"})

03:42:12 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:12 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2197.825540][ T2413] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2197.833566][ T2413] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2197.841532][ T2413] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2197.849553][ T2413] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
[ 2197.972307][ T2411] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2197.980327][ T2411] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2197.992107][ T2411] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.000097][ T2411] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2198.177005][ T2411] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.185169][ T2411] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2198.196602][ T2411] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.204586][ T2411] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2198.220192][ T2410] FAULT_INJECTION: forcing a failure.
03:42:13 executing program 4 (fault-call:1 fault-nth:43):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:13 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xc00000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:13 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2198.220192][ T2410] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2198.233380][ T2410] CPU: 1 PID: 2410 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2198.242031][ T2410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2198.252067][ T2410] Call Trace:
[ 2198.255327][ T2410]  dump_stack+0x137/0x19d
[ 2198.259749][ T2410]  should_fail+0x23c/0x250
[ 2198.264174][ T2410]  __alloc_pages+0x102/0x320
[ 2198.268769][ T2410]  probe_event_enable+0x421/0x7d0
[ 2198.273854][ T2410]  ? __uprobe_trace_func+0x430/0x430
[ 2198.279125][ T2410]  trace_uprobe_register+0x88/0x410
[ 2198.284377][ T2410]  perf_trace_event_init+0x34e/0x790
[ 2198.289654][ T2410]  perf_uprobe_init+0xf5/0x140
[ 2198.294405][ T2410]  perf_uprobe_event_init+0xde/0x140
[ 2198.299679][ T2410]  perf_try_init_event+0x21a/0x400
[ 2198.304779][ T2410]  perf_event_alloc+0xa60/0x1790
[ 2198.309719][ T2410]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2198.315342][ T2410]  ? vfs_write+0x50c/0x770
[ 2198.319754][ T2410]  __x64_sys_perf_event_open+0x63/0x70
[ 2198.325273][ T2410]  do_syscall_64+0x4a/0x90
[ 2198.329695][ T2410]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2198.335630][ T2410] RIP: 0033:0x4665d9
[ 2198.339527][ T2410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2198.359227][ T2410] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2198.367621][ T2410] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2198.375590][ T2410] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2198.383534][ T2410] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2198.391477][ T2410] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2198.399446][ T2410] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2198.407814][ T2448] FAULT_INJECTION: forcing a failure.
[ 2198.407814][ T2448] name failslab, interval 1, probability 0, space 0, times 0
[ 2198.420406][ T2448] CPU: 0 PID: 2448 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2198.429074][ T2448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2198.439125][ T2448] Call Trace:
[ 2198.442377][ T2448]  dump_stack+0x137/0x19d
[ 2198.446683][ T2448]  should_fail+0x23c/0x250
[ 2198.451096][ T2448]  __should_failslab+0x81/0x90
[ 2198.455866][ T2448]  ? register_for_each_vma+0x372/0x890
[ 2198.461302][ T2448]  should_failslab+0x5/0x20
[ 2198.465778][ T2448]  kmem_cache_alloc_trace+0x49/0x310
[ 2198.471063][ T2448]  ? register_for_each_vma+0x372/0x890
[ 2198.476521][ T2448]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2198.482472][ T2448]  register_for_each_vma+0x372/0x890
[ 2198.487776][ T2448]  __uprobe_register+0x3f4/0x8a0
[ 2198.492781][ T2448]  uprobe_register_refctr+0x29/0x40
[ 2198.497952][ T2448]  probe_event_enable+0x2be/0x7d0
[ 2198.502957][ T2448]  ? __uprobe_trace_func+0x430/0x430
[ 2198.508250][ T2448]  trace_uprobe_register+0x88/0x410
[ 2198.513466][ T2448]  perf_trace_event_init+0x34e/0x790
[ 2198.518776][ T2448]  perf_uprobe_init+0xf5/0x140
[ 2198.523512][ T2448]  perf_uprobe_event_init+0xde/0x140
[ 2198.528767][ T2448]  perf_try_init_event+0x21a/0x400
[ 2198.533921][ T2448]  perf_event_alloc+0xa60/0x1790
[ 2198.538833][ T2448]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2198.544435][ T2448]  ? vfs_write+0x50c/0x770
[ 2198.548821][ T2448]  __x64_sys_perf_event_open+0x63/0x70
[ 2198.554316][ T2448]  do_syscall_64+0x4a/0x90
[ 2198.558733][ T2448]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2198.564610][ T2448] RIP: 0033:0x4665d9
[ 2198.568473][ T2448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2198.588048][ T2448] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2198.596470][ T2448] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2198.604440][ T2448] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2198.612398][ T2448] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2198.620367][ T2448] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
03:42:13 executing program 3 (fault-call:6 fault-nth:14):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:13 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xff0f0000, 0x0, "0000000300000000db82456fa79c812600"})

03:42:13 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xd00000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:13 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2198.628393][ T2448] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:13 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xe00000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:13 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x20000200, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2198.722433][ T2442] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.730430][ T2442] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2198.743516][ T2442] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.751514][ T2442] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:13 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0xfffffdfd, 0x0, "0000000300000000db82456fa79c812600"})

[ 2198.951922][ T2442] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.960053][ T2442] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2198.971598][ T2442] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2198.979746][ T2442] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2198.997448][ T2456] FAULT_INJECTION: forcing a failure.
[ 2198.997448][ T2456] name failslab, interval 1, probability 0, space 0, times 0
[ 2199.010082][ T2456] CPU: 0 PID: 2456 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2199.018774][ T2456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2199.028881][ T2456] Call Trace:
[ 2199.032141][ T2456]  dump_stack+0x137/0x19d
[ 2199.036456][ T2456]  should_fail+0x23c/0x250
[ 2199.040921][ T2456]  __should_failslab+0x81/0x90
[ 2199.045706][ T2456]  ? __uprobe_register+0xf8/0x8a0
03:42:13 executing program 4 (fault-call:1 fault-nth:44):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:13 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2199.050732][ T2456]  should_failslab+0x5/0x20
[ 2199.055239][ T2456]  kmem_cache_alloc_trace+0x49/0x310
[ 2199.060552][ T2456]  ? get_page_from_freelist+0x53e/0x800
[ 2199.066100][ T2456]  __uprobe_register+0xf8/0x8a0
[ 2199.070986][ T2456]  ? __alloc_pages+0x194/0x320
[ 2199.075743][ T2456]  uprobe_register_refctr+0x29/0x40
[ 2199.081081][ T2456]  probe_event_enable+0x2be/0x7d0
[ 2199.086171][ T2456]  ? __uprobe_trace_func+0x430/0x430
[ 2199.091446][ T2456]  trace_uprobe_register+0x88/0x410
[ 2199.096626][ T2456]  perf_trace_event_init+0x34e/0x790
[ 2199.101891][ T2456]  perf_uprobe_init+0xf5/0x140
[ 2199.106684][ T2456]  perf_uprobe_event_init+0xde/0x140
[ 2199.111954][ T2456]  perf_try_init_event+0x21a/0x400
[ 2199.117174][ T2456]  perf_event_alloc+0xa60/0x1790
[ 2199.122094][ T2456]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2199.127717][ T2456]  ? vfs_write+0x50c/0x770
[ 2199.132123][ T2456]  __x64_sys_perf_event_open+0x63/0x70
[ 2199.137566][ T2456]  do_syscall_64+0x4a/0x90
[ 2199.141970][ T2456]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2199.147893][ T2456] RIP: 0033:0x4665d9
[ 2199.151791][ T2456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2199.171377][ T2456] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2199.179854][ T2456] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2199.187815][ T2456] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2199.195767][ T2456] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2199.203715][ T2456] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2199.211721][ T2456] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2199.223457][ T2487] FAULT_INJECTION: forcing a failure.
[ 2199.223457][ T2487] name failslab, interval 1, probability 0, space 0, times 0
[ 2199.236066][ T2487] CPU: 1 PID: 2487 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2199.244740][ T2487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2199.254773][ T2487] Call Trace:
[ 2199.258025][ T2487]  dump_stack+0x137/0x19d
[ 2199.262382][ T2487]  should_fail+0x23c/0x250
[ 2199.266776][ T2487]  __should_failslab+0x81/0x90
[ 2199.271542][ T2487]  ? register_for_each_vma+0x372/0x890
[ 2199.276973][ T2487]  should_failslab+0x5/0x20
[ 2199.281539][ T2487]  kmem_cache_alloc_trace+0x49/0x310
[ 2199.286795][ T2487]  ? register_for_each_vma+0x372/0x890
[ 2199.292307][ T2487]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2199.298259][ T2487]  register_for_each_vma+0x372/0x890
[ 2199.303538][ T2487]  __uprobe_register+0x3f4/0x8a0
[ 2199.308447][ T2487]  uprobe_register_refctr+0x29/0x40
[ 2199.313618][ T2487]  probe_event_enable+0x2be/0x7d0
[ 2199.318722][ T2487]  ? __uprobe_trace_func+0x430/0x430
[ 2199.324035][ T2487]  trace_uprobe_register+0x88/0x410
[ 2199.329258][ T2487]  perf_trace_event_init+0x34e/0x790
[ 2199.334518][ T2487]  perf_uprobe_init+0xf5/0x140
[ 2199.339264][ T2487]  perf_uprobe_event_init+0xde/0x140
[ 2199.344551][ T2487]  perf_try_init_event+0x21a/0x400
[ 2199.349636][ T2487]  perf_event_alloc+0xa60/0x1790
[ 2199.354636][ T2487]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2199.360241][ T2487]  ? vfs_write+0x50c/0x770
[ 2199.364663][ T2487]  __x64_sys_perf_event_open+0x63/0x70
[ 2199.370125][ T2487]  do_syscall_64+0x4a/0x90
[ 2199.374583][ T2487]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2199.380548][ T2487] RIP: 0033:0x4665d9
[ 2199.384411][ T2487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:42:14 executing program 3 (fault-call:6 fault-nth:15):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:14 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1000000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:14 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x2, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:14 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2199.404047][ T2487] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2199.412433][ T2487] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2199.420383][ T2487] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2199.428325][ T2487] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2199.436266][ T2487] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2199.444209][ T2487] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:14 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:14 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1100000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:14 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x1200000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2199.564602][ T2496] FAULT_INJECTION: forcing a failure.
[ 2199.564602][ T2496] name failslab, interval 1, probability 0, space 0, times 0
[ 2199.577217][ T2496] CPU: 0 PID: 2496 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2199.585879][ T2496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2199.595929][ T2496] Call Trace:
[ 2199.599196][ T2496]  dump_stack+0x137/0x19d
[ 2199.603557][ T2496]  should_fail+0x23c/0x250
[ 2199.607980][ T2496]  __should_failslab+0x81/0x90
[ 2199.612744][ T2496]  ? register_for_each_vma+0x372/0x890
[ 2199.618265][ T2496]  should_failslab+0x5/0x20
[ 2199.622750][ T2496]  kmem_cache_alloc_trace+0x49/0x310
[ 2199.628024][ T2496]  ? register_for_each_vma+0x372/0x890
[ 2199.633529][ T2496]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2199.639483][ T2496]  register_for_each_vma+0x372/0x890
[ 2199.644807][ T2496]  __uprobe_register+0x3f4/0x8a0
[ 2199.649798][ T2496]  uprobe_register_refctr+0x29/0x40
[ 2199.654970][ T2496]  probe_event_enable+0x2be/0x7d0
[ 2199.659988][ T2496]  ? __uprobe_trace_func+0x430/0x430
[ 2199.665257][ T2496]  trace_uprobe_register+0x88/0x410
[ 2199.670478][ T2496]  perf_trace_event_init+0x34e/0x790
[ 2199.675753][ T2496]  perf_uprobe_init+0xf5/0x140
[ 2199.680510][ T2496]  perf_uprobe_event_init+0xde/0x140
[ 2199.685768][ T2496]  perf_try_init_event+0x21a/0x400
[ 2199.690861][ T2496]  perf_event_alloc+0xa60/0x1790
[ 2199.695796][ T2496]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2199.701458][ T2496]  ? vfs_write+0x50c/0x770
[ 2199.705853][ T2496]  __x64_sys_perf_event_open+0x63/0x70
[ 2199.711295][ T2496]  do_syscall_64+0x4a/0x90
[ 2199.715722][ T2496]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2199.721619][ T2496] RIP: 0033:0x4665d9
[ 2199.725496][ T2496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2199.745096][ T2496] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2199.753517][ T2496] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2199.761495][ T2496] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2199.769436][ T2496] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2199.777379][ T2496] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2199.785326][ T2496] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:14 executing program 4 (fault-call:1 fault-nth:45):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:14 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:14 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2200.071121][ T2493] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2200.079108][ T2493] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2200.090690][ T2493] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2200.098681][ T2493] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2200.272195][ T2493] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2200.280218][ T2493] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2200.291934][ T2493] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2200.299949][ T2493] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2200.331385][ T2523] FAULT_INJECTION: forcing a failure.
[ 2200.331385][ T2523] name failslab, interval 1, probability 0, space 0, times 0
[ 2200.343978][ T2523] CPU: 1 PID: 2523 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2200.352684][ T2523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2200.362745][ T2523] Call Trace:
[ 2200.366002][ T2523]  dump_stack+0x137/0x19d
[ 2200.370314][ T2523]  should_fail+0x23c/0x250
[ 2200.375076][ T2523]  __should_failslab+0x81/0x90
[ 2200.379897][ T2523]  ? register_for_each_vma+0x372/0x890
[ 2200.385457][ T2523]  should_failslab+0x5/0x20
[ 2200.389944][ T2523]  kmem_cache_alloc_trace+0x49/0x310
[ 2200.395253][ T2523]  ? register_for_each_vma+0x372/0x890
[ 2200.400750][ T2523]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2200.406711][ T2523]  register_for_each_vma+0x372/0x890
[ 2200.412079][ T2523]  __uprobe_register+0x3f4/0x8a0
[ 2200.417059][ T2523]  uprobe_register_refctr+0x29/0x40
[ 2200.422312][ T2523]  probe_event_enable+0x2be/0x7d0
[ 2200.427335][ T2523]  ? __uprobe_trace_func+0x430/0x430
[ 2200.432632][ T2523]  trace_uprobe_register+0x88/0x410
[ 2200.437869][ T2523]  perf_trace_event_init+0x34e/0x790
[ 2200.443155][ T2523]  perf_uprobe_init+0xf5/0x140
[ 2200.447982][ T2523]  perf_uprobe_event_init+0xde/0x140
[ 2200.453339][ T2523]  perf_try_init_event+0x21a/0x400
[ 2200.458454][ T2523]  perf_event_alloc+0xa60/0x1790
[ 2200.463370][ T2523]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2200.469130][ T2523]  ? vfs_write+0x50c/0x770
[ 2200.473532][ T2523]  __x64_sys_perf_event_open+0x63/0x70
[ 2200.479034][ T2523]  do_syscall_64+0x4a/0x90
[ 2200.483441][ T2523]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2200.489391][ T2523] RIP: 0033:0x4665d9
[ 2200.493254][ T2523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2200.512831][ T2523] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2200.521265][ T2523] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:15 executing program 3 (fault-call:6 fault-nth:16):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:15 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0c00000300000000db82456fa79c812600"})

03:42:15 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2000000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:15 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:15 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x10, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:15 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0xff, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:15 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2010000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2200.529236][ T2523] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2200.537192][ T2523] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2200.545137][ T2523] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2200.553097][ T2523] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:15 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:15 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2200.685346][ T2531] FAULT_INJECTION: forcing a failure.
[ 2200.685346][ T2531] name failslab, interval 1, probability 0, space 0, times 0
[ 2200.698030][ T2531] CPU: 0 PID: 2531 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2200.706694][ T2531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2200.716730][ T2531] Call Trace:
[ 2200.720000][ T2531]  dump_stack+0x137/0x19d
[ 2200.724319][ T2531]  should_fail+0x23c/0x250
[ 2200.728719][ T2531]  __should_failslab+0x81/0x90
[ 2200.733469][ T2531]  ? register_for_each_vma+0x372/0x890
[ 2200.738917][ T2531]  should_failslab+0x5/0x20
[ 2200.743396][ T2531]  kmem_cache_alloc_trace+0x49/0x310
[ 2200.748666][ T2531]  ? register_for_each_vma+0x372/0x890
[ 2200.754264][ T2531]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2200.760240][ T2531]  register_for_each_vma+0x372/0x890
[ 2200.765595][ T2531]  __uprobe_register+0x3f4/0x8a0
[ 2200.770512][ T2531]  uprobe_register_refctr+0x29/0x40
[ 2200.775716][ T2531]  probe_event_enable+0x2be/0x7d0
[ 2200.780775][ T2531]  ? __uprobe_trace_func+0x430/0x430
[ 2200.786034][ T2531]  trace_uprobe_register+0x88/0x410
[ 2200.791241][ T2531]  perf_trace_event_init+0x34e/0x790
[ 2200.796501][ T2531]  perf_uprobe_init+0xf5/0x140
[ 2200.801320][ T2531]  perf_uprobe_event_init+0xde/0x140
[ 2200.806580][ T2531]  perf_try_init_event+0x21a/0x400
[ 2200.811663][ T2531]  perf_event_alloc+0xa60/0x1790
[ 2200.816618][ T2531]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2200.822257][ T2531]  ? vfs_write+0x50c/0x770
[ 2200.826652][ T2531]  __x64_sys_perf_event_open+0x63/0x70
[ 2200.832094][ T2531]  do_syscall_64+0x4a/0x90
[ 2200.836487][ T2531]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2200.842353][ T2531] RIP: 0033:0x4665d9
[ 2200.846303][ T2531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2200.865978][ T2531] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2200.874364][ T2531] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2200.882354][ T2531] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2200.890342][ T2531] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2200.898290][ T2531] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2200.906320][ T2531] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:16 executing program 4 (fault-call:1 fault-nth:46):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000c000300000000db82456fa79c812600"})

[ 2201.207051][ T2530] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2201.215054][ T2530] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2201.226728][ T2530] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2201.234749][ T2530] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2201.401769][ T2530] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2201.409789][ T2530] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2201.421819][ T2530] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2201.429804][ T2530] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2201.459194][ T2561] FAULT_INJECTION: forcing a failure.
[ 2201.459194][ T2561] name failslab, interval 1, probability 0, space 0, times 0
[ 2201.471797][ T2561] CPU: 1 PID: 2561 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2201.480447][ T2561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2201.490482][ T2561] Call Trace:
[ 2201.493757][ T2561]  dump_stack+0x137/0x19d
[ 2201.498103][ T2561]  should_fail+0x23c/0x250
[ 2201.502506][ T2561]  __should_failslab+0x81/0x90
[ 2201.507258][ T2561]  ? register_for_each_vma+0x372/0x890
[ 2201.512750][ T2561]  should_failslab+0x5/0x20
[ 2201.517264][ T2561]  kmem_cache_alloc_trace+0x49/0x310
[ 2201.522527][ T2561]  ? register_for_each_vma+0x372/0x890
[ 2201.527997][ T2561]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2201.533969][ T2561]  register_for_each_vma+0x372/0x890
[ 2201.539241][ T2561]  __uprobe_register+0x3f4/0x8a0
[ 2201.544285][ T2561]  uprobe_register_refctr+0x29/0x40
[ 2201.549455][ T2561]  probe_event_enable+0x2be/0x7d0
[ 2201.554451][ T2561]  ? __uprobe_trace_func+0x430/0x430
[ 2201.559767][ T2561]  trace_uprobe_register+0x88/0x410
[ 2201.564948][ T2561]  perf_trace_event_init+0x34e/0x790
[ 2201.570229][ T2561]  perf_uprobe_init+0xf5/0x140
[ 2201.574970][ T2561]  perf_uprobe_event_init+0xde/0x140
[ 2201.580260][ T2561]  perf_try_init_event+0x21a/0x400
[ 2201.585353][ T2561]  perf_event_alloc+0xa60/0x1790
[ 2201.590267][ T2561]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2201.595888][ T2561]  ? vfs_write+0x50c/0x770
[ 2201.600310][ T2561]  __x64_sys_perf_event_open+0x63/0x70
[ 2201.605742][ T2561]  do_syscall_64+0x4a/0x90
[ 2201.610136][ T2561]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2201.616107][ T2561] RIP: 0033:0x4665d9
[ 2201.619981][ T2561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2201.640074][ T2561] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2201.648497][ T2561] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:16 executing program 3 (fault-call:6 fault-nth:17):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:16 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2200000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0fff000300000000db82456fa79c812600"})

03:42:16 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x2500000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:16 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:16 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2201.656483][ T2561] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2201.664549][ T2561] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2201.672491][ T2561] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2201.680534][ T2561] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:16 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x3f00000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2201.789217][ T2571] FAULT_INJECTION: forcing a failure.
[ 2201.789217][ T2571] name failslab, interval 1, probability 0, space 0, times 0
[ 2201.801968][ T2571] CPU: 0 PID: 2571 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2201.810635][ T2571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2201.820727][ T2571] Call Trace:
[ 2201.823988][ T2571]  dump_stack+0x137/0x19d
[ 2201.828373][ T2571]  should_fail+0x23c/0x250
[ 2201.832797][ T2571]  __should_failslab+0x81/0x90
[ 2201.837541][ T2571]  ? register_for_each_vma+0x372/0x890
[ 2201.842991][ T2571]  should_failslab+0x5/0x20
[ 2201.847480][ T2571]  kmem_cache_alloc_trace+0x49/0x310
[ 2201.852753][ T2571]  ? register_for_each_vma+0x372/0x890
[ 2201.858239][ T2571]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2201.864213][ T2571]  register_for_each_vma+0x372/0x890
[ 2201.869488][ T2571]  __uprobe_register+0x3f4/0x8a0
[ 2201.874458][ T2571]  uprobe_register_refctr+0x29/0x40
[ 2201.879645][ T2571]  probe_event_enable+0x2be/0x7d0
[ 2201.884675][ T2571]  ? __uprobe_trace_func+0x430/0x430
[ 2201.889933][ T2571]  trace_uprobe_register+0x88/0x410
[ 2201.895136][ T2571]  perf_trace_event_init+0x34e/0x790
[ 2201.900398][ T2571]  perf_uprobe_init+0xf5/0x140
[ 2201.905146][ T2571]  perf_uprobe_event_init+0xde/0x140
[ 2201.910406][ T2571]  perf_try_init_event+0x21a/0x400
[ 2201.915557][ T2571]  perf_event_alloc+0xa60/0x1790
[ 2201.920468][ T2571]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2201.926085][ T2571]  ? vfs_write+0x50c/0x770
[ 2201.930475][ T2571]  __x64_sys_perf_event_open+0x63/0x70
[ 2201.935907][ T2571]  do_syscall_64+0x4a/0x90
[ 2201.940301][ T2571]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2201.946167][ T2571] RIP: 0033:0x4665d9
[ 2201.950032][ T2571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2201.969676][ T2571] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2201.978060][ T2571] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2201.986008][ T2571] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2201.993973][ T2571] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2202.002005][ T2571] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2202.010012][ T2571] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:17 executing program 4 (fault-call:1 fault-nth:47):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000c000300000000db82456fa79c812600"})

[ 2202.296678][ T2568] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2202.304745][ T2568] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2202.316170][ T2568] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2202.324152][ T2568] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2202.493350][ T2568] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2202.501377][ T2568] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2202.513116][ T2568] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2202.521116][ T2568] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2202.549804][ T2600] FAULT_INJECTION: forcing a failure.
[ 2202.549804][ T2600] name failslab, interval 1, probability 0, space 0, times 0
[ 2202.562428][ T2600] CPU: 1 PID: 2600 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2202.571082][ T2600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2202.581113][ T2600] Call Trace:
[ 2202.584380][ T2600]  dump_stack+0x137/0x19d
[ 2202.588781][ T2600]  should_fail+0x23c/0x250
[ 2202.593186][ T2600]  __should_failslab+0x81/0x90
[ 2202.598000][ T2600]  ? register_for_each_vma+0x372/0x890
[ 2202.603470][ T2600]  should_failslab+0x5/0x20
[ 2202.607950][ T2600]  kmem_cache_alloc_trace+0x49/0x310
[ 2202.613216][ T2600]  ? register_for_each_vma+0x372/0x890
[ 2202.618718][ T2600]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2202.624710][ T2600]  register_for_each_vma+0x372/0x890
[ 2202.629999][ T2600]  __uprobe_register+0x3f4/0x8a0
[ 2202.634947][ T2600]  uprobe_register_refctr+0x29/0x40
[ 2202.640137][ T2600]  probe_event_enable+0x2be/0x7d0
[ 2202.645183][ T2600]  ? __uprobe_trace_func+0x430/0x430
[ 2202.650491][ T2600]  trace_uprobe_register+0x88/0x410
[ 2202.655687][ T2600]  perf_trace_event_init+0x34e/0x790
[ 2202.660984][ T2600]  perf_uprobe_init+0xf5/0x140
[ 2202.665827][ T2600]  perf_uprobe_event_init+0xde/0x140
[ 2202.671162][ T2600]  perf_try_init_event+0x21a/0x400
[ 2202.676250][ T2600]  perf_event_alloc+0xa60/0x1790
[ 2202.681164][ T2600]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2202.686803][ T2600]  ? vfs_write+0x50c/0x770
[ 2202.691215][ T2600]  __x64_sys_perf_event_open+0x63/0x70
[ 2202.696649][ T2600]  do_syscall_64+0x4a/0x90
[ 2202.701088][ T2600]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2202.706979][ T2600] RIP: 0033:0x4665d9
[ 2202.710870][ T2600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2202.730456][ T2600] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2202.738859][ T2600] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:17 executing program 3 (fault-call:6 fault-nth:18):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4000000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:17 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "00000c0300000000db82456fa79c812600"})

[ 2202.746904][ T2600] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2202.754853][ T2600] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2202.762807][ T2600] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2202.770776][ T2600] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:17 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x10, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:17 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4800000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:17 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000fff0300000000db82456fa79c812600"})

[ 2203.061792][ T2609] FAULT_INJECTION: forcing a failure.
[ 2203.061792][ T2609] name failslab, interval 1, probability 0, space 0, times 0
[ 2203.074534][ T2609] CPU: 1 PID: 2609 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2203.083190][ T2609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2203.093231][ T2609] Call Trace:
[ 2203.096518][ T2609]  dump_stack+0x137/0x19d
[ 2203.100854][ T2609]  should_fail+0x23c/0x250
[ 2203.105247][ T2609]  __should_failslab+0x81/0x90
[ 2203.110017][ T2609]  ? register_for_each_vma+0x372/0x890
[ 2203.115477][ T2609]  should_failslab+0x5/0x20
[ 2203.119970][ T2609]  kmem_cache_alloc_trace+0x49/0x310
[ 2203.125259][ T2609]  ? register_for_each_vma+0x372/0x890
[ 2203.131258][ T2609]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2203.137378][ T2609]  register_for_each_vma+0x372/0x890
[ 2203.142655][ T2609]  __uprobe_register+0x3f4/0x8a0
[ 2203.147575][ T2609]  uprobe_register_refctr+0x29/0x40
[ 2203.152768][ T2609]  probe_event_enable+0x2be/0x7d0
[ 2203.157795][ T2609]  ? __uprobe_trace_func+0x430/0x430
[ 2203.163067][ T2609]  trace_uprobe_register+0x88/0x410
[ 2203.168249][ T2609]  perf_trace_event_init+0x34e/0x790
[ 2203.173525][ T2609]  perf_uprobe_init+0xf5/0x140
[ 2203.178305][ T2609]  perf_uprobe_event_init+0xde/0x140
[ 2203.183596][ T2609]  perf_try_init_event+0x21a/0x400
[ 2203.188697][ T2609]  perf_event_alloc+0xa60/0x1790
[ 2203.193753][ T2609]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2203.199394][ T2609]  ? vfs_write+0x50c/0x770
[ 2203.203797][ T2609]  __x64_sys_perf_event_open+0x63/0x70
[ 2203.209236][ T2609]  do_syscall_64+0x4a/0x90
[ 2203.213642][ T2609]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2203.219639][ T2609] RIP: 0033:0x4665d9
[ 2203.223596][ T2609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2203.243528][ T2609] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2203.251911][ T2609] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:18 executing program 4 (fault-call:1 fault-nth:48):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:18 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0xff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:18 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x4c00000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2203.259972][ T2609] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2203.267916][ T2609] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2203.275861][ T2609] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2203.283877][ T2609] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2203.354406][ T2639] FAULT_INJECTION: forcing a failure.
[ 2203.354406][ T2639] name failslab, interval 1, probability 0, space 0, times 0
[ 2203.367018][ T2639] CPU: 0 PID: 2639 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2203.375742][ T2639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2203.385779][ T2639] Call Trace:
[ 2203.389040][ T2639]  dump_stack+0x137/0x19d
[ 2203.393355][ T2639]  should_fail+0x23c/0x250
[ 2203.397804][ T2639]  __should_failslab+0x81/0x90
[ 2203.402544][ T2639]  ? register_for_each_vma+0x372/0x890
[ 2203.408015][ T2639]  should_failslab+0x5/0x20
[ 2203.412531][ T2639]  kmem_cache_alloc_trace+0x49/0x310
[ 2203.417824][ T2639]  ? register_for_each_vma+0x372/0x890
[ 2203.423255][ T2639]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2203.429226][ T2639]  register_for_each_vma+0x372/0x890
[ 2203.434487][ T2639]  __uprobe_register+0x3f4/0x8a0
[ 2203.439400][ T2639]  uprobe_register_refctr+0x29/0x40
[ 2203.444572][ T2639]  probe_event_enable+0x2be/0x7d0
[ 2203.449573][ T2639]  ? __uprobe_trace_func+0x430/0x430
[ 2203.454932][ T2639]  trace_uprobe_register+0x88/0x410
[ 2203.460123][ T2639]  perf_trace_event_init+0x34e/0x790
[ 2203.465396][ T2639]  perf_uprobe_init+0xf5/0x140
[ 2203.470139][ T2639]  perf_uprobe_event_init+0xde/0x140
[ 2203.475399][ T2639]  perf_try_init_event+0x21a/0x400
[ 2203.480488][ T2639]  perf_event_alloc+0xa60/0x1790
[ 2203.485403][ T2639]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2203.491015][ T2639]  ? vfs_write+0x50c/0x770
[ 2203.495409][ T2639]  __x64_sys_perf_event_open+0x63/0x70
[ 2203.500880][ T2639]  do_syscall_64+0x4a/0x90
[ 2203.505349][ T2639]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2203.511304][ T2639] RIP: 0033:0x4665d9
[ 2203.515243][ T2639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2203.534827][ T2639] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2203.543258][ T2639] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2203.551272][ T2639] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2203.559283][ T2639] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2203.567315][ T2639] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2203.575263][ T2639] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:18 executing program 3 (fault-call:6 fault-nth:19):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:18 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000030c000000db82456fa79c812600"})

03:42:18 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:18 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6000000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2203.851910][ T2635] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2203.859934][ T2635] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2203.871547][ T2635] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2203.879543][ T2635] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:18 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "00000003000c0000db82456fa79c812600"})

03:42:18 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6800000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:18 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:19 executing program 4 (fault-call:1 fault-nth:49):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2204.056367][ T2635] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2204.064403][ T2635] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2204.075622][ T2635] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2204.083670][ T2635] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:19 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2204.141572][ T2650] FAULT_INJECTION: forcing a failure.
[ 2204.141572][ T2650] name failslab, interval 1, probability 0, space 0, times 0
[ 2204.154180][ T2650] CPU: 0 PID: 2650 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2204.162866][ T2650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2204.172906][ T2650] Call Trace:
[ 2204.176170][ T2650]  dump_stack+0x137/0x19d
[ 2204.180478][ T2650]  should_fail+0x23c/0x250
[ 2204.185142][ T2650]  __should_failslab+0x81/0x90
[ 2204.189923][ T2650]  ? register_for_each_vma+0x372/0x890
[ 2204.195508][ T2650]  should_failslab+0x5/0x20
[ 2204.200006][ T2650]  kmem_cache_alloc_trace+0x49/0x310
[ 2204.205281][ T2650]  ? register_for_each_vma+0x372/0x890
[ 2204.210731][ T2650]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2204.216687][ T2650]  register_for_each_vma+0x372/0x890
[ 2204.222027][ T2650]  __uprobe_register+0x3f4/0x8a0
[ 2204.227008][ T2650]  uprobe_register_refctr+0x29/0x40
[ 2204.232176][ T2650]  probe_event_enable+0x2be/0x7d0
[ 2204.237229][ T2650]  ? __uprobe_trace_func+0x430/0x430
[ 2204.242527][ T2650]  trace_uprobe_register+0x88/0x410
[ 2204.247747][ T2650]  perf_trace_event_init+0x34e/0x790
[ 2204.253003][ T2650]  perf_uprobe_init+0xf5/0x140
[ 2204.257763][ T2650]  perf_uprobe_event_init+0xde/0x140
[ 2204.263135][ T2650]  perf_try_init_event+0x21a/0x400
[ 2204.268232][ T2650]  perf_event_alloc+0xa60/0x1790
[ 2204.273209][ T2650]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2204.278811][ T2650]  ? vfs_write+0x50c/0x770
[ 2204.283197][ T2650]  __x64_sys_perf_event_open+0x63/0x70
[ 2204.288641][ T2650]  do_syscall_64+0x4a/0x90
[ 2204.293039][ T2650]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2204.299014][ T2650] RIP: 0033:0x4665d9
[ 2204.302875][ T2650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2204.322454][ T2650] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2204.330933][ T2650] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:19 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2204.338875][ T2650] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2204.346816][ T2650] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2204.354773][ T2650] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2204.362725][ T2650] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2204.445658][ T2676] FAULT_INJECTION: forcing a failure.
[ 2204.445658][ T2676] name failslab, interval 1, probability 0, space 0, times 0
[ 2204.458269][ T2676] CPU: 1 PID: 2676 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2204.466968][ T2676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2204.476995][ T2676] Call Trace:
[ 2204.480290][ T2676]  dump_stack+0x137/0x19d
[ 2204.484703][ T2676]  should_fail+0x23c/0x250
[ 2204.489091][ T2676]  __should_failslab+0x81/0x90
[ 2204.493827][ T2676]  ? register_for_each_vma+0x372/0x890
[ 2204.499260][ T2676]  should_failslab+0x5/0x20
[ 2204.503738][ T2676]  kmem_cache_alloc_trace+0x49/0x310
[ 2204.508996][ T2676]  ? register_for_each_vma+0x372/0x890
[ 2204.514623][ T2676]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2204.520630][ T2676]  register_for_each_vma+0x372/0x890
[ 2204.525897][ T2676]  __uprobe_register+0x3f4/0x8a0
[ 2204.530858][ T2676]  uprobe_register_refctr+0x29/0x40
[ 2204.536031][ T2676]  probe_event_enable+0x2be/0x7d0
[ 2204.541117][ T2676]  ? __uprobe_trace_func+0x430/0x430
[ 2204.546389][ T2676]  trace_uprobe_register+0x88/0x410
[ 2204.551639][ T2676]  perf_trace_event_init+0x34e/0x790
[ 2204.556903][ T2676]  perf_uprobe_init+0xf5/0x140
[ 2204.561644][ T2676]  perf_uprobe_event_init+0xde/0x140
[ 2204.566910][ T2676]  perf_try_init_event+0x21a/0x400
[ 2204.572007][ T2676]  perf_event_alloc+0xa60/0x1790
[ 2204.576997][ T2676]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2204.582603][ T2676]  ? vfs_write+0x50c/0x770
[ 2204.586990][ T2676]  __x64_sys_perf_event_open+0x63/0x70
[ 2204.592422][ T2676]  do_syscall_64+0x4a/0x90
[ 2204.596812][ T2676]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2204.602682][ T2676] RIP: 0033:0x4665d9
[ 2204.606578][ T2676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2204.626185][ T2676] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2204.634708][ T2676] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2204.642679][ T2676] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2204.650688][ T2676] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2204.658730][ T2676] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2204.666703][ T2676] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:19 executing program 3 (fault-call:6 fault-nth:20):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:19 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x6c00000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:19 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000030fff0000db82456fa79c812600"})

03:42:19 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:19 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2204.937806][ T2674] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2204.945926][ T2674] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2204.957296][ T2674] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2204.965293][ T2674] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:20 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:20 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7400000000000000, &(0x7f0000000300)='ramfs\x00')

03:42:20 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2205.157198][ T2674] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2205.165285][ T2674] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2205.176623][ T2674] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2205.184596][ T2674] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2205.215607][ T2691] FAULT_INJECTION: forcing a failure.
[ 2205.215607][ T2691] name failslab, interval 1, probability 0, space 0, times 0
[ 2205.228353][ T2691] CPU: 0 PID: 2691 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2205.237019][ T2691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2205.247062][ T2691] Call Trace:
[ 2205.250331][ T2691]  dump_stack+0x137/0x19d
[ 2205.254708][ T2691]  should_fail+0x23c/0x250
[ 2205.259120][ T2691]  __should_failslab+0x81/0x90
[ 2205.263875][ T2691]  ? register_for_each_vma+0x372/0x890
[ 2205.269321][ T2691]  should_failslab+0x5/0x20
[ 2205.273811][ T2691]  kmem_cache_alloc_trace+0x49/0x310
[ 2205.279081][ T2691]  ? register_for_each_vma+0x372/0x890
[ 2205.284582][ T2691]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2205.290575][ T2691]  register_for_each_vma+0x372/0x890
[ 2205.295873][ T2691]  __uprobe_register+0x3f4/0x8a0
[ 2205.300820][ T2691]  uprobe_register_refctr+0x29/0x40
[ 2205.306013][ T2691]  probe_event_enable+0x2be/0x7d0
[ 2205.311072][ T2691]  ? __uprobe_trace_func+0x430/0x430
03:42:20 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2205.316362][ T2691]  trace_uprobe_register+0x88/0x410
[ 2205.321573][ T2691]  perf_trace_event_init+0x34e/0x790
[ 2205.326844][ T2691]  perf_uprobe_init+0xf5/0x140
[ 2205.331597][ T2691]  perf_uprobe_event_init+0xde/0x140
[ 2205.336876][ T2691]  perf_try_init_event+0x21a/0x400
[ 2205.341975][ T2691]  perf_event_alloc+0xa60/0x1790
[ 2205.347022][ T2691]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2205.352633][ T2691]  ? vfs_write+0x50c/0x770
[ 2205.357043][ T2691]  __x64_sys_perf_event_open+0x63/0x70
[ 2205.362498][ T2691]  do_syscall_64+0x4a/0x90
[ 2205.366919][ T2691]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2205.372865][ T2691] RIP: 0033:0x4665d9
[ 2205.376750][ T2691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2205.396346][ T2691] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2205.404735][ T2691] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:20 executing program 4 (fault-call:1 fault-nth:50):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:20 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0xff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:20 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x7a00000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2205.412692][ T2691] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2205.420639][ T2691] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2205.428584][ T2691] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2205.436529][ T2691] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2205.522995][ T2711] FAULT_INJECTION: forcing a failure.
[ 2205.522995][ T2711] name failslab, interval 1, probability 0, space 0, times 0
[ 2205.535792][ T2711] CPU: 1 PID: 2711 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2205.544462][ T2711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2205.554553][ T2711] Call Trace:
[ 2205.557811][ T2711]  dump_stack+0x137/0x19d
[ 2205.562168][ T2711]  should_fail+0x23c/0x250
[ 2205.566558][ T2711]  __should_failslab+0x81/0x90
[ 2205.571298][ T2711]  ? register_for_each_vma+0x372/0x890
[ 2205.576802][ T2711]  should_failslab+0x5/0x20
[ 2205.581288][ T2711]  kmem_cache_alloc_trace+0x49/0x310
[ 2205.586817][ T2711]  ? register_for_each_vma+0x372/0x890
[ 2205.592253][ T2711]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2205.598207][ T2711]  register_for_each_vma+0x372/0x890
[ 2205.603528][ T2711]  __uprobe_register+0x3f4/0x8a0
[ 2205.608440][ T2711]  uprobe_register_refctr+0x29/0x40
[ 2205.613619][ T2711]  probe_event_enable+0x2be/0x7d0
[ 2205.618744][ T2711]  ? __uprobe_trace_func+0x430/0x430
[ 2205.624069][ T2711]  trace_uprobe_register+0x88/0x410
[ 2205.629316][ T2711]  perf_trace_event_init+0x34e/0x790
[ 2205.634619][ T2711]  perf_uprobe_init+0xf5/0x140
[ 2205.639362][ T2711]  perf_uprobe_event_init+0xde/0x140
[ 2205.644632][ T2711]  perf_try_init_event+0x21a/0x400
[ 2205.649792][ T2711]  perf_event_alloc+0xa60/0x1790
[ 2205.654733][ T2711]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2205.660337][ T2711]  ? vfs_write+0x50c/0x770
[ 2205.664728][ T2711]  __x64_sys_perf_event_open+0x63/0x70
[ 2205.670167][ T2711]  do_syscall_64+0x4a/0x90
[ 2205.674596][ T2711]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2205.680471][ T2711] RIP: 0033:0x4665d9
[ 2205.684448][ T2711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2205.704101][ T2711] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2205.712486][ T2711] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2205.720450][ T2711] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2205.728509][ T2711] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2205.736458][ T2711] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2205.744445][ T2711] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:20 executing program 3 (fault-call:6 fault-nth:21):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:20 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000c00db82456fa79c812600"})

03:42:20 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x8cffffff00000000, &(0x7f0000000300)='ramfs\x00')

03:42:20 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:20 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2206.021028][ T2709] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2206.029043][ T2709] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2206.040323][ T2709] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2206.048359][ T2709] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:21 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:21 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:21 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xdaffffff00000000, &(0x7f0000000300)='ramfs\x00')

[ 2206.230307][ T2709] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2206.238449][ T2709] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2206.251100][ T2709] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2206.259134][ T2709] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:21 executing program 4 (fault-call:1 fault-nth:51):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:21 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xf6ffffff00000000, &(0x7f0000000300)='ramfs\x00')

[ 2206.326682][ T2729] FAULT_INJECTION: forcing a failure.
[ 2206.326682][ T2729] name failslab, interval 1, probability 0, space 0, times 0
[ 2206.339363][ T2729] CPU: 1 PID: 2729 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2206.348036][ T2729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2206.358075][ T2729] Call Trace:
[ 2206.361342][ T2729]  dump_stack+0x137/0x19d
[ 2206.365663][ T2729]  should_fail+0x23c/0x250
[ 2206.370134][ T2729]  __should_failslab+0x81/0x90
[ 2206.374898][ T2729]  ? register_for_each_vma+0x372/0x890
[ 2206.380411][ T2729]  should_failslab+0x5/0x20
[ 2206.384921][ T2729]  kmem_cache_alloc_trace+0x49/0x310
[ 2206.390188][ T2729]  ? register_for_each_vma+0x372/0x890
[ 2206.395715][ T2729]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2206.401725][ T2729]  register_for_each_vma+0x372/0x890
[ 2206.407006][ T2729]  __uprobe_register+0x3f4/0x8a0
[ 2206.411973][ T2729]  uprobe_register_refctr+0x29/0x40
[ 2206.417163][ T2729]  probe_event_enable+0x2be/0x7d0
03:42:21 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2206.422256][ T2729]  ? __uprobe_trace_func+0x430/0x430
[ 2206.427621][ T2729]  trace_uprobe_register+0x88/0x410
[ 2206.432809][ T2729]  perf_trace_event_init+0x34e/0x790
[ 2206.438143][ T2729]  perf_uprobe_init+0xf5/0x140
[ 2206.442900][ T2729]  perf_uprobe_event_init+0xde/0x140
[ 2206.448202][ T2729]  perf_try_init_event+0x21a/0x400
[ 2206.453290][ T2729]  perf_event_alloc+0xa60/0x1790
[ 2206.458201][ T2729]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2206.463805][ T2729]  ? vfs_write+0x50c/0x770
[ 2206.468297][ T2729]  __x64_sys_perf_event_open+0x63/0x70
[ 2206.473729][ T2729]  do_syscall_64+0x4a/0x90
[ 2206.478122][ T2729]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2206.484050][ T2729] RIP: 0033:0x4665d9
[ 2206.487913][ T2729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2206.507490][ T2729] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2206.515878][ T2729] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:21 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2206.523978][ T2729] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2206.531924][ T2729] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2206.539867][ T2729] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2206.547812][ T2729] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2206.638445][ T2752] FAULT_INJECTION: forcing a failure.
[ 2206.638445][ T2752] name failslab, interval 1, probability 0, space 0, times 0
[ 2206.651064][ T2752] CPU: 1 PID: 2752 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2206.659720][ T2752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2206.669784][ T2752] Call Trace:
[ 2206.673039][ T2752]  dump_stack+0x137/0x19d
[ 2206.677344][ T2752]  should_fail+0x23c/0x250
[ 2206.681732][ T2752]  __should_failslab+0x81/0x90
[ 2206.686467][ T2752]  ? register_for_each_vma+0x372/0x890
[ 2206.691941][ T2752]  should_failslab+0x5/0x20
[ 2206.696496][ T2752]  kmem_cache_alloc_trace+0x49/0x310
[ 2206.701838][ T2752]  ? register_for_each_vma+0x372/0x890
[ 2206.707270][ T2752]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2206.713221][ T2752]  register_for_each_vma+0x372/0x890
[ 2206.718478][ T2752]  __uprobe_register+0x3f4/0x8a0
[ 2206.723404][ T2752]  uprobe_register_refctr+0x29/0x40
[ 2206.728579][ T2752]  probe_event_enable+0x2be/0x7d0
[ 2206.733580][ T2752]  ? __uprobe_trace_func+0x430/0x430
[ 2206.738857][ T2752]  trace_uprobe_register+0x88/0x410
[ 2206.744060][ T2752]  perf_trace_event_init+0x34e/0x790
[ 2206.749343][ T2752]  perf_uprobe_init+0xf5/0x140
[ 2206.754123][ T2752]  perf_uprobe_event_init+0xde/0x140
[ 2206.759503][ T2752]  perf_try_init_event+0x21a/0x400
[ 2206.764606][ T2752]  perf_event_alloc+0xa60/0x1790
[ 2206.769529][ T2752]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2206.775207][ T2752]  ? vfs_write+0x50c/0x770
[ 2206.779650][ T2752]  __x64_sys_perf_event_open+0x63/0x70
[ 2206.785084][ T2752]  do_syscall_64+0x4a/0x90
[ 2206.789494][ T2752]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2206.795370][ T2752] RIP: 0033:0x4665d9
[ 2206.799238][ T2752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2206.818829][ T2752] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2206.827209][ T2752] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2206.835163][ T2752] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2206.843108][ T2752] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2206.851051][ T2752] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2206.858992][ T2752] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:22 executing program 3 (fault-call:6 fault-nth:22):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:22 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000001db82456fa79c812600"})

03:42:22 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xfeffffff00000000, &(0x7f0000000300)='ramfs\x00')

03:42:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:22 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2207.134404][ T2749] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2207.142510][ T2749] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2207.153784][ T2749] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2207.161765][ T2749] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:22 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:22 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xff03000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2207.346452][ T2749] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2207.354507][ T2749] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2207.368050][ T2749] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2207.376099][ T2749] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:22 executing program 4 (fault-call:1 fault-nth:52):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:22 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xff0f000000000000, &(0x7f0000000300)='ramfs\x00')

[ 2207.458245][ T2762] FAULT_INJECTION: forcing a failure.
[ 2207.458245][ T2762] name failslab, interval 1, probability 0, space 0, times 0
[ 2207.470859][ T2762] CPU: 1 PID: 2762 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2207.479513][ T2762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2207.489615][ T2762] Call Trace:
[ 2207.492871][ T2762]  dump_stack+0x137/0x19d
[ 2207.497191][ T2762]  should_fail+0x23c/0x250
[ 2207.501592][ T2762]  __should_failslab+0x81/0x90
03:42:22 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0xff, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:22 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000001000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2207.506343][ T2762]  ? register_for_each_vma+0x372/0x890
[ 2207.511782][ T2762]  should_failslab+0x5/0x20
[ 2207.516266][ T2762]  kmem_cache_alloc_trace+0x49/0x310
[ 2207.521547][ T2762]  ? register_for_each_vma+0x372/0x890
[ 2207.526986][ T2762]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2207.532954][ T2762]  register_for_each_vma+0x372/0x890
[ 2207.538223][ T2762]  __uprobe_register+0x3f4/0x8a0
[ 2207.543138][ T2762]  uprobe_register_refctr+0x29/0x40
[ 2207.548345][ T2762]  probe_event_enable+0x2be/0x7d0
[ 2207.553359][ T2762]  ? __uprobe_trace_func+0x430/0x430
[ 2207.558727][ T2762]  trace_uprobe_register+0x88/0x410
[ 2207.563922][ T2762]  perf_trace_event_init+0x34e/0x790
[ 2207.569336][ T2762]  perf_uprobe_init+0xf5/0x140
[ 2207.574105][ T2762]  perf_uprobe_event_init+0xde/0x140
[ 2207.579371][ T2762]  perf_try_init_event+0x21a/0x400
[ 2207.584451][ T2762]  perf_event_alloc+0xa60/0x1790
[ 2207.589366][ T2762]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2207.594995][ T2762]  ? vfs_write+0x50c/0x770
[ 2207.599381][ T2762]  __x64_sys_perf_event_open+0x63/0x70
[ 2207.604810][ T2762]  do_syscall_64+0x4a/0x90
[ 2207.609198][ T2762]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2207.615066][ T2762] RIP: 0033:0x4665d9
[ 2207.618936][ T2762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2207.638515][ T2762] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2207.646899][ T2762] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2207.654847][ T2762] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2207.662788][ T2762] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2207.670730][ T2762] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2207.678692][ T2762] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2207.766410][ T2790] FAULT_INJECTION: forcing a failure.
[ 2207.766410][ T2790] name failslab, interval 1, probability 0, space 0, times 0
[ 2207.779152][ T2790] CPU: 0 PID: 2790 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2207.787812][ T2790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2207.797881][ T2790] Call Trace:
[ 2207.801135][ T2790]  dump_stack+0x137/0x19d
[ 2207.805470][ T2790]  should_fail+0x23c/0x250
[ 2207.809862][ T2790]  __should_failslab+0x81/0x90
[ 2207.814601][ T2790]  ? register_for_each_vma+0x372/0x890
[ 2207.820042][ T2790]  should_failslab+0x5/0x20
[ 2207.824528][ T2790]  kmem_cache_alloc_trace+0x49/0x310
[ 2207.829791][ T2790]  ? register_for_each_vma+0x372/0x890
[ 2207.835287][ T2790]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2207.841243][ T2790]  register_for_each_vma+0x372/0x890
[ 2207.846501][ T2790]  __uprobe_register+0x3f4/0x8a0
[ 2207.851424][ T2790]  uprobe_register_refctr+0x29/0x40
[ 2207.856645][ T2790]  probe_event_enable+0x2be/0x7d0
[ 2207.861749][ T2790]  ? __uprobe_trace_func+0x430/0x430
[ 2207.867015][ T2790]  trace_uprobe_register+0x88/0x410
[ 2207.872227][ T2790]  perf_trace_event_init+0x34e/0x790
[ 2207.877490][ T2790]  perf_uprobe_init+0xf5/0x140
[ 2207.882230][ T2790]  perf_uprobe_event_init+0xde/0x140
[ 2207.887534][ T2790]  perf_try_init_event+0x21a/0x400
[ 2207.892625][ T2790]  perf_event_alloc+0xa60/0x1790
[ 2207.897607][ T2790]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2207.903280][ T2790]  ? vfs_write+0x50c/0x770
[ 2207.907715][ T2790]  __x64_sys_perf_event_open+0x63/0x70
[ 2207.913153][ T2790]  do_syscall_64+0x4a/0x90
[ 2207.917603][ T2790]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2207.923477][ T2790] RIP: 0033:0x4665d9
[ 2207.927341][ T2790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2207.946941][ T2790] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2207.955366][ T2790] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2207.963328][ T2790] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2207.971270][ T2790] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2207.979296][ T2790] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2207.987236][ T2790] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:23 executing program 3 (fault-call:6 fault-nth:23):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "00000003fffffdfddb82456fa79c812600"})

03:42:23 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xffffff7f00000000, &(0x7f0000000300)='ramfs\x00')

[ 2208.263295][ T2785] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2208.271391][ T2785] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2208.282687][ T2785] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2208.290676][ T2785] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2208.464513][ T2785] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2208.472495][ T2785] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
03:42:23 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xffffffff00000000, &(0x7f0000000300)='ramfs\x00')

03:42:23 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2208.504713][ T2785] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2208.512712][ T2785] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2208.562788][ T2803] FAULT_INJECTION: forcing a failure.
[ 2208.562788][ T2803] name failslab, interval 1, probability 0, space 0, times 0
[ 2208.575449][ T2803] CPU: 1 PID: 2803 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2208.584112][ T2803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2208.594164][ T2803] Call Trace:
[ 2208.597456][ T2803]  dump_stack+0x137/0x19d
[ 2208.601770][ T2803]  should_fail+0x23c/0x250
[ 2208.606166][ T2803]  __should_failslab+0x81/0x90
[ 2208.610917][ T2803]  ? register_for_each_vma+0x372/0x890
[ 2208.616399][ T2803]  should_failslab+0x5/0x20
[ 2208.620885][ T2803]  kmem_cache_alloc_trace+0x49/0x310
[ 2208.626193][ T2803]  ? register_for_each_vma+0x372/0x890
[ 2208.631725][ T2803]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2208.637690][ T2803]  register_for_each_vma+0x372/0x890
[ 2208.642958][ T2803]  __uprobe_register+0x3f4/0x8a0
[ 2208.647881][ T2803]  uprobe_register_refctr+0x29/0x40
[ 2208.653065][ T2803]  probe_event_enable+0x2be/0x7d0
[ 2208.658121][ T2803]  ? __uprobe_trace_func+0x430/0x430
[ 2208.663390][ T2803]  trace_uprobe_register+0x88/0x410
[ 2208.668612][ T2803]  perf_trace_event_init+0x34e/0x790
[ 2208.673920][ T2803]  perf_uprobe_init+0xf5/0x140
[ 2208.678677][ T2803]  perf_uprobe_event_init+0xde/0x140
[ 2208.683986][ T2803]  perf_try_init_event+0x21a/0x400
[ 2208.689067][ T2803]  perf_event_alloc+0xa60/0x1790
[ 2208.693977][ T2803]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2208.699585][ T2803]  ? vfs_write+0x50c/0x770
[ 2208.703980][ T2803]  __x64_sys_perf_event_open+0x63/0x70
[ 2208.709514][ T2803]  do_syscall_64+0x4a/0x90
[ 2208.713910][ T2803]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2208.719850][ T2803] RIP: 0033:0x4665d9
[ 2208.723730][ T2803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2208.743949][ T2803] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2208.752454][ T2803] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:23 executing program 4 (fault-call:1 fault-nth:53):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:23 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0xffffffffffffffff, &(0x7f0000000300)='ramfs\x00')

[ 2208.760404][ T2803] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2208.768441][ T2803] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2208.776385][ T2803] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2208.784329][ T2803] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2209.050395][ T2828] FAULT_INJECTION: forcing a failure.
[ 2209.050395][ T2828] name failslab, interval 1, probability 0, space 0, times 0
[ 2209.063008][ T2828] CPU: 1 PID: 2828 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2209.071657][ T2828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2209.081687][ T2828] Call Trace:
[ 2209.084958][ T2828]  dump_stack+0x137/0x19d
[ 2209.089279][ T2828]  should_fail+0x23c/0x250
[ 2209.093694][ T2828]  __should_failslab+0x81/0x90
[ 2209.098484][ T2828]  ? register_for_each_vma+0x372/0x890
[ 2209.103961][ T2828]  should_failslab+0x5/0x20
[ 2209.108444][ T2828]  kmem_cache_alloc_trace+0x49/0x310
[ 2209.113701][ T2828]  ? register_for_each_vma+0x372/0x890
[ 2209.119138][ T2828]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2209.125091][ T2828]  register_for_each_vma+0x372/0x890
[ 2209.130432][ T2828]  __uprobe_register+0x3f4/0x8a0
[ 2209.135348][ T2828]  uprobe_register_refctr+0x29/0x40
[ 2209.140521][ T2828]  probe_event_enable+0x2be/0x7d0
[ 2209.145528][ T2828]  ? __uprobe_trace_func+0x430/0x430
[ 2209.150793][ T2828]  trace_uprobe_register+0x88/0x410
[ 2209.156176][ T2828]  perf_trace_event_init+0x34e/0x790
[ 2209.161434][ T2828]  perf_uprobe_init+0xf5/0x140
[ 2209.166224][ T2828]  perf_uprobe_event_init+0xde/0x140
[ 2209.171481][ T2828]  perf_try_init_event+0x21a/0x400
[ 2209.176568][ T2828]  perf_event_alloc+0xa60/0x1790
[ 2209.181483][ T2828]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2209.187086][ T2828]  ? vfs_write+0x50c/0x770
[ 2209.191474][ T2828]  __x64_sys_perf_event_open+0x63/0x70
[ 2209.196907][ T2828]  do_syscall_64+0x4a/0x90
[ 2209.201306][ T2828]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2209.207245][ T2828] RIP: 0033:0x4665d9
[ 2209.211110][ T2828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2209.230703][ T2828] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2209.239088][ T2828] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:24 executing program 3 (fault-call:6 fault-nth:24):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000fffdb82456fa79c812600"})

03:42:24 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='\"amfs\x00')

03:42:24 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:24 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2209.247046][ T2828] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2209.254992][ T2828] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2209.263003][ T2828] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2209.270977][ T2828] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:24 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:24 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)=',amfs\x00')

[ 2209.329832][ T2841] devpts: called with bogus options
03:42:24 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000010000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2209.375285][ T2826] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2209.383277][ T2826] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2209.394442][ T2826] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2209.402483][ T2826] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2209.594757][ T2826] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2209.602837][ T2826] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2209.608692][ T2855] devpts: called with bogus options
[ 2209.614077][ T2826] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2209.627179][ T2826] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2209.663528][ T2842] FAULT_INJECTION: forcing a failure.
[ 2209.663528][ T2842] name failslab, interval 1, probability 0, space 0, times 0
[ 2209.676215][ T2842] CPU: 1 PID: 2842 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2209.684879][ T2842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2209.694911][ T2842] Call Trace:
[ 2209.698225][ T2842]  dump_stack+0x137/0x19d
[ 2209.702553][ T2842]  should_fail+0x23c/0x250
[ 2209.706959][ T2842]  __should_failslab+0x81/0x90
[ 2209.711754][ T2842]  ? register_for_each_vma+0x372/0x890
[ 2209.717304][ T2842]  should_failslab+0x5/0x20
[ 2209.721801][ T2842]  kmem_cache_alloc_trace+0x49/0x310
[ 2209.727120][ T2842]  ? register_for_each_vma+0x372/0x890
[ 2209.732603][ T2842]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2209.738606][ T2842]  register_for_each_vma+0x372/0x890
[ 2209.743865][ T2842]  __uprobe_register+0x3f4/0x8a0
[ 2209.748835][ T2842]  uprobe_register_refctr+0x29/0x40
[ 2209.754004][ T2842]  probe_event_enable+0x2be/0x7d0
[ 2209.759004][ T2842]  ? __uprobe_trace_func+0x430/0x430
[ 2209.764260][ T2842]  trace_uprobe_register+0x88/0x410
[ 2209.769513][ T2842]  perf_trace_event_init+0x34e/0x790
[ 2209.774801][ T2842]  perf_uprobe_init+0xf5/0x140
[ 2209.779634][ T2842]  perf_uprobe_event_init+0xde/0x140
[ 2209.784931][ T2842]  perf_try_init_event+0x21a/0x400
[ 2209.790067][ T2842]  perf_event_alloc+0xa60/0x1790
[ 2209.795007][ T2842]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2209.800650][ T2842]  ? vfs_write+0x50c/0x770
[ 2209.805039][ T2842]  __x64_sys_perf_event_open+0x63/0x70
[ 2209.810527][ T2842]  do_syscall_64+0x4a/0x90
[ 2209.814922][ T2842]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2209.820883][ T2842] RIP: 0033:0x4665d9
[ 2209.824761][ T2842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2209.844423][ T2842] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2209.852806][ T2842] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:24 executing program 4 (fault-call:1 fault-nth:54):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "00000003fdfdffffdb82456fa79c812600"})

03:42:24 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='r\nmfs\x00')

03:42:24 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2209.860777][ T2842] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2209.868721][ T2842] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2209.876664][ T2842] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2209.884605][ T2842] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2209.946947][ T2869] devpts: called with bogus options
[ 2210.150648][ T2868] FAULT_INJECTION: forcing a failure.
[ 2210.150648][ T2868] name failslab, interval 1, probability 0, space 0, times 0
[ 2210.163327][ T2868] CPU: 1 PID: 2868 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2210.172058][ T2868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2210.182105][ T2868] Call Trace:
[ 2210.185364][ T2868]  dump_stack+0x137/0x19d
[ 2210.189672][ T2868]  should_fail+0x23c/0x250
[ 2210.194109][ T2868]  __should_failslab+0x81/0x90
[ 2210.198935][ T2868]  ? register_for_each_vma+0x372/0x890
[ 2210.204369][ T2868]  should_failslab+0x5/0x20
[ 2210.208866][ T2868]  kmem_cache_alloc_trace+0x49/0x310
[ 2210.214173][ T2868]  ? register_for_each_vma+0x372/0x890
[ 2210.219662][ T2868]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2210.225725][ T2868]  register_for_each_vma+0x372/0x890
[ 2210.230993][ T2868]  __uprobe_register+0x3f4/0x8a0
[ 2210.235919][ T2868]  uprobe_register_refctr+0x29/0x40
[ 2210.241149][ T2868]  probe_event_enable+0x2be/0x7d0
[ 2210.246159][ T2868]  ? __uprobe_trace_func+0x430/0x430
[ 2210.251429][ T2868]  trace_uprobe_register+0x88/0x410
[ 2210.256766][ T2868]  perf_trace_event_init+0x34e/0x790
[ 2210.262025][ T2868]  perf_uprobe_init+0xf5/0x140
[ 2210.266761][ T2868]  perf_uprobe_event_init+0xde/0x140
[ 2210.272020][ T2868]  perf_try_init_event+0x21a/0x400
[ 2210.277111][ T2868]  perf_event_alloc+0xa60/0x1790
[ 2210.282034][ T2868]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2210.287641][ T2868]  ? vfs_write+0x50c/0x770
[ 2210.292027][ T2868]  __x64_sys_perf_event_open+0x63/0x70
[ 2210.297455][ T2868]  do_syscall_64+0x4a/0x90
[ 2210.301844][ T2868]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2210.307777][ T2868] RIP: 0033:0x4665d9
[ 2210.311713][ T2868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2210.331289][ T2868] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2210.339672][ T2868] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:25 executing program 3 (fault-call:6 fault-nth:25):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:25 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:25 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='r\"mfs\x00')

03:42:25 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "00000003000c0000db82456fa79c812600"})

[ 2210.347641][ T2868] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2210.355618][ T2868] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2210.363563][ T2868] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2210.371511][ T2868] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:25 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='r%mfs\x00')

03:42:25 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:25 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2210.434451][ T2883] devpts: called with bogus options
[ 2210.456425][ T2867] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2210.464514][ T2867] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2210.476218][ T2867] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2210.484184][ T2867] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2210.687250][ T2867] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2210.695258][ T2867] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2210.697849][ T2898] devpts: called with bogus options
[ 2210.707257][ T2867] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2210.719500][ T2867] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2210.757404][ T2885] FAULT_INJECTION: forcing a failure.
[ 2210.757404][ T2885] name failslab, interval 1, probability 0, space 0, times 0
[ 2210.770031][ T2885] CPU: 1 PID: 2885 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2210.778684][ T2885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2210.788711][ T2885] Call Trace:
[ 2210.791967][ T2885]  dump_stack+0x137/0x19d
[ 2210.796273][ T2885]  should_fail+0x23c/0x250
[ 2210.800660][ T2885]  __should_failslab+0x81/0x90
[ 2210.805461][ T2885]  ? register_for_each_vma+0x372/0x890
[ 2210.810900][ T2885]  should_failslab+0x5/0x20
[ 2210.815435][ T2885]  kmem_cache_alloc_trace+0x49/0x310
[ 2210.820768][ T2885]  ? register_for_each_vma+0x372/0x890
[ 2210.826218][ T2885]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2210.832169][ T2885]  register_for_each_vma+0x372/0x890
[ 2210.837448][ T2885]  __uprobe_register+0x3f4/0x8a0
[ 2210.842403][ T2885]  uprobe_register_refctr+0x29/0x40
[ 2210.847670][ T2885]  probe_event_enable+0x2be/0x7d0
[ 2210.852718][ T2885]  ? __uprobe_trace_func+0x430/0x430
[ 2210.858022][ T2885]  trace_uprobe_register+0x88/0x410
[ 2210.863194][ T2885]  perf_trace_event_init+0x34e/0x790
[ 2210.868452][ T2885]  perf_uprobe_init+0xf5/0x140
[ 2210.873219][ T2885]  perf_uprobe_event_init+0xde/0x140
[ 2210.878476][ T2885]  perf_try_init_event+0x21a/0x400
[ 2210.883559][ T2885]  perf_event_alloc+0xa60/0x1790
[ 2210.888499][ T2885]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2210.894146][ T2885]  ? vfs_write+0x50c/0x770
[ 2210.898531][ T2885]  __x64_sys_perf_event_open+0x63/0x70
[ 2210.904034][ T2885]  do_syscall_64+0x4a/0x90
[ 2210.908524][ T2885]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2210.914457][ T2885] RIP: 0033:0x4665d9
[ 2210.918344][ T2885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2210.937993][ T2885] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2210.946376][ T2885] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:25 executing program 4 (fault-call:1 fault-nth:55):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000c00db82456fa79c812600"})

03:42:25 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='r,mfs\x00')

03:42:25 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2210.954406][ T2885] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2210.962349][ T2885] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2210.970294][ T2885] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2210.978291][ T2885] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2211.017639][ T2911] devpts: called with bogus options
[ 2211.068186][ T2912] FAULT_INJECTION: forcing a failure.
[ 2211.068186][ T2912] name failslab, interval 1, probability 0, space 0, times 0
[ 2211.080902][ T2912] CPU: 1 PID: 2912 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2211.089557][ T2912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2211.099630][ T2912] Call Trace:
[ 2211.102893][ T2912]  dump_stack+0x137/0x19d
[ 2211.107211][ T2912]  should_fail+0x23c/0x250
[ 2211.111672][ T2912]  __should_failslab+0x81/0x90
[ 2211.116424][ T2912]  ? register_for_each_vma+0x372/0x890
[ 2211.121864][ T2912]  should_failslab+0x5/0x20
[ 2211.126402][ T2912]  kmem_cache_alloc_trace+0x49/0x310
[ 2211.131821][ T2912]  ? register_for_each_vma+0x372/0x890
[ 2211.137303][ T2912]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2211.143341][ T2912]  register_for_each_vma+0x372/0x890
[ 2211.148603][ T2912]  __uprobe_register+0x3f4/0x8a0
[ 2211.153528][ T2912]  uprobe_register_refctr+0x29/0x40
[ 2211.158715][ T2912]  probe_event_enable+0x2be/0x7d0
[ 2211.163726][ T2912]  ? __uprobe_trace_func+0x430/0x430
[ 2211.169071][ T2912]  trace_uprobe_register+0x88/0x410
[ 2211.174314][ T2912]  perf_trace_event_init+0x34e/0x790
[ 2211.179584][ T2912]  perf_uprobe_init+0xf5/0x140
[ 2211.184332][ T2912]  perf_uprobe_event_init+0xde/0x140
[ 2211.189596][ T2912]  perf_try_init_event+0x21a/0x400
[ 2211.194696][ T2912]  perf_event_alloc+0xa60/0x1790
[ 2211.199688][ T2912]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2211.205322][ T2912]  ? vfs_write+0x50c/0x770
[ 2211.209731][ T2912]  __x64_sys_perf_event_open+0x63/0x70
[ 2211.215368][ T2912]  do_syscall_64+0x4a/0x90
[ 2211.219869][ T2912]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2211.225742][ T2912] RIP: 0033:0x4665d9
[ 2211.229612][ T2912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2211.249238][ T2912] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2211.257622][ T2912] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2211.265574][ T2912] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2211.273533][ T2912] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2211.281493][ T2912] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2211.289564][ T2912] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:26 executing program 3 (fault-call:6 fault-nth:26):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:26 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:26 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ra\"fs\x00')

03:42:26 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:26 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "00000003000fff00db82456fa79c812600"})

[ 2211.561334][ T2910] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2211.569464][ T2910] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2211.580517][ T2910] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2211.588615][ T2910] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:26 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ra,fs\x00')

03:42:26 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2211.759775][ T2922] devpts: called with bogus options
03:42:26 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2211.784979][ T2910] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2211.792967][ T2910] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2211.804350][ T2910] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2211.812308][ T2910] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2211.839085][ T2924] FAULT_INJECTION: forcing a failure.
[ 2211.839085][ T2924] name failslab, interval 1, probability 0, space 0, times 0
[ 2211.851681][ T2924] CPU: 1 PID: 2924 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2211.860351][ T2924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2211.870385][ T2924] Call Trace:
[ 2211.873649][ T2924]  dump_stack+0x137/0x19d
[ 2211.877957][ T2924]  should_fail+0x23c/0x250
[ 2211.882354][ T2924]  __should_failslab+0x81/0x90
[ 2211.887201][ T2924]  ? register_for_each_vma+0x372/0x890
[ 2211.892698][ T2924]  should_failslab+0x5/0x20
[ 2211.897189][ T2924]  kmem_cache_alloc_trace+0x49/0x310
[ 2211.902458][ T2924]  ? register_for_each_vma+0x372/0x890
[ 2211.907904][ T2924]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2211.913887][ T2924]  register_for_each_vma+0x372/0x890
[ 2211.919156][ T2924]  __uprobe_register+0x3f4/0x8a0
[ 2211.924079][ T2924]  uprobe_register_refctr+0x29/0x40
[ 2211.929349][ T2924]  probe_event_enable+0x2be/0x7d0
[ 2211.934394][ T2924]  ? __uprobe_trace_func+0x430/0x430
[ 2211.939669][ T2924]  trace_uprobe_register+0x88/0x410
[ 2211.944852][ T2924]  perf_trace_event_init+0x34e/0x790
[ 2211.945723][ T2939] devpts: called with bogus options
[ 2211.950121][ T2924]  perf_uprobe_init+0xf5/0x140
[ 2211.950141][ T2924]  perf_uprobe_event_init+0xde/0x140
[ 2211.965302][ T2924]  perf_try_init_event+0x21a/0x400
[ 2211.970414][ T2924]  perf_event_alloc+0xa60/0x1790
[ 2211.975362][ T2924]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2211.980980][ T2924]  ? vfs_write+0x50c/0x770
[ 2211.985367][ T2924]  __x64_sys_perf_event_open+0x63/0x70
[ 2211.990799][ T2924]  do_syscall_64+0x4a/0x90
[ 2211.995241][ T2924]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2212.001110][ T2924] RIP: 0033:0x4665d9
[ 2212.004975][ T2924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2212.024550][ T2924] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:26 executing program 4 (fault-call:1 fault-nth:56):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:26 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000080000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:26 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000c00db82456fa79c812600"})

03:42:26 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2212.032945][ T2924] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2212.040889][ T2924] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2212.048831][ T2924] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2212.056771][ T2924] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2212.064723][ T2924] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2212.341276][ T2947] FAULT_INJECTION: forcing a failure.
[ 2212.341276][ T2947] name failslab, interval 1, probability 0, space 0, times 0
[ 2212.353971][ T2947] CPU: 1 PID: 2947 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2212.362625][ T2947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2212.372648][ T2947] Call Trace:
[ 2212.375956][ T2947]  dump_stack+0x137/0x19d
[ 2212.380343][ T2947]  should_fail+0x23c/0x250
[ 2212.384732][ T2947]  __should_failslab+0x81/0x90
[ 2212.389466][ T2947]  ? register_for_each_vma+0x372/0x890
[ 2212.394943][ T2947]  should_failslab+0x5/0x20
[ 2212.399475][ T2947]  kmem_cache_alloc_trace+0x49/0x310
[ 2212.404813][ T2947]  ? register_for_each_vma+0x372/0x890
[ 2212.410292][ T2947]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2212.416262][ T2947]  register_for_each_vma+0x372/0x890
[ 2212.421529][ T2947]  __uprobe_register+0x3f4/0x8a0
[ 2212.426450][ T2947]  uprobe_register_refctr+0x29/0x40
[ 2212.431625][ T2947]  probe_event_enable+0x2be/0x7d0
[ 2212.436620][ T2947]  ? __uprobe_trace_func+0x430/0x430
[ 2212.441907][ T2947]  trace_uprobe_register+0x88/0x410
[ 2212.447102][ T2947]  perf_trace_event_init+0x34e/0x790
[ 2212.452367][ T2947]  perf_uprobe_init+0xf5/0x140
[ 2212.457116][ T2947]  perf_uprobe_event_init+0xde/0x140
[ 2212.462407][ T2947]  perf_try_init_event+0x21a/0x400
[ 2212.467576][ T2947]  perf_event_alloc+0xa60/0x1790
[ 2212.472489][ T2947]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2212.478171][ T2947]  ? vfs_write+0x50c/0x770
[ 2212.482555][ T2947]  __x64_sys_perf_event_open+0x63/0x70
[ 2212.487987][ T2947]  do_syscall_64+0x4a/0x90
[ 2212.492405][ T2947]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2212.498342][ T2947] RIP: 0033:0x4665d9
[ 2212.502217][ T2947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2212.521793][ T2947] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2212.530203][ T2947] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfeffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:27 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ram\"s\x00')

03:42:27 executing program 3 (fault-call:6 fault-nth:27):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:27 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "000000030000000cdb82456fa79c812600"})

[ 2212.538263][ T2947] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2212.546214][ T2947] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2212.554160][ T2947] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2212.562101][ T2947] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:27 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ram,s\x00')

[ 2212.626347][ T2963] devpts: called with bogus options
03:42:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2212.649739][ T2943] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2212.657735][ T2943] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2212.669041][ T2943] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2212.677070][ T2943] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2212.861711][ T2943] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2212.869727][ T2943] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2212.881049][ T2943] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2212.883603][ T2975] devpts: called with bogus options
[ 2212.889036][ T2943] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:27 executing program 4 (fault-call:1 fault-nth:57):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:27 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000fffdb82456fa79c812600"})

03:42:27 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ram.s\x00')

03:42:27 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2212.941483][ T2964] FAULT_INJECTION: forcing a failure.
[ 2212.941483][ T2964] name failslab, interval 1, probability 0, space 0, times 0
[ 2212.954208][ T2964] CPU: 0 PID: 2964 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2212.962872][ T2964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2212.972909][ T2964] Call Trace:
[ 2212.976163][ T2964]  dump_stack+0x137/0x19d
[ 2212.980538][ T2964]  should_fail+0x23c/0x250
[ 2212.984930][ T2964]  __should_failslab+0x81/0x90
[ 2212.989712][ T2964]  ? register_for_each_vma+0x372/0x890
[ 2212.995165][ T2964]  should_failslab+0x5/0x20
[ 2212.999647][ T2964]  kmem_cache_alloc_trace+0x49/0x310
[ 2213.004992][ T2964]  ? register_for_each_vma+0x372/0x890
[ 2213.010485][ T2964]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2213.016456][ T2964]  register_for_each_vma+0x372/0x890
[ 2213.021805][ T2964]  __uprobe_register+0x3f4/0x8a0
[ 2213.026761][ T2964]  uprobe_register_refctr+0x29/0x40
[ 2213.031938][ T2964]  probe_event_enable+0x2be/0x7d0
[ 2213.036942][ T2964]  ? __uprobe_trace_func+0x430/0x430
[ 2213.042277][ T2964]  trace_uprobe_register+0x88/0x410
[ 2213.047502][ T2964]  perf_trace_event_init+0x34e/0x790
[ 2213.052765][ T2964]  perf_uprobe_init+0xf5/0x140
[ 2213.057508][ T2964]  perf_uprobe_event_init+0xde/0x140
[ 2213.062813][ T2964]  perf_try_init_event+0x21a/0x400
[ 2213.067899][ T2964]  perf_event_alloc+0xa60/0x1790
[ 2213.072894][ T2964]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2213.078495][ T2964]  ? vfs_write+0x50c/0x770
[ 2213.082879][ T2964]  __x64_sys_perf_event_open+0x63/0x70
[ 2213.088308][ T2964]  do_syscall_64+0x4a/0x90
[ 2213.092709][ T2964]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2213.098594][ T2964] RIP: 0033:0x4665d9
[ 2213.102522][ T2964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2213.122107][ T2964] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2213.130494][ T2964] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2213.138471][ T2964] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2213.146417][ T2964] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2213.154366][ T2964] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2213.162361][ T2964] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2213.207425][ T2988] devpts: called with bogus options
[ 2213.237610][ T2991] FAULT_INJECTION: forcing a failure.
[ 2213.237610][ T2991] name failslab, interval 1, probability 0, space 0, times 0
[ 2213.250358][ T2991] CPU: 0 PID: 2991 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2213.259020][ T2991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2213.269184][ T2991] Call Trace:
[ 2213.272437][ T2991]  dump_stack+0x137/0x19d
[ 2213.276742][ T2991]  should_fail+0x23c/0x250
[ 2213.281179][ T2991]  __should_failslab+0x81/0x90
[ 2213.285928][ T2991]  ? register_for_each_vma+0x372/0x890
[ 2213.291363][ T2991]  should_failslab+0x5/0x20
[ 2213.295886][ T2991]  kmem_cache_alloc_trace+0x49/0x310
[ 2213.301206][ T2991]  ? register_for_each_vma+0x372/0x890
[ 2213.306692][ T2991]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2213.312647][ T2991]  register_for_each_vma+0x372/0x890
[ 2213.317919][ T2991]  __uprobe_register+0x3f4/0x8a0
[ 2213.322826][ T2991]  uprobe_register_refctr+0x29/0x40
[ 2213.327999][ T2991]  probe_event_enable+0x2be/0x7d0
[ 2213.332995][ T2991]  ? __uprobe_trace_func+0x430/0x430
[ 2213.338272][ T2991]  trace_uprobe_register+0x88/0x410
[ 2213.343506][ T2991]  perf_trace_event_init+0x34e/0x790
[ 2213.348793][ T2991]  perf_uprobe_init+0xf5/0x140
[ 2213.353549][ T2991]  perf_uprobe_event_init+0xde/0x140
[ 2213.358806][ T2991]  perf_try_init_event+0x21a/0x400
[ 2213.363888][ T2991]  perf_event_alloc+0xa60/0x1790
[ 2213.368872][ T2991]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2213.374493][ T2991]  ? vfs_write+0x50c/0x770
[ 2213.378886][ T2991]  __x64_sys_perf_event_open+0x63/0x70
[ 2213.384397][ T2991]  do_syscall_64+0x4a/0x90
[ 2213.388907][ T2991]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2213.394786][ T2991] RIP: 0033:0x4665d9
[ 2213.398686][ T2991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2213.418284][ T2991] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2213.426700][ T2991] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2213.434780][ T2991] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2213.442719][ T2991] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2213.450658][ T2991] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2213.458596][ T2991] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:28 executing program 3 (fault-call:6 fault-nth:28):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:28 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:28 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:28 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ram/s\x00')

03:42:28 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c81260c00"})

[ 2213.734781][ T2987] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2213.742807][ T2987] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2213.754156][ T2987] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2213.762127][ T2987] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:28 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:28 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramf\n\x00')

03:42:28 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2213.934036][ T2987] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2213.942047][ T2987] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2213.953511][ T2987] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2213.957174][ T3001] devpts: called with bogus options
[ 2213.961495][ T2987] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2214.033433][ T3003] FAULT_INJECTION: forcing a failure.
[ 2214.033433][ T3003] name failslab, interval 1, probability 0, space 0, times 0
[ 2214.046072][ T3003] CPU: 0 PID: 3003 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2214.046572][ T3015] devpts: called with bogus options
[ 2214.054789][ T3003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2214.070014][ T3003] Call Trace:
[ 2214.073278][ T3003]  dump_stack+0x137/0x19d
[ 2214.077591][ T3003]  should_fail+0x23c/0x250
[ 2214.082065][ T3003]  __should_failslab+0x81/0x90
[ 2214.086896][ T3003]  ? register_for_each_vma+0x372/0x890
[ 2214.092370][ T3003]  should_failslab+0x5/0x20
[ 2214.096855][ T3003]  kmem_cache_alloc_trace+0x49/0x310
[ 2214.102120][ T3003]  ? register_for_each_vma+0x372/0x890
[ 2214.107648][ T3003]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2214.113689][ T3003]  register_for_each_vma+0x372/0x890
[ 2214.118945][ T3003]  __uprobe_register+0x3f4/0x8a0
[ 2214.123853][ T3003]  uprobe_register_refctr+0x29/0x40
[ 2214.129024][ T3003]  probe_event_enable+0x2be/0x7d0
[ 2214.134086][ T3003]  ? __uprobe_trace_func+0x430/0x430
[ 2214.139385][ T3003]  trace_uprobe_register+0x88/0x410
[ 2214.144572][ T3003]  perf_trace_event_init+0x34e/0x790
[ 2214.149904][ T3003]  perf_uprobe_init+0xf5/0x140
[ 2214.154663][ T3003]  perf_uprobe_event_init+0xde/0x140
[ 2214.159929][ T3003]  perf_try_init_event+0x21a/0x400
[ 2214.165097][ T3003]  perf_event_alloc+0xa60/0x1790
[ 2214.170010][ T3003]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2214.175632][ T3003]  ? vfs_write+0x50c/0x770
[ 2214.180055][ T3003]  __x64_sys_perf_event_open+0x63/0x70
[ 2214.185507][ T3003]  do_syscall_64+0x4a/0x90
[ 2214.189904][ T3003]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2214.195775][ T3003] RIP: 0033:0x4665d9
[ 2214.199648][ T3003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2214.219260][ T3003] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:29 executing program 4 (fault-call:1 fault-nth:58):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:29 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:29 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:29 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramf\"\x00')

[ 2214.227653][ T3003] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2214.235620][ T3003] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2214.243631][ T3003] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2214.251573][ T3003] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2214.259512][ T3003] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2214.325503][ T3025] devpts: called with bogus options
[ 2214.533244][ T3029] FAULT_INJECTION: forcing a failure.
[ 2214.533244][ T3029] name failslab, interval 1, probability 0, space 0, times 0
[ 2214.545832][ T3029] CPU: 0 PID: 3029 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2214.554517][ T3029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2214.564577][ T3029] Call Trace:
[ 2214.567828][ T3029]  dump_stack+0x137/0x19d
[ 2214.572149][ T3029]  should_fail+0x23c/0x250
[ 2214.576535][ T3029]  __should_failslab+0x81/0x90
[ 2214.581270][ T3029]  ? register_for_each_vma+0x372/0x890
[ 2214.586709][ T3029]  should_failslab+0x5/0x20
[ 2214.591183][ T3029]  kmem_cache_alloc_trace+0x49/0x310
[ 2214.596482][ T3029]  ? register_for_each_vma+0x372/0x890
[ 2214.601984][ T3029]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2214.607968][ T3029]  register_for_each_vma+0x372/0x890
[ 2214.613296][ T3029]  __uprobe_register+0x3f4/0x8a0
[ 2214.618287][ T3029]  uprobe_register_refctr+0x29/0x40
[ 2214.623492][ T3029]  probe_event_enable+0x2be/0x7d0
[ 2214.628496][ T3029]  ? __uprobe_trace_func+0x430/0x430
[ 2214.633752][ T3029]  trace_uprobe_register+0x88/0x410
[ 2214.638920][ T3029]  perf_trace_event_init+0x34e/0x790
[ 2214.644186][ T3029]  perf_uprobe_init+0xf5/0x140
[ 2214.648936][ T3029]  perf_uprobe_event_init+0xde/0x140
[ 2214.654227][ T3029]  perf_try_init_event+0x21a/0x400
[ 2214.659331][ T3029]  perf_event_alloc+0xa60/0x1790
[ 2214.664238][ T3029]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2214.669885][ T3029]  ? vfs_write+0x50c/0x770
[ 2214.674329][ T3029]  __x64_sys_perf_event_open+0x63/0x70
[ 2214.679805][ T3029]  do_syscall_64+0x4a/0x90
[ 2214.684202][ T3029]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2214.690069][ T3029] RIP: 0033:0x4665d9
[ 2214.694029][ T3029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2214.713607][ T3029] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2214.722000][ T3029] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:29 executing program 3 (fault-call:6 fault-nth:29):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:29 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c8126000c00"})

03:42:29 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramf%\x00')

03:42:29 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:29 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2214.729942][ T3029] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2214.737883][ T3029] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2214.745826][ T3029] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2214.753825][ T3029] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:29 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c81260fff00"})

03:42:29 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:29 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xf6ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2214.832599][ T3024] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2214.837248][ T3044] devpts: called with bogus options
[ 2214.840670][ T3024] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2214.857269][ T3024] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2214.865256][ T3024] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2215.066903][ T3024] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2215.074985][ T3024] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2215.086124][ T3024] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2215.094096][ T3024] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2215.117462][ T3039] FAULT_INJECTION: forcing a failure.
[ 2215.117462][ T3039] name failslab, interval 1, probability 0, space 0, times 0
[ 2215.130051][ T3039] CPU: 0 PID: 3039 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2215.138718][ T3039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2215.148759][ T3039] Call Trace:
[ 2215.152027][ T3039]  dump_stack+0x137/0x19d
[ 2215.156338][ T3039]  should_fail+0x23c/0x250
[ 2215.160736][ T3039]  __should_failslab+0x81/0x90
[ 2215.165661][ T3039]  ? register_for_each_vma+0x372/0x890
[ 2215.171121][ T3039]  should_failslab+0x5/0x20
[ 2215.175596][ T3039]  kmem_cache_alloc_trace+0x49/0x310
[ 2215.180882][ T3039]  ? register_for_each_vma+0x372/0x890
[ 2215.186400][ T3039]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2215.192381][ T3039]  register_for_each_vma+0x372/0x890
[ 2215.197684][ T3039]  __uprobe_register+0x3f4/0x8a0
[ 2215.202651][ T3039]  uprobe_register_refctr+0x29/0x40
[ 2215.207870][ T3039]  probe_event_enable+0x2be/0x7d0
[ 2215.212864][ T3039]  ? __uprobe_trace_func+0x430/0x430
[ 2215.218123][ T3039]  trace_uprobe_register+0x88/0x410
[ 2215.223297][ T3039]  perf_trace_event_init+0x34e/0x790
[ 2215.228681][ T3039]  perf_uprobe_init+0xf5/0x140
[ 2215.233420][ T3039]  perf_uprobe_event_init+0xde/0x140
[ 2215.238688][ T3039]  perf_try_init_event+0x21a/0x400
[ 2215.243898][ T3039]  perf_event_alloc+0xa60/0x1790
[ 2215.248853][ T3039]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2215.254460][ T3039]  ? vfs_write+0x50c/0x770
[ 2215.258876][ T3039]  __x64_sys_perf_event_open+0x63/0x70
[ 2215.264304][ T3039]  do_syscall_64+0x4a/0x90
[ 2215.268781][ T3039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2215.274649][ T3039] RIP: 0033:0x4665d9
[ 2215.278509][ T3039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2215.298081][ T3039] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2215.306506][ T3039] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:30 executing program 4 (fault-call:1 fault-nth:59):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:30 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramf,\x00')

03:42:30 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:30 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600000c"})

[ 2215.314494][ T3039] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2215.322438][ T3039] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2215.330385][ T3039] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2215.338324][ T3039] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2215.395959][ T3062] devpts: called with bogus options
[ 2215.626997][ T3063] FAULT_INJECTION: forcing a failure.
[ 2215.626997][ T3063] name failslab, interval 1, probability 0, space 0, times 0
[ 2215.639635][ T3063] CPU: 0 PID: 3063 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2215.648323][ T3063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2215.658530][ T3063] Call Trace:
[ 2215.661794][ T3063]  dump_stack+0x137/0x19d
[ 2215.666125][ T3063]  should_fail+0x23c/0x250
[ 2215.670534][ T3063]  __should_failslab+0x81/0x90
[ 2215.675311][ T3063]  ? register_for_each_vma+0x372/0x890
[ 2215.680747][ T3063]  should_failslab+0x5/0x20
[ 2215.685238][ T3063]  kmem_cache_alloc_trace+0x49/0x310
[ 2215.690509][ T3063]  ? register_for_each_vma+0x372/0x890
[ 2215.695983][ T3063]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2215.701977][ T3063]  register_for_each_vma+0x372/0x890
[ 2215.707236][ T3063]  __uprobe_register+0x3f4/0x8a0
[ 2215.712162][ T3063]  uprobe_register_refctr+0x29/0x40
[ 2215.717348][ T3063]  probe_event_enable+0x2be/0x7d0
[ 2215.722345][ T3063]  ? __uprobe_trace_func+0x430/0x430
[ 2215.727624][ T3063]  trace_uprobe_register+0x88/0x410
[ 2215.732803][ T3063]  perf_trace_event_init+0x34e/0x790
[ 2215.738060][ T3063]  perf_uprobe_init+0xf5/0x140
[ 2215.742916][ T3063]  perf_uprobe_event_init+0xde/0x140
[ 2215.748201][ T3063]  perf_try_init_event+0x21a/0x400
[ 2215.753289][ T3063]  perf_event_alloc+0xa60/0x1790
[ 2215.758239][ T3063]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2215.763889][ T3063]  ? vfs_write+0x50c/0x770
[ 2215.768289][ T3063]  __x64_sys_perf_event_open+0x63/0x70
[ 2215.773730][ T3063]  do_syscall_64+0x4a/0x90
[ 2215.778123][ T3063]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2215.784018][ T3063] RIP: 0033:0x4665d9
[ 2215.787940][ T3063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2215.807549][ T3063] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2215.815936][ T3063] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:30 executing program 3 (fault-call:6 fault-nth:30):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:30 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:30 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:30 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:30 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramf.\x00')

[ 2215.823955][ T3063] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2215.831909][ T3063] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2215.839870][ T3063] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2215.847836][ T3063] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:30 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfL\x00')

03:42:30 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffff6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:30 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2215.905939][ T3077] devpts: called with bogus options
[ 2215.942381][ T3059] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2215.950448][ T3059] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2215.961667][ T3059] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2215.969660][ T3059] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2216.144205][ T3059] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2216.152196][ T3059] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2216.167256][ T3059] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2216.175313][ T3059] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2216.186375][ T3090] devpts: called with bogus options
[ 2216.193751][ T3090] devpts: called with bogus options
[ 2216.218857][ T3079] FAULT_INJECTION: forcing a failure.
[ 2216.218857][ T3079] name failslab, interval 1, probability 0, space 0, times 0
[ 2216.231499][ T3079] CPU: 1 PID: 3079 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2216.240159][ T3079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2216.250187][ T3079] Call Trace:
[ 2216.253464][ T3079]  dump_stack+0x137/0x19d
[ 2216.257768][ T3079]  should_fail+0x23c/0x250
[ 2216.262157][ T3079]  __should_failslab+0x81/0x90
[ 2216.266978][ T3079]  ? register_for_each_vma+0x372/0x890
[ 2216.272725][ T3079]  should_failslab+0x5/0x20
[ 2216.277199][ T3079]  kmem_cache_alloc_trace+0x49/0x310
[ 2216.282453][ T3079]  ? register_for_each_vma+0x372/0x890
[ 2216.287881][ T3079]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2216.293838][ T3079]  register_for_each_vma+0x372/0x890
[ 2216.299142][ T3079]  __uprobe_register+0x3f4/0x8a0
[ 2216.304059][ T3079]  uprobe_register_refctr+0x29/0x40
[ 2216.309233][ T3079]  probe_event_enable+0x2be/0x7d0
[ 2216.314344][ T3079]  ? __uprobe_trace_func+0x430/0x430
[ 2216.319636][ T3079]  trace_uprobe_register+0x88/0x410
[ 2216.324871][ T3079]  perf_trace_event_init+0x34e/0x790
[ 2216.330172][ T3079]  perf_uprobe_init+0xf5/0x140
[ 2216.334950][ T3079]  perf_uprobe_event_init+0xde/0x140
[ 2216.340252][ T3079]  perf_try_init_event+0x21a/0x400
[ 2216.345377][ T3079]  perf_event_alloc+0xa60/0x1790
[ 2216.350336][ T3079]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2216.355986][ T3079]  ? vfs_write+0x50c/0x770
[ 2216.360431][ T3079]  __x64_sys_perf_event_open+0x63/0x70
[ 2216.365861][ T3079]  do_syscall_64+0x4a/0x90
[ 2216.370257][ T3079]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2216.376290][ T3079] RIP: 0033:0x4665d9
[ 2216.380154][ T3079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2216.399759][ T3079] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2216.408140][ T3079] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:31 executing program 4 (fault-call:1 fault-nth:60):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:31 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c8126fffffd"})

03:42:31 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2216.416084][ T3079] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2216.424041][ T3079] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2216.431982][ T3079] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2216.439923][ T3079] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2216.712128][ T3105] FAULT_INJECTION: forcing a failure.
[ 2216.712128][ T3105] name failslab, interval 1, probability 0, space 0, times 0
[ 2216.724793][ T3105] CPU: 0 PID: 3105 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2216.733440][ T3105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2216.743476][ T3105] Call Trace:
[ 2216.746766][ T3105]  dump_stack+0x137/0x19d
[ 2216.751112][ T3105]  should_fail+0x23c/0x250
[ 2216.755502][ T3105]  __should_failslab+0x81/0x90
[ 2216.760280][ T3105]  ? register_for_each_vma+0x372/0x890
[ 2216.765728][ T3105]  should_failslab+0x5/0x20
[ 2216.770207][ T3105]  kmem_cache_alloc_trace+0x49/0x310
[ 2216.775472][ T3105]  ? register_for_each_vma+0x372/0x890
[ 2216.780941][ T3105]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2216.786893][ T3105]  register_for_each_vma+0x372/0x890
[ 2216.792257][ T3105]  __uprobe_register+0x3f4/0x8a0
[ 2216.797165][ T3105]  uprobe_register_refctr+0x29/0x40
[ 2216.802334][ T3105]  probe_event_enable+0x2be/0x7d0
[ 2216.807458][ T3105]  ? __uprobe_trace_func+0x430/0x430
[ 2216.812814][ T3105]  trace_uprobe_register+0x88/0x410
[ 2216.817985][ T3105]  perf_trace_event_init+0x34e/0x790
[ 2216.823313][ T3105]  perf_uprobe_init+0xf5/0x140
[ 2216.828158][ T3105]  perf_uprobe_event_init+0xde/0x140
[ 2216.833494][ T3105]  perf_try_init_event+0x21a/0x400
[ 2216.838608][ T3105]  perf_event_alloc+0xa60/0x1790
[ 2216.843543][ T3105]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2216.849146][ T3105]  ? vfs_write+0x50c/0x770
[ 2216.853591][ T3105]  __x64_sys_perf_event_open+0x63/0x70
[ 2216.859085][ T3105]  do_syscall_64+0x4a/0x90
[ 2216.863470][ T3105]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2216.869405][ T3105] RIP: 0033:0x4665d9
[ 2216.873272][ T3105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2216.892866][ T3105] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2216.901246][ T3105] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:31 executing program 3 (fault-call:6 fault-nth:31):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:31 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfX\x00')

03:42:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:31 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:31 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600000f"})

[ 2216.909190][ T3105] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2216.917152][ T3105] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2216.925099][ T3105] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2216.933094][ T3105] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:31 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:31 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfc\x00')

[ 2216.988526][ T3118] devpts: called with bogus options
03:42:31 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2217.061464][ T3119] FAULT_INJECTION: forcing a failure.
[ 2217.061464][ T3119] name failslab, interval 1, probability 0, space 0, times 0
[ 2217.074181][ T3119] CPU: 1 PID: 3119 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2217.082839][ T3119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2217.092878][ T3119] Call Trace:
[ 2217.096134][ T3119]  dump_stack+0x137/0x19d
[ 2217.100454][ T3119]  should_fail+0x23c/0x250
[ 2217.104892][ T3119]  __should_failslab+0x81/0x90
[ 2217.109714][ T3119]  ? register_for_each_vma+0x372/0x890
[ 2217.115169][ T3119]  should_failslab+0x5/0x20
[ 2217.119827][ T3119]  kmem_cache_alloc_trace+0x49/0x310
[ 2217.125133][ T3119]  ? register_for_each_vma+0x372/0x890
[ 2217.130522][ T3130] devpts: called with bogus options
[ 2217.130583][ T3119]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2217.141716][ T3119]  register_for_each_vma+0x372/0x890
[ 2217.147025][ T3119]  __uprobe_register+0x3f4/0x8a0
[ 2217.151954][ T3119]  uprobe_register_refctr+0x29/0x40
[ 2217.157195][ T3119]  probe_event_enable+0x2be/0x7d0
[ 2217.162224][ T3119]  ? __uprobe_trace_func+0x430/0x430
[ 2217.167484][ T3119]  trace_uprobe_register+0x88/0x410
[ 2217.172715][ T3119]  perf_trace_event_init+0x34e/0x790
[ 2217.177980][ T3119]  perf_uprobe_init+0xf5/0x140
[ 2217.182818][ T3119]  perf_uprobe_event_init+0xde/0x140
[ 2217.188077][ T3119]  perf_try_init_event+0x21a/0x400
[ 2217.193233][ T3119]  perf_event_alloc+0xa60/0x1790
[ 2217.198143][ T3119]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2217.203797][ T3119]  ? vfs_write+0x50c/0x770
[ 2217.208228][ T3119]  __x64_sys_perf_event_open+0x63/0x70
[ 2217.213685][ T3119]  do_syscall_64+0x4a/0x90
[ 2217.218186][ T3119]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2217.224051][ T3119] RIP: 0033:0x4665d9
[ 2217.227916][ T3119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2217.247494][ T3119] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2217.255939][ T3119] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2217.263889][ T3119] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2217.271830][ T3119] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2217.279771][ T3119] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2217.287764][ T3119] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:32 executing program 4 (fault-call:1 fault-nth:61):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:32 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000001000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:32 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfd\x00')

03:42:32 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c8126fdfdff"})

[ 2217.572195][ T3114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2217.580314][ T3114] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2217.591874][ T3114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2217.599857][ T3114] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2217.773513][ T3143] devpts: called with bogus options
[ 2217.782564][ T3114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2217.790588][ T3114] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2217.808599][ T3114] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2217.816644][ T3114] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2217.839736][ T3142] FAULT_INJECTION: forcing a failure.
[ 2217.839736][ T3142] name failslab, interval 1, probability 0, space 0, times 0
[ 2217.852325][ T3142] CPU: 1 PID: 3142 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2217.860975][ T3142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2217.871005][ T3142] Call Trace:
[ 2217.874268][ T3142]  dump_stack+0x137/0x19d
[ 2217.878687][ T3142]  should_fail+0x23c/0x250
[ 2217.883082][ T3142]  __should_failslab+0x81/0x90
[ 2217.887866][ T3142]  ? register_for_each_vma+0x372/0x890
[ 2217.893351][ T3142]  should_failslab+0x5/0x20
[ 2217.897937][ T3142]  kmem_cache_alloc_trace+0x49/0x310
[ 2217.903202][ T3142]  ? register_for_each_vma+0x372/0x890
[ 2217.908636][ T3142]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2217.914704][ T3142]  register_for_each_vma+0x372/0x890
[ 2217.920013][ T3142]  __uprobe_register+0x3f4/0x8a0
[ 2217.924930][ T3142]  uprobe_register_refctr+0x29/0x40
[ 2217.930120][ T3142]  probe_event_enable+0x2be/0x7d0
[ 2217.935133][ T3142]  ? __uprobe_trace_func+0x430/0x430
[ 2217.940408][ T3142]  trace_uprobe_register+0x88/0x410
[ 2217.945593][ T3142]  perf_trace_event_init+0x34e/0x790
[ 2217.950919][ T3142]  perf_uprobe_init+0xf5/0x140
[ 2217.955662][ T3142]  perf_uprobe_event_init+0xde/0x140
[ 2217.960929][ T3142]  perf_try_init_event+0x21a/0x400
[ 2217.966062][ T3142]  perf_event_alloc+0xa60/0x1790
[ 2217.970981][ T3142]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2217.976655][ T3142]  ? vfs_write+0x50c/0x770
[ 2217.981997][ T3142]  __x64_sys_perf_event_open+0x63/0x70
[ 2217.987427][ T3142]  do_syscall_64+0x4a/0x90
[ 2217.991815][ T3142]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2217.997679][ T3142] RIP: 0033:0x4665d9
[ 2218.001546][ T3142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:42:32 executing program 3 (fault-call:6 fault-nth:32):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:32 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:32 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:32 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfh\x00')

03:42:32 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2218.021194][ T3142] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2218.029648][ T3142] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2218.037586][ T3142] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2218.045548][ T3142] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2218.053492][ T3142] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2218.061462][ T3142] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:33 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:33 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfi\x00')

03:42:33 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2218.110912][ T3153] devpts: called with bogus options
[ 2218.319282][ T3167] devpts: called with bogus options
[ 2218.345524][ T3157] FAULT_INJECTION: forcing a failure.
[ 2218.345524][ T3157] name failslab, interval 1, probability 0, space 0, times 0
[ 2218.358126][ T3157] CPU: 0 PID: 3157 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2218.366779][ T3157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2218.376852][ T3157] Call Trace:
[ 2218.380111][ T3157]  dump_stack+0x137/0x19d
[ 2218.384424][ T3157]  should_fail+0x23c/0x250
[ 2218.388880][ T3157]  __should_failslab+0x81/0x90
[ 2218.393662][ T3157]  ? register_for_each_vma+0x372/0x890
[ 2218.399094][ T3157]  should_failslab+0x5/0x20
[ 2218.403573][ T3157]  kmem_cache_alloc_trace+0x49/0x310
[ 2218.408848][ T3157]  ? register_for_each_vma+0x372/0x890
[ 2218.414348][ T3157]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2218.420318][ T3157]  register_for_each_vma+0x372/0x890
[ 2218.425600][ T3157]  __uprobe_register+0x3f4/0x8a0
[ 2218.430598][ T3157]  uprobe_register_refctr+0x29/0x40
[ 2218.435770][ T3157]  probe_event_enable+0x2be/0x7d0
[ 2218.440789][ T3157]  ? __uprobe_trace_func+0x430/0x430
[ 2218.446045][ T3157]  trace_uprobe_register+0x88/0x410
[ 2218.451230][ T3157]  perf_trace_event_init+0x34e/0x790
[ 2218.456490][ T3157]  perf_uprobe_init+0xf5/0x140
[ 2218.461292][ T3157]  perf_uprobe_event_init+0xde/0x140
[ 2218.466691][ T3157]  perf_try_init_event+0x21a/0x400
[ 2218.471793][ T3157]  perf_event_alloc+0xa60/0x1790
[ 2218.476740][ T3157]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2218.482344][ T3157]  ? vfs_write+0x50c/0x770
[ 2218.486731][ T3157]  __x64_sys_perf_event_open+0x63/0x70
[ 2218.492213][ T3157]  do_syscall_64+0x4a/0x90
[ 2218.496608][ T3157]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2218.502543][ T3157] RIP: 0033:0x4665d9
[ 2218.506444][ T3157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2218.526024][ T3157] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2218.534468][ T3157] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:33 executing program 4 (fault-call:1 fault-nth:62):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:33 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:33 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:33 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfl\x00')

[ 2218.542441][ T3157] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2218.550406][ T3157] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2218.558531][ T3157] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2218.566480][ T3157] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2218.595364][ T3181] devpts: called with bogus options
[ 2218.637061][ T3183] FAULT_INJECTION: forcing a failure.
[ 2218.637061][ T3183] name failslab, interval 1, probability 0, space 0, times 0
[ 2218.649666][ T3183] CPU: 0 PID: 3183 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2218.658426][ T3183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2218.668468][ T3183] Call Trace:
[ 2218.671731][ T3183]  dump_stack+0x137/0x19d
[ 2218.676041][ T3183]  should_fail+0x23c/0x250
[ 2218.680449][ T3183]  __should_failslab+0x81/0x90
[ 2218.685236][ T3183]  ? register_for_each_vma+0x372/0x890
[ 2218.690723][ T3183]  should_failslab+0x5/0x20
[ 2218.695200][ T3183]  kmem_cache_alloc_trace+0x49/0x310
[ 2218.700522][ T3183]  ? register_for_each_vma+0x372/0x890
[ 2218.706040][ T3183]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2218.712017][ T3183]  register_for_each_vma+0x372/0x890
[ 2218.717382][ T3183]  __uprobe_register+0x3f4/0x8a0
[ 2218.722300][ T3183]  uprobe_register_refctr+0x29/0x40
[ 2218.727484][ T3183]  probe_event_enable+0x2be/0x7d0
[ 2218.732612][ T3183]  ? __uprobe_trace_func+0x430/0x430
[ 2218.737879][ T3183]  trace_uprobe_register+0x88/0x410
[ 2218.743061][ T3183]  perf_trace_event_init+0x34e/0x790
[ 2218.748401][ T3183]  perf_uprobe_init+0xf5/0x140
[ 2218.753148][ T3183]  perf_uprobe_event_init+0xde/0x140
[ 2218.758482][ T3183]  perf_try_init_event+0x21a/0x400
[ 2218.763578][ T3183]  perf_event_alloc+0xa60/0x1790
[ 2218.768502][ T3183]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2218.774219][ T3183]  ? vfs_write+0x50c/0x770
[ 2218.778694][ T3183]  __x64_sys_perf_event_open+0x63/0x70
[ 2218.784140][ T3183]  do_syscall_64+0x4a/0x90
[ 2218.788547][ T3183]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2218.794485][ T3183] RIP: 0033:0x4665d9
[ 2218.798348][ T3183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2218.818454][ T3183] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2218.826848][ T3183] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2218.834791][ T3183] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2218.842853][ T3183] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2218.850796][ T3183] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2218.858756][ T3183] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfo\x00')

03:42:34 executing program 3 (fault-call:6 fault-nth:33):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:34 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:34 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2219.128969][ T3182] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2219.137010][ T3182] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2219.148427][ T3182] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2219.156453][ T3182] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:34 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfp\x00')

[ 2219.325600][ T3195] devpts: called with bogus options
03:42:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2219.355980][ T3182] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2219.363959][ T3182] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2219.375491][ T3182] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2219.383484][ T3182] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:34 executing program 4 (fault-call:1 fault-nth:63):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2219.423813][ T3210] devpts: called with bogus options
[ 2219.436301][ T3197] FAULT_INJECTION: forcing a failure.
[ 2219.436301][ T3197] name failslab, interval 1, probability 0, space 0, times 0
[ 2219.448896][ T3197] CPU: 1 PID: 3197 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2219.457553][ T3197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2219.467592][ T3197] Call Trace:
[ 2219.470854][ T3197]  dump_stack+0x137/0x19d
[ 2219.475254][ T3197]  should_fail+0x23c/0x250
[ 2219.479662][ T3197]  __should_failslab+0x81/0x90
[ 2219.484406][ T3197]  ? register_for_each_vma+0x372/0x890
[ 2219.489881][ T3197]  should_failslab+0x5/0x20
[ 2219.494464][ T3197]  kmem_cache_alloc_trace+0x49/0x310
[ 2219.499731][ T3197]  ? register_for_each_vma+0x372/0x890
[ 2219.505171][ T3197]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2219.511140][ T3197]  register_for_each_vma+0x372/0x890
[ 2219.516409][ T3197]  __uprobe_register+0x3f4/0x8a0
[ 2219.521467][ T3197]  uprobe_register_refctr+0x29/0x40
[ 2219.526643][ T3197]  probe_event_enable+0x2be/0x7d0
[ 2219.531684][ T3197]  ? __uprobe_trace_func+0x430/0x430
[ 2219.536965][ T3197]  trace_uprobe_register+0x88/0x410
[ 2219.542138][ T3197]  perf_trace_event_init+0x34e/0x790
[ 2219.547395][ T3197]  perf_uprobe_init+0xf5/0x140
[ 2219.552130][ T3197]  perf_uprobe_event_init+0xde/0x140
[ 2219.557384][ T3197]  perf_try_init_event+0x21a/0x400
[ 2219.562467][ T3197]  perf_event_alloc+0xa60/0x1790
[ 2219.567383][ T3197]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2219.573008][ T3197]  ? vfs_write+0x50c/0x770
[ 2219.577394][ T3197]  __x64_sys_perf_event_open+0x63/0x70
[ 2219.582829][ T3197]  do_syscall_64+0x4a/0x90
[ 2219.587372][ T3197]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2219.593270][ T3197] RIP: 0033:0x4665d9
[ 2219.597133][ T3197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
03:42:34 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramft\x00')

03:42:34 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000010000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2219.616758][ T3197] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2219.625141][ T3197] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2219.633130][ T3197] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2219.641092][ T3197] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2219.649111][ T3197] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2219.657203][ T3197] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2219.690871][ T3222] devpts: called with bogus options
[ 2219.746961][ T3226] FAULT_INJECTION: forcing a failure.
[ 2219.746961][ T3226] name failslab, interval 1, probability 0, space 0, times 0
[ 2219.759662][ T3226] CPU: 0 PID: 3226 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2219.768375][ T3226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2219.778405][ T3226] Call Trace:
[ 2219.781697][ T3226]  dump_stack+0x137/0x19d
[ 2219.786105][ T3226]  should_fail+0x23c/0x250
[ 2219.790521][ T3226]  __should_failslab+0x81/0x90
[ 2219.795262][ T3226]  ? register_for_each_vma+0x372/0x890
[ 2219.800698][ T3226]  should_failslab+0x5/0x20
[ 2219.805171][ T3226]  kmem_cache_alloc_trace+0x49/0x310
[ 2219.810431][ T3226]  ? register_for_each_vma+0x372/0x890
[ 2219.815864][ T3226]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2219.821822][ T3226]  register_for_each_vma+0x372/0x890
[ 2219.827080][ T3226]  __uprobe_register+0x3f4/0x8a0
[ 2219.832068][ T3226]  uprobe_register_refctr+0x29/0x40
[ 2219.837238][ T3226]  probe_event_enable+0x2be/0x7d0
[ 2219.842266][ T3226]  ? __uprobe_trace_func+0x430/0x430
[ 2219.847540][ T3226]  trace_uprobe_register+0x88/0x410
[ 2219.852712][ T3226]  perf_trace_event_init+0x34e/0x790
[ 2219.858031][ T3226]  perf_uprobe_init+0xf5/0x140
[ 2219.862845][ T3226]  perf_uprobe_event_init+0xde/0x140
[ 2219.868109][ T3226]  perf_try_init_event+0x21a/0x400
[ 2219.873221][ T3226]  perf_event_alloc+0xa60/0x1790
[ 2219.878158][ T3226]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2219.883759][ T3226]  ? vfs_write+0x50c/0x770
[ 2219.888241][ T3226]  __x64_sys_perf_event_open+0x63/0x70
[ 2219.893734][ T3226]  do_syscall_64+0x4a/0x90
[ 2219.898125][ T3226]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2219.904029][ T3226] RIP: 0033:0x4665d9
[ 2219.907915][ T3226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2219.927498][ T3226] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2219.935897][ T3226] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2219.943852][ T3226] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2219.951816][ T3226] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2219.959758][ T3226] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2219.967705][ T3226] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:35 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfu\x00')

03:42:35 executing program 3 (fault-call:6 fault-nth:34):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:35 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x40000100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2220.238155][ T3217] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2220.246158][ T3217] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2220.257415][ T3217] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2220.265545][ T3217] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:35 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:35 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfx\x00')

[ 2220.440892][ T3240] devpts: called with bogus options
[ 2220.450605][ T3217] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2220.458618][ T3217] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2220.470372][ T3217] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2220.478357][ T3217] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:35 executing program 4 (fault-call:1 fault-nth:64):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:35 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40000800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2220.518219][ T3252] devpts: called with bogus options
[ 2220.525381][ T3237] FAULT_INJECTION: forcing a failure.
[ 2220.525381][ T3237] name failslab, interval 1, probability 0, space 0, times 0
[ 2220.537995][ T3237] CPU: 0 PID: 3237 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2220.546657][ T3237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2220.556694][ T3237] Call Trace:
[ 2220.559956][ T3237]  dump_stack+0x137/0x19d
[ 2220.564290][ T3237]  should_fail+0x23c/0x250
[ 2220.568747][ T3237]  __should_failslab+0x81/0x90
[ 2220.573500][ T3237]  ? register_for_each_vma+0x372/0x890
[ 2220.578949][ T3237]  should_failslab+0x5/0x20
[ 2220.583532][ T3237]  kmem_cache_alloc_trace+0x49/0x310
[ 2220.588817][ T3237]  ? register_for_each_vma+0x372/0x890
[ 2220.594354][ T3237]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2220.600334][ T3237]  register_for_each_vma+0x372/0x890
[ 2220.605603][ T3237]  __uprobe_register+0x3f4/0x8a0
[ 2220.610560][ T3237]  uprobe_register_refctr+0x29/0x40
[ 2220.615756][ T3237]  probe_event_enable+0x2be/0x7d0
[ 2220.620832][ T3237]  ? __uprobe_trace_func+0x430/0x430
[ 2220.626117][ T3237]  trace_uprobe_register+0x88/0x410
[ 2220.631353][ T3237]  perf_trace_event_init+0x34e/0x790
[ 2220.636622][ T3237]  perf_uprobe_init+0xf5/0x140
[ 2220.641370][ T3237]  perf_uprobe_event_init+0xde/0x140
[ 2220.646693][ T3237]  perf_try_init_event+0x21a/0x400
[ 2220.651837][ T3237]  perf_event_alloc+0xa60/0x1790
[ 2220.656770][ T3237]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2220.662448][ T3237]  ? vfs_write+0x50c/0x770
[ 2220.666839][ T3237]  __x64_sys_perf_event_open+0x63/0x70
[ 2220.672283][ T3237]  do_syscall_64+0x4a/0x90
[ 2220.676782][ T3237]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2220.682662][ T3237] RIP: 0033:0x4665d9
[ 2220.686579][ T3237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2220.706310][ T3237] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:35 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfz\x00')

03:42:35 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2220.714743][ T3237] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2220.722717][ T3237] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2220.730699][ T3237] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2220.738666][ T3237] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2220.746736][ T3237] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2220.783572][ T3265] devpts: called with bogus options
[ 2220.825694][ T3267] FAULT_INJECTION: forcing a failure.
[ 2220.825694][ T3267] name failslab, interval 1, probability 0, space 0, times 0
[ 2220.838299][ T3267] CPU: 0 PID: 3267 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2220.846968][ T3267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2220.857016][ T3267] Call Trace:
[ 2220.860303][ T3267]  dump_stack+0x137/0x19d
[ 2220.864658][ T3267]  should_fail+0x23c/0x250
[ 2220.869054][ T3267]  __should_failslab+0x81/0x90
[ 2220.873843][ T3267]  ? register_for_each_vma+0x372/0x890
[ 2220.879300][ T3267]  should_failslab+0x5/0x20
[ 2220.883776][ T3267]  kmem_cache_alloc_trace+0x49/0x310
[ 2220.889044][ T3267]  ? register_for_each_vma+0x372/0x890
[ 2220.894482][ T3267]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2220.900559][ T3267]  register_for_each_vma+0x372/0x890
[ 2220.905825][ T3267]  __uprobe_register+0x3f4/0x8a0
[ 2220.910804][ T3267]  uprobe_register_refctr+0x29/0x40
[ 2220.915998][ T3267]  probe_event_enable+0x2be/0x7d0
[ 2220.921008][ T3267]  ? __uprobe_trace_func+0x430/0x430
[ 2220.926266][ T3267]  trace_uprobe_register+0x88/0x410
[ 2220.931529][ T3267]  perf_trace_event_init+0x34e/0x790
[ 2220.936843][ T3267]  perf_uprobe_init+0xf5/0x140
[ 2220.941601][ T3267]  perf_uprobe_event_init+0xde/0x140
[ 2220.946958][ T3267]  perf_try_init_event+0x21a/0x400
[ 2220.952041][ T3267]  perf_event_alloc+0xa60/0x1790
[ 2220.957035][ T3267]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2220.962661][ T3267]  ? vfs_write+0x50c/0x770
[ 2220.967046][ T3267]  __x64_sys_perf_event_open+0x63/0x70
[ 2220.972475][ T3267]  do_syscall_64+0x4a/0x90
[ 2220.976867][ T3267]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2220.982798][ T3267] RIP: 0033:0x4665d9
[ 2220.986673][ T3267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2221.006265][ T3267] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2221.014672][ T3267] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2221.022616][ T3267] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2221.030615][ T3267] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2221.038602][ T3267] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2221.046570][ T3267] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:36 executing program 3 (fault-call:6 fault-nth:35):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:36 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x02')

03:42:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:36 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2221.315845][ T3261] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2221.323848][ T3261] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2221.335256][ T3261] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2221.343322][ T3261] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:36 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x03')

03:42:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2221.520446][ T3279] devpts: called with bogus options
[ 2221.528744][ T3261] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2221.536756][ T3261] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2221.548671][ T3261] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2221.556669][ T3261] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2221.587703][ T3278] FAULT_INJECTION: forcing a failure.
[ 2221.587703][ T3278] name failslab, interval 1, probability 0, space 0, times 0
[ 2221.600343][ T3278] CPU: 0 PID: 3278 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2221.609066][ T3278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2221.619189][ T3278] Call Trace:
[ 2221.622447][ T3278]  dump_stack+0x137/0x19d
[ 2221.626756][ T3278]  should_fail+0x23c/0x250
[ 2221.631152][ T3278]  __should_failslab+0x81/0x90
03:42:36 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2221.635920][ T3278]  ? register_for_each_vma+0x372/0x890
[ 2221.641411][ T3278]  should_failslab+0x5/0x20
[ 2221.645913][ T3278]  kmem_cache_alloc_trace+0x49/0x310
[ 2221.651229][ T3278]  ? register_for_each_vma+0x372/0x890
[ 2221.656721][ T3278]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2221.662683][ T3278]  register_for_each_vma+0x372/0x890
[ 2221.667975][ T3278]  __uprobe_register+0x3f4/0x8a0
[ 2221.672967][ T3278]  uprobe_register_refctr+0x29/0x40
[ 2221.678159][ T3278]  probe_event_enable+0x2be/0x7d0
[ 2221.683177][ T3278]  ? __uprobe_trace_func+0x430/0x430
[ 2221.688514][ T3278]  trace_uprobe_register+0x88/0x410
[ 2221.693773][ T3278]  perf_trace_event_init+0x34e/0x790
[ 2221.699092][ T3278]  perf_uprobe_init+0xf5/0x140
[ 2221.703836][ T3278]  perf_uprobe_event_init+0xde/0x140
[ 2221.709118][ T3278]  perf_try_init_event+0x21a/0x400
[ 2221.714228][ T3278]  perf_event_alloc+0xa60/0x1790
[ 2221.719142][ T3278]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2221.724786][ T3278]  ? vfs_write+0x50c/0x770
[ 2221.729174][ T3278]  __x64_sys_perf_event_open+0x63/0x70
[ 2221.734696][ T3278]  do_syscall_64+0x4a/0x90
[ 2221.739113][ T3278]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2221.745014][ T3278] RIP: 0033:0x4665d9
[ 2221.748907][ T3278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2221.768680][ T3278] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2221.777071][ T3278] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:36 executing program 4 (fault-call:1 fault-nth:65):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:36 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x04')

03:42:36 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c8126000c00"})

[ 2221.785033][ T3278] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2221.793068][ T3278] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2221.801026][ T3278] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2221.809063][ T3278] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2221.884912][ T3302] devpts: called with bogus options
[ 2222.097178][ T3309] FAULT_INJECTION: forcing a failure.
[ 2222.097178][ T3309] name failslab, interval 1, probability 0, space 0, times 0
[ 2222.109823][ T3309] CPU: 1 PID: 3309 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2222.118541][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2222.128585][ T3309] Call Trace:
[ 2222.131841][ T3309]  dump_stack+0x137/0x19d
[ 2222.136165][ T3309]  should_fail+0x23c/0x250
[ 2222.140644][ T3309]  __should_failslab+0x81/0x90
[ 2222.145388][ T3309]  ? register_for_each_vma+0x372/0x890
[ 2222.150908][ T3309]  should_failslab+0x5/0x20
[ 2222.155444][ T3309]  kmem_cache_alloc_trace+0x49/0x310
[ 2222.160730][ T3309]  ? register_for_each_vma+0x372/0x890
[ 2222.166211][ T3309]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2222.172173][ T3309]  register_for_each_vma+0x372/0x890
[ 2222.177454][ T3309]  __uprobe_register+0x3f4/0x8a0
[ 2222.182363][ T3309]  uprobe_register_refctr+0x29/0x40
[ 2222.187556][ T3309]  probe_event_enable+0x2be/0x7d0
[ 2222.192555][ T3309]  ? __uprobe_trace_func+0x430/0x430
[ 2222.197810][ T3309]  trace_uprobe_register+0x88/0x410
[ 2222.202980][ T3309]  perf_trace_event_init+0x34e/0x790
[ 2222.208252][ T3309]  perf_uprobe_init+0xf5/0x140
[ 2222.213010][ T3309]  perf_uprobe_event_init+0xde/0x140
[ 2222.218295][ T3309]  perf_try_init_event+0x21a/0x400
[ 2222.223380][ T3309]  perf_event_alloc+0xa60/0x1790
[ 2222.228312][ T3309]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2222.233995][ T3309]  ? vfs_write+0x50c/0x770
[ 2222.238406][ T3309]  __x64_sys_perf_event_open+0x63/0x70
[ 2222.243908][ T3309]  do_syscall_64+0x4a/0x90
[ 2222.248297][ T3309]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2222.254207][ T3309] RIP: 0033:0x4665d9
[ 2222.258084][ T3309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2222.277661][ T3309] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2222.286070][ T3309] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:37 executing program 3 (fault-call:6 fault-nth:36):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:37 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x05')

03:42:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xf6ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600000c"})

[ 2222.294021][ T3309] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2222.302047][ T3309] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2222.310009][ T3309] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2222.317970][ T3309] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfeffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:37 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x06')

03:42:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2222.347384][ T3320] devpts: called with bogus options
[ 2222.402190][ T3321] FAULT_INJECTION: forcing a failure.
[ 2222.402190][ T3321] name failslab, interval 1, probability 0, space 0, times 0
[ 2222.403777][ T3334] devpts: called with bogus options
[ 2222.414927][ T3321] CPU: 0 PID: 3321 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2222.428785][ T3321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2222.438814][ T3321] Call Trace:
[ 2222.442068][ T3321]  dump_stack+0x137/0x19d
[ 2222.446374][ T3321]  should_fail+0x23c/0x250
[ 2222.450766][ T3321]  __should_failslab+0x81/0x90
[ 2222.455506][ T3321]  ? register_for_each_vma+0x372/0x890
[ 2222.461016][ T3321]  should_failslab+0x5/0x20
[ 2222.465489][ T3321]  kmem_cache_alloc_trace+0x49/0x310
[ 2222.470776][ T3321]  ? register_for_each_vma+0x372/0x890
[ 2222.476212][ T3321]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2222.482173][ T3321]  register_for_each_vma+0x372/0x890
[ 2222.487447][ T3321]  __uprobe_register+0x3f4/0x8a0
[ 2222.492365][ T3321]  uprobe_register_refctr+0x29/0x40
[ 2222.497539][ T3321]  probe_event_enable+0x2be/0x7d0
[ 2222.502561][ T3321]  ? __uprobe_trace_func+0x430/0x430
[ 2222.507836][ T3321]  trace_uprobe_register+0x88/0x410
[ 2222.513011][ T3321]  perf_trace_event_init+0x34e/0x790
[ 2222.518273][ T3321]  perf_uprobe_init+0xf5/0x140
[ 2222.523028][ T3321]  perf_uprobe_event_init+0xde/0x140
[ 2222.528338][ T3321]  perf_try_init_event+0x21a/0x400
[ 2222.533452][ T3321]  perf_event_alloc+0xa60/0x1790
[ 2222.538369][ T3321]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2222.543975][ T3321]  ? vfs_write+0x50c/0x770
[ 2222.548387][ T3321]  __x64_sys_perf_event_open+0x63/0x70
[ 2222.553822][ T3321]  do_syscall_64+0x4a/0x90
[ 2222.558217][ T3321]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2222.564108][ T3321] RIP: 0033:0x4665d9
[ 2222.567976][ T3321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2222.587655][ T3321] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2222.596070][ T3321] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2222.604046][ T3321] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2222.612013][ T3321] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2222.620001][ T3321] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2222.627963][ T3321] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:37 executing program 4 (fault-call:1 fault-nth:66):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c8126000fff"})

03:42:37 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:37 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000001000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2222.924133][ T3318] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2222.932138][ T3318] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2222.943900][ T3318] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2222.951871][ T3318] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2223.128970][ T3318] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2223.137011][ T3318] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2223.148777][ T3318] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2223.156768][ T3318] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2223.189460][ T3347] FAULT_INJECTION: forcing a failure.
[ 2223.189460][ T3347] name failslab, interval 1, probability 0, space 0, times 0
[ 2223.202071][ T3347] CPU: 0 PID: 3347 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2223.210729][ T3347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2223.220763][ T3347] Call Trace:
[ 2223.224027][ T3347]  dump_stack+0x137/0x19d
[ 2223.228353][ T3347]  should_fail+0x23c/0x250
[ 2223.232764][ T3347]  __should_failslab+0x81/0x90
[ 2223.237561][ T3347]  ? register_for_each_vma+0x372/0x890
[ 2223.242999][ T3347]  should_failslab+0x5/0x20
[ 2223.247562][ T3347]  kmem_cache_alloc_trace+0x49/0x310
[ 2223.252847][ T3347]  ? register_for_each_vma+0x372/0x890
[ 2223.258293][ T3347]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2223.264365][ T3347]  register_for_each_vma+0x372/0x890
[ 2223.269671][ T3347]  __uprobe_register+0x3f4/0x8a0
[ 2223.274655][ T3347]  uprobe_register_refctr+0x29/0x40
[ 2223.279822][ T3347]  probe_event_enable+0x2be/0x7d0
[ 2223.284884][ T3347]  ? __uprobe_trace_func+0x430/0x430
[ 2223.290166][ T3347]  trace_uprobe_register+0x88/0x410
[ 2223.295403][ T3347]  perf_trace_event_init+0x34e/0x790
[ 2223.300669][ T3347]  perf_uprobe_init+0xf5/0x140
[ 2223.305468][ T3347]  perf_uprobe_event_init+0xde/0x140
[ 2223.310740][ T3347]  perf_try_init_event+0x21a/0x400
[ 2223.315882][ T3347]  perf_event_alloc+0xa60/0x1790
[ 2223.320823][ T3347]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2223.326427][ T3347]  ? vfs_write+0x50c/0x770
[ 2223.330950][ T3347]  __x64_sys_perf_event_open+0x63/0x70
[ 2223.336400][ T3347]  do_syscall_64+0x4a/0x90
[ 2223.340793][ T3347]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2223.346741][ T3347] RIP: 0033:0x4665d9
[ 2223.350606][ T3347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2223.370242][ T3347] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2223.378626][ T3347] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:38 executing program 3 (fault-call:6 fault-nth:37):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:38 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\a')

03:42:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:38 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2223.386568][ T3347] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2223.394510][ T3347] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2223.402576][ T3347] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2223.410560][ T3347] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:38 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\b')

03:42:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2223.442074][ T3355] devpts: called with bogus options
[ 2223.516964][ T3359] FAULT_INJECTION: forcing a failure.
[ 2223.516964][ T3359] name failslab, interval 1, probability 0, space 0, times 0
[ 2223.529611][ T3359] CPU: 0 PID: 3359 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2223.538268][ T3359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2223.548333][ T3359] Call Trace:
[ 2223.551623][ T3359]  dump_stack+0x137/0x19d
[ 2223.555942][ T3359]  should_fail+0x23c/0x250
[ 2223.560372][ T3359]  __should_failslab+0x81/0x90
[ 2223.565135][ T3359]  ? register_for_each_vma+0x372/0x890
[ 2223.570582][ T3359]  should_failslab+0x5/0x20
[ 2223.575072][ T3359]  kmem_cache_alloc_trace+0x49/0x310
[ 2223.580353][ T3359]  ? register_for_each_vma+0x372/0x890
[ 2223.582483][ T3376] devpts: called with bogus options
[ 2223.585812][ T3359]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2223.585836][ T3359]  register_for_each_vma+0x372/0x890
[ 2223.602301][ T3359]  __uprobe_register+0x3f4/0x8a0
[ 2223.607231][ T3359]  uprobe_register_refctr+0x29/0x40
[ 2223.612420][ T3359]  probe_event_enable+0x2be/0x7d0
[ 2223.617437][ T3359]  ? __uprobe_trace_func+0x430/0x430
[ 2223.622734][ T3359]  trace_uprobe_register+0x88/0x410
[ 2223.628030][ T3359]  perf_trace_event_init+0x34e/0x790
[ 2223.633358][ T3359]  perf_uprobe_init+0xf5/0x140
[ 2223.638104][ T3359]  perf_uprobe_event_init+0xde/0x140
[ 2223.643375][ T3359]  perf_try_init_event+0x21a/0x400
[ 2223.648512][ T3359]  perf_event_alloc+0xa60/0x1790
[ 2223.653423][ T3359]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2223.659027][ T3359]  ? vfs_write+0x50c/0x770
[ 2223.663414][ T3359]  __x64_sys_perf_event_open+0x63/0x70
[ 2223.668956][ T3359]  do_syscall_64+0x4a/0x90
[ 2223.673365][ T3359]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2223.679245][ T3359] RIP: 0033:0x4665d9
[ 2223.683116][ T3359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2223.702768][ T3359] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2223.711159][ T3359] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2223.719145][ T3359] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2223.727120][ T3359] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2223.735065][ T3359] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2223.743033][ T3359] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:38 executing program 4 (fault-call:1 fault-nth:67):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:38 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:38 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\t')

03:42:38 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2224.023778][ T3356] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2224.031790][ T3356] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2224.043549][ T3356] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2224.051689][ T3356] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2224.222828][ T3387] devpts: called with bogus options
[ 2224.235244][ T3356] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2224.243228][ T3356] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2224.254524][ T3356] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2224.262480][ T3356] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2224.294442][ T3388] FAULT_INJECTION: forcing a failure.
[ 2224.294442][ T3388] name failslab, interval 1, probability 0, space 0, times 0
[ 2224.307061][ T3388] CPU: 1 PID: 3388 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2224.315764][ T3388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2224.325804][ T3388] Call Trace:
[ 2224.329060][ T3388]  dump_stack+0x137/0x19d
[ 2224.333377][ T3388]  should_fail+0x23c/0x250
[ 2224.337792][ T3388]  __should_failslab+0x81/0x90
[ 2224.342543][ T3388]  ? register_for_each_vma+0x372/0x890
[ 2224.347982][ T3388]  should_failslab+0x5/0x20
[ 2224.352469][ T3388]  kmem_cache_alloc_trace+0x49/0x310
[ 2224.357753][ T3388]  ? register_for_each_vma+0x372/0x890
[ 2224.363347][ T3388]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2224.369297][ T3388]  register_for_each_vma+0x372/0x890
[ 2224.374658][ T3388]  __uprobe_register+0x3f4/0x8a0
[ 2224.379586][ T3388]  uprobe_register_refctr+0x29/0x40
[ 2224.384763][ T3388]  probe_event_enable+0x2be/0x7d0
[ 2224.389771][ T3388]  ? __uprobe_trace_func+0x430/0x430
[ 2224.395168][ T3388]  trace_uprobe_register+0x88/0x410
[ 2224.400357][ T3388]  perf_trace_event_init+0x34e/0x790
[ 2224.405620][ T3388]  perf_uprobe_init+0xf5/0x140
[ 2224.410362][ T3388]  perf_uprobe_event_init+0xde/0x140
[ 2224.415632][ T3388]  perf_try_init_event+0x21a/0x400
[ 2224.420722][ T3388]  perf_event_alloc+0xa60/0x1790
[ 2224.425631][ T3388]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2224.431237][ T3388]  ? vfs_write+0x50c/0x770
[ 2224.435626][ T3388]  __x64_sys_perf_event_open+0x63/0x70
[ 2224.441059][ T3388]  do_syscall_64+0x4a/0x90
[ 2224.445450][ T3388]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2224.451330][ T3388] RIP: 0033:0x4665d9
[ 2224.455200][ T3388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2224.474815][ T3388] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2224.483327][ T3388] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:39 executing program 3 (fault-call:6 fault-nth:38):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:39 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\n')

03:42:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2224.491269][ T3388] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2224.499217][ T3388] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2224.507160][ T3388] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2224.515108][ T3388] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:39 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10000010000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:39 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\v')

[ 2224.587930][ T3402] devpts: called with bogus options
[ 2224.791331][ T3412] devpts: called with bogus options
[ 2224.797897][ T3400] FAULT_INJECTION: forcing a failure.
[ 2224.797897][ T3400] name failslab, interval 1, probability 0, space 0, times 0
[ 2224.810518][ T3400] CPU: 1 PID: 3400 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2224.819175][ T3400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2224.829220][ T3400] Call Trace:
[ 2224.832489][ T3400]  dump_stack+0x137/0x19d
[ 2224.836866][ T3400]  should_fail+0x23c/0x250
[ 2224.841267][ T3400]  __should_failslab+0x81/0x90
[ 2224.846023][ T3400]  ? register_for_each_vma+0x372/0x890
[ 2224.851577][ T3400]  should_failslab+0x5/0x20
[ 2224.856052][ T3400]  kmem_cache_alloc_trace+0x49/0x310
[ 2224.861316][ T3400]  ? register_for_each_vma+0x372/0x890
[ 2224.866748][ T3400]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2224.872724][ T3400]  register_for_each_vma+0x372/0x890
[ 2224.877995][ T3400]  __uprobe_register+0x3f4/0x8a0
[ 2224.882951][ T3400]  uprobe_register_refctr+0x29/0x40
[ 2224.888174][ T3400]  probe_event_enable+0x2be/0x7d0
[ 2224.893187][ T3400]  ? __uprobe_trace_func+0x430/0x430
[ 2224.898488][ T3400]  trace_uprobe_register+0x88/0x410
[ 2224.903748][ T3400]  perf_trace_event_init+0x34e/0x790
[ 2224.909029][ T3400]  perf_uprobe_init+0xf5/0x140
[ 2224.913797][ T3400]  perf_uprobe_event_init+0xde/0x140
[ 2224.919071][ T3400]  perf_try_init_event+0x21a/0x400
[ 2224.924156][ T3400]  perf_event_alloc+0xa60/0x1790
[ 2224.929093][ T3400]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2224.934711][ T3400]  ? vfs_write+0x50c/0x770
[ 2224.939119][ T3400]  __x64_sys_perf_event_open+0x63/0x70
[ 2224.944549][ T3400]  do_syscall_64+0x4a/0x90
[ 2224.949011][ T3400]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2224.954903][ T3400] RIP: 0033:0x4665d9
[ 2224.958848][ T3400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2224.978428][ T3400] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:39 executing program 4 (fault-call:1 fault-nth:68):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600ffff"})

03:42:39 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40000100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:39 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\f')

[ 2224.986813][ T3400] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2224.994762][ T3400] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2225.002825][ T3400] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2225.010788][ T3400] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2225.018742][ T3400] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2225.058987][ T3424] devpts: called with bogus options
[ 2225.098880][ T3425] FAULT_INJECTION: forcing a failure.
[ 2225.098880][ T3425] name failslab, interval 1, probability 0, space 0, times 0
[ 2225.111488][ T3425] CPU: 1 PID: 3425 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2225.120179][ T3425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2225.130215][ T3425] Call Trace:
[ 2225.133481][ T3425]  dump_stack+0x137/0x19d
[ 2225.137796][ T3425]  should_fail+0x23c/0x250
[ 2225.142255][ T3425]  __should_failslab+0x81/0x90
[ 2225.147064][ T3425]  ? register_for_each_vma+0x372/0x890
[ 2225.152510][ T3425]  should_failslab+0x5/0x20
[ 2225.157001][ T3425]  kmem_cache_alloc_trace+0x49/0x310
[ 2225.162272][ T3425]  ? register_for_each_vma+0x372/0x890
[ 2225.167728][ T3425]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2225.173772][ T3425]  register_for_each_vma+0x372/0x890
[ 2225.179134][ T3425]  __uprobe_register+0x3f4/0x8a0
[ 2225.184057][ T3425]  uprobe_register_refctr+0x29/0x40
[ 2225.189318][ T3425]  probe_event_enable+0x2be/0x7d0
[ 2225.194338][ T3425]  ? __uprobe_trace_func+0x430/0x430
[ 2225.199620][ T3425]  trace_uprobe_register+0x88/0x410
[ 2225.204805][ T3425]  perf_trace_event_init+0x34e/0x790
[ 2225.210138][ T3425]  perf_uprobe_init+0xf5/0x140
[ 2225.214994][ T3425]  perf_uprobe_event_init+0xde/0x140
[ 2225.220258][ T3425]  perf_try_init_event+0x21a/0x400
[ 2225.225368][ T3425]  perf_event_alloc+0xa60/0x1790
[ 2225.230335][ T3425]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2225.235948][ T3425]  ? vfs_write+0x50c/0x770
[ 2225.240355][ T3425]  __x64_sys_perf_event_open+0x63/0x70
[ 2225.245870][ T3425]  do_syscall_64+0x4a/0x90
[ 2225.250285][ T3425]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2225.256218][ T3425] RIP: 0033:0x4665d9
[ 2225.260106][ T3425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2225.279822][ T3425] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2225.288204][ T3425] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2225.296162][ T3425] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2225.304107][ T3425] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2225.312052][ T3425] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2225.320024][ T3425] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:40 executing program 3 (fault-call:6 fault-nth:39):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:40 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:40 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\r')

03:42:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:40 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2225.595338][ T3422] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2225.603444][ T3422] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2225.614535][ T3422] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2225.622490][ T3422] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:40 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:40 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x0e')

03:42:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2225.801299][ T3441] devpts: called with bogus options
[ 2225.815147][ T3422] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2225.823163][ T3422] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2225.836282][ T3422] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
03:42:40 executing program 4 (fault-call:1 fault-nth:69):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2225.844256][ T3422] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:40 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2225.882149][ T3451] devpts: called with bogus options
[ 2225.887852][ T3443] FAULT_INJECTION: forcing a failure.
[ 2225.887852][ T3443] name failslab, interval 1, probability 0, space 0, times 0
[ 2225.900462][ T3443] CPU: 0 PID: 3443 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2225.909118][ T3443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2225.919153][ T3443] Call Trace:
[ 2225.922420][ T3443]  dump_stack+0x137/0x19d
[ 2225.926728][ T3443]  should_fail+0x23c/0x250
[ 2225.931122][ T3443]  __should_failslab+0x81/0x90
[ 2225.935868][ T3443]  ? register_for_each_vma+0x372/0x890
[ 2225.941325][ T3443]  should_failslab+0x5/0x20
[ 2225.945873][ T3443]  kmem_cache_alloc_trace+0x49/0x310
[ 2225.951145][ T3443]  ? register_for_each_vma+0x372/0x890
[ 2225.956606][ T3443]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2225.962612][ T3443]  register_for_each_vma+0x372/0x890
[ 2225.968067][ T3443]  __uprobe_register+0x3f4/0x8a0
[ 2225.973073][ T3443]  uprobe_register_refctr+0x29/0x40
[ 2225.978302][ T3443]  probe_event_enable+0x2be/0x7d0
[ 2225.983372][ T3443]  ? __uprobe_trace_func+0x430/0x430
[ 2225.988687][ T3443]  trace_uprobe_register+0x88/0x410
[ 2225.993911][ T3443]  perf_trace_event_init+0x34e/0x790
[ 2225.999273][ T3443]  perf_uprobe_init+0xf5/0x140
[ 2226.004070][ T3443]  perf_uprobe_event_init+0xde/0x140
[ 2226.009419][ T3443]  perf_try_init_event+0x21a/0x400
[ 2226.014510][ T3443]  perf_event_alloc+0xa60/0x1790
[ 2226.019420][ T3443]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2226.025057][ T3443]  ? vfs_write+0x50c/0x770
[ 2226.029452][ T3443]  __x64_sys_perf_event_open+0x63/0x70
[ 2226.034882][ T3443]  do_syscall_64+0x4a/0x90
[ 2226.039320][ T3443]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2226.045193][ T3443] RIP: 0033:0x4665d9
[ 2226.049135][ T3443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2226.068713][ T3443] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:41 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x10')

03:42:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2226.077110][ T3443] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2226.085054][ T3443] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2226.093021][ T3443] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2226.100976][ T3443] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2226.108928][ T3443] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2226.144683][ T3466] devpts: called with bogus options
[ 2226.191289][ T3467] FAULT_INJECTION: forcing a failure.
[ 2226.191289][ T3467] name failslab, interval 1, probability 0, space 0, times 0
[ 2226.204000][ T3467] CPU: 1 PID: 3467 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2226.212645][ T3467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2226.222686][ T3467] Call Trace:
[ 2226.225945][ T3467]  dump_stack+0x137/0x19d
[ 2226.230336][ T3467]  should_fail+0x23c/0x250
[ 2226.234744][ T3467]  __should_failslab+0x81/0x90
[ 2226.239596][ T3467]  ? register_for_each_vma+0x372/0x890
[ 2226.245047][ T3467]  should_failslab+0x5/0x20
[ 2226.249523][ T3467]  kmem_cache_alloc_trace+0x49/0x310
[ 2226.254780][ T3467]  ? register_for_each_vma+0x372/0x890
[ 2226.260259][ T3467]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2226.266211][ T3467]  register_for_each_vma+0x372/0x890
[ 2226.271542][ T3467]  __uprobe_register+0x3f4/0x8a0
[ 2226.276475][ T3467]  uprobe_register_refctr+0x29/0x40
[ 2226.281713][ T3467]  probe_event_enable+0x2be/0x7d0
[ 2226.286832][ T3467]  ? __uprobe_trace_func+0x430/0x430
[ 2226.292087][ T3467]  trace_uprobe_register+0x88/0x410
[ 2226.297272][ T3467]  perf_trace_event_init+0x34e/0x790
[ 2226.302594][ T3467]  perf_uprobe_init+0xf5/0x140
[ 2226.307392][ T3467]  perf_uprobe_event_init+0xde/0x140
[ 2226.312664][ T3467]  perf_try_init_event+0x21a/0x400
[ 2226.317766][ T3467]  perf_event_alloc+0xa60/0x1790
[ 2226.322701][ T3467]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2226.328305][ T3467]  ? vfs_write+0x50c/0x770
[ 2226.332696][ T3467]  __x64_sys_perf_event_open+0x63/0x70
[ 2226.338141][ T3467]  do_syscall_64+0x4a/0x90
[ 2226.342553][ T3467]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2226.348424][ T3467] RIP: 0033:0x4665d9
[ 2226.352372][ T3467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2226.372020][ T3467] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2226.380459][ T3467] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2226.388428][ T3467] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2226.396391][ T3467] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2226.404358][ T3467] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2226.412300][ T3467] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:41 executing program 3 (fault-call:6 fault-nth:40):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600fdfd"})

03:42:41 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x11')

03:42:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:41 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2226.682523][ T3462] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2226.690615][ T3462] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2226.701643][ T3462] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2226.709617][ T3462] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:41 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x12')

03:42:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2226.879925][ T3477] devpts: called with bogus options
[ 2226.886536][ T3462] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2226.894522][ T3462] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2226.905554][ T3462] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2226.913517][ T3462] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:41 executing program 4 (fault-call:1 fault-nth:70):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:41 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:41 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:41 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\"')

[ 2226.968154][ T3492] devpts: called with bogus options
[ 2226.985510][ T3479] FAULT_INJECTION: forcing a failure.
[ 2226.985510][ T3479] name failslab, interval 1, probability 0, space 0, times 0
[ 2226.998150][ T3479] CPU: 0 PID: 3479 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2227.006968][ T3479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2227.017006][ T3479] Call Trace:
[ 2227.020266][ T3479]  dump_stack+0x137/0x19d
[ 2227.024700][ T3479]  should_fail+0x23c/0x250
[ 2227.029101][ T3479]  __should_failslab+0x81/0x90
[ 2227.033937][ T3479]  ? register_for_each_vma+0x372/0x890
[ 2227.039420][ T3479]  should_failslab+0x5/0x20
[ 2227.043909][ T3479]  kmem_cache_alloc_trace+0x49/0x310
[ 2227.049258][ T3479]  ? register_for_each_vma+0x372/0x890
[ 2227.054786][ T3479]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2227.060785][ T3479]  register_for_each_vma+0x372/0x890
[ 2227.066068][ T3479]  __uprobe_register+0x3f4/0x8a0
[ 2227.071081][ T3479]  uprobe_register_refctr+0x29/0x40
[ 2227.076297][ T3479]  probe_event_enable+0x2be/0x7d0
[ 2227.081468][ T3479]  ? __uprobe_trace_func+0x430/0x430
[ 2227.086760][ T3479]  trace_uprobe_register+0x88/0x410
[ 2227.091939][ T3479]  perf_trace_event_init+0x34e/0x790
[ 2227.097229][ T3479]  perf_uprobe_init+0xf5/0x140
[ 2227.102045][ T3479]  perf_uprobe_event_init+0xde/0x140
[ 2227.107340][ T3479]  perf_try_init_event+0x21a/0x400
[ 2227.112524][ T3479]  perf_event_alloc+0xa60/0x1790
[ 2227.117522][ T3479]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2227.123143][ T3479]  ? vfs_write+0x50c/0x770
[ 2227.127547][ T3479]  __x64_sys_perf_event_open+0x63/0x70
[ 2227.133007][ T3479]  do_syscall_64+0x4a/0x90
[ 2227.137422][ T3479]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2227.143377][ T3479] RIP: 0033:0x4665d9
[ 2227.147243][ T3479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2227.166831][ T3479] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2227.175217][ T3479] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2227.183167][ T3479] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2227.191136][ T3479] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2227.199085][ T3479] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2227.207033][ T3479] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2227.248238][ T3512] devpts: called with bogus options
[ 2227.288168][ T3506] FAULT_INJECTION: forcing a failure.
[ 2227.288168][ T3506] name failslab, interval 1, probability 0, space 0, times 0
[ 2227.300888][ T3506] CPU: 0 PID: 3506 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2227.309538][ T3506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2227.319562][ T3506] Call Trace:
[ 2227.322886][ T3506]  dump_stack+0x137/0x19d
[ 2227.327253][ T3506]  should_fail+0x23c/0x250
[ 2227.331651][ T3506]  __should_failslab+0x81/0x90
[ 2227.336387][ T3506]  ? register_for_each_vma+0x372/0x890
[ 2227.341899][ T3506]  should_failslab+0x5/0x20
[ 2227.346371][ T3506]  kmem_cache_alloc_trace+0x49/0x310
[ 2227.351630][ T3506]  ? register_for_each_vma+0x372/0x890
[ 2227.357062][ T3506]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2227.363018][ T3506]  register_for_each_vma+0x372/0x890
[ 2227.368347][ T3506]  __uprobe_register+0x3f4/0x8a0
[ 2227.373310][ T3506]  uprobe_register_refctr+0x29/0x40
[ 2227.378560][ T3506]  probe_event_enable+0x2be/0x7d0
[ 2227.383564][ T3506]  ? __uprobe_trace_func+0x430/0x430
[ 2227.388828][ T3506]  trace_uprobe_register+0x88/0x410
[ 2227.394067][ T3506]  perf_trace_event_init+0x34e/0x790
[ 2227.399326][ T3506]  perf_uprobe_init+0xf5/0x140
[ 2227.404187][ T3506]  perf_uprobe_event_init+0xde/0x140
[ 2227.409445][ T3506]  perf_try_init_event+0x21a/0x400
[ 2227.414543][ T3506]  perf_event_alloc+0xa60/0x1790
[ 2227.419450][ T3506]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2227.425052][ T3506]  ? vfs_write+0x50c/0x770
[ 2227.429459][ T3506]  __x64_sys_perf_event_open+0x63/0x70
[ 2227.434958][ T3506]  do_syscall_64+0x4a/0x90
[ 2227.439427][ T3506]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2227.445328][ T3506] RIP: 0033:0x4665d9
[ 2227.449196][ T3506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2227.468795][ T3506] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2227.477174][ T3506] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2227.485159][ T3506] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2227.493105][ T3506] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2227.501049][ T3506] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2227.508995][ T3506] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:42 executing program 3 (fault-call:6 fault-nth:41):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:42 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000080000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:42 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs%')

[ 2227.770973][ T3504] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2227.779048][ T3504] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2227.790338][ T3504] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2227.798321][ T3504] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:42 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfsH')

03:42:42 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2227.981610][ T3504] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2227.989693][ T3504] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2228.001484][ T3521] devpts: called with bogus options
[ 2228.002545][ T3504] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2228.014651][ T3504] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2228.055994][ T3522] FAULT_INJECTION: forcing a failure.
[ 2228.055994][ T3522] name failslab, interval 1, probability 0, space 0, times 0
[ 2228.068605][ T3522] CPU: 0 PID: 3522 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2228.077345][ T3522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2228.087377][ T3522] Call Trace:
[ 2228.090638][ T3522]  dump_stack+0x137/0x19d
[ 2228.094956][ T3522]  should_fail+0x23c/0x250
[ 2228.099357][ T3522]  __should_failslab+0x81/0x90
[ 2228.104159][ T3522]  ? register_for_each_vma+0x372/0x890
[ 2228.109613][ T3522]  should_failslab+0x5/0x20
[ 2228.114122][ T3522]  kmem_cache_alloc_trace+0x49/0x310
[ 2228.119413][ T3522]  ? register_for_each_vma+0x372/0x890
[ 2228.124869][ T3522]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2228.130834][ T3522]  register_for_each_vma+0x372/0x890
[ 2228.136182][ T3522]  __uprobe_register+0x3f4/0x8a0
[ 2228.141136][ T3522]  uprobe_register_refctr+0x29/0x40
[ 2228.142891][ T3535] devpts: called with bogus options
[ 2228.146321][ T3522]  probe_event_enable+0x2be/0x7d0
03:42:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfeffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2228.146342][ T3522]  ? __uprobe_trace_func+0x430/0x430
[ 2228.161816][ T3522]  trace_uprobe_register+0x88/0x410
[ 2228.167034][ T3522]  perf_trace_event_init+0x34e/0x790
[ 2228.172387][ T3522]  perf_uprobe_init+0xf5/0x140
[ 2228.177130][ T3522]  perf_uprobe_event_init+0xde/0x140
[ 2228.182387][ T3522]  perf_try_init_event+0x21a/0x400
[ 2228.187557][ T3522]  perf_event_alloc+0xa60/0x1790
[ 2228.192504][ T3522]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2228.198108][ T3522]  ? vfs_write+0x50c/0x770
[ 2228.202519][ T3522]  __x64_sys_perf_event_open+0x63/0x70
[ 2228.208067][ T3522]  do_syscall_64+0x4a/0x90
[ 2228.212477][ T3522]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2228.218367][ T3522] RIP: 0033:0x4665d9
[ 2228.222229][ T3522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2228.241805][ T3522] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:43 executing program 4 (fault-call:1 fault-nth:71):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfsL')

03:42:43 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2228.250258][ T3522] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2228.258245][ T3522] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2228.266194][ T3522] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2228.274139][ T3522] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2228.282081][ T3522] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2228.349699][ T3547] devpts: called with bogus options
[ 2228.437143][T12059] ==================================================================
[ 2228.445312][T12059] BUG: KCSAN: data-race in __process_echoes / n_tty_receive_char_special
[ 2228.453715][T12059] 
[ 2228.456017][T12059] write to 0xffffc90010eae461 of 1 bytes by task 3554 on cpu 0:
[ 2228.463621][T12059]  n_tty_receive_char_special+0x1410/0x3ac0
[ 2228.469515][T12059]  n_tty_receive_buf_common+0xe0c/0x1e20
[ 2228.475126][T12059]  n_tty_receive_buf+0x2b/0x40
[ 2228.479871][T12059]  tty_ioctl+0x968/0x1120
[ 2228.484177][T12059]  __se_sys_ioctl+0xcb/0x140
[ 2228.488743][T12059]  __x64_sys_ioctl+0x3f/0x50
[ 2228.493311][T12059]  do_syscall_64+0x4a/0x90
[ 2228.497702][T12059]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2228.503576][T12059] 
[ 2228.505881][T12059] read to 0xffffc90010eae461 of 1 bytes by task 12059 on cpu 1:
[ 2228.513492][T12059]  __process_echoes+0x535/0x660
[ 2228.518321][T12059]  n_tty_receive_buf_common+0x14ad/0x1e20
[ 2228.524020][T12059]  n_tty_receive_buf2+0x2e/0x40
[ 2228.528856][T12059]  tty_ldisc_receive_buf+0x5b/0xf0
[ 2228.533957][T12059]  tty_port_default_receive_buf+0x54/0x80
[ 2228.539660][T12059]  flush_to_ldisc+0x1c5/0x2c0
[ 2228.544325][T12059]  process_one_work+0x3e9/0x8f0
[ 2228.549155][T12059]  worker_thread+0x636/0xae0
[ 2228.553724][T12059]  kthread+0x1d0/0x1f0
[ 2228.557770][T12059]  ret_from_fork+0x1f/0x30
[ 2228.562166][T12059] 
[ 2228.564465][T12059] value changed: 0xff -> 0x00
[ 2228.569114][T12059] 
[ 2228.571429][T12059] Reported by Kernel Concurrency Sanitizer on:
[ 2228.577662][T12059] CPU: 1 PID: 12059 Comm: kworker/u4:14 Not tainted 5.13.0-rc7-syzkaller #0
[ 2228.586304][T12059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2228.596329][T12059] Workqueue: events_unbound flush_to_ldisc
[ 2228.602108][T12059] ==================================================================
[ 2228.614488][ T3550] FAULT_INJECTION: forcing a failure.
[ 2228.614488][ T3550] name failslab, interval 1, probability 0, space 0, times 0
[ 2228.627074][ T3550] CPU: 1 PID: 3550 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2228.635762][ T3550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2228.645806][ T3550] Call Trace:
[ 2228.649074][ T3550]  dump_stack+0x137/0x19d
[ 2228.653385][ T3550]  should_fail+0x23c/0x250
[ 2228.657806][ T3550]  __should_failslab+0x81/0x90
[ 2228.662619][ T3550]  ? register_for_each_vma+0x372/0x890
[ 2228.668068][ T3550]  should_failslab+0x5/0x20
[ 2228.672561][ T3550]  kmem_cache_alloc_trace+0x49/0x310
[ 2228.677884][ T3550]  ? register_for_each_vma+0x372/0x890
[ 2228.683460][ T3550]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2228.689492][ T3550]  register_for_each_vma+0x372/0x890
[ 2228.694754][ T3550]  __uprobe_register+0x3f4/0x8a0
[ 2228.699665][ T3550]  uprobe_register_refctr+0x29/0x40
[ 2228.704834][ T3550]  probe_event_enable+0x2be/0x7d0
[ 2228.709876][ T3550]  ? __uprobe_trace_func+0x430/0x430
[ 2228.715142][ T3550]  trace_uprobe_register+0x88/0x410
[ 2228.720316][ T3550]  perf_trace_event_init+0x34e/0x790
[ 2228.725604][ T3550]  perf_uprobe_init+0xf5/0x140
[ 2228.730371][ T3550]  perf_uprobe_event_init+0xde/0x140
[ 2228.735682][ T3550]  perf_try_init_event+0x21a/0x400
[ 2228.740888][ T3550]  perf_event_alloc+0xa60/0x1790
[ 2228.745800][ T3550]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2228.751427][ T3550]  ? vfs_write+0x50c/0x770
[ 2228.755822][ T3550]  __x64_sys_perf_event_open+0x63/0x70
[ 2228.761342][ T3550]  do_syscall_64+0x4a/0x90
[ 2228.765786][ T3550]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2228.771660][ T3550] RIP: 0033:0x4665d9
[ 2228.775537][ T3550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2228.795140][ T3550] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2228.803537][ T3550] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2228.811502][ T3550] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2228.819480][ T3550] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2228.827488][ T3550] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
03:42:43 executing program 3 (fault-call:6 fault-nth:42):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs`')

03:42:43 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2228.835533][ T3550] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:43 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfsh')

03:42:43 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:43 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2228.885414][ T3558] devpts: called with bogus options
[ 2228.919226][ T3542] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2228.927288][ T3542] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2228.938599][ T3542] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2228.946590][ T3542] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2229.137035][ T3573] devpts: called with bogus options
[ 2229.143935][ T3542] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2229.151923][ T3542] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2229.163435][ T3542] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2229.171440][ T3542] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2229.206742][ T3563] FAULT_INJECTION: forcing a failure.
[ 2229.206742][ T3563] name failslab, interval 1, probability 0, space 0, times 0
[ 2229.219403][ T3563] CPU: 0 PID: 3563 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2229.228048][ T3563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2229.238075][ T3563] Call Trace:
[ 2229.241407][ T3563]  dump_stack+0x137/0x19d
[ 2229.245897][ T3563]  should_fail+0x23c/0x250
[ 2229.250337][ T3563]  __should_failslab+0x81/0x90
[ 2229.255083][ T3563]  ? register_for_each_vma+0x372/0x890
[ 2229.260554][ T3563]  should_failslab+0x5/0x20
[ 2229.265046][ T3563]  kmem_cache_alloc_trace+0x49/0x310
[ 2229.270340][ T3563]  ? register_for_each_vma+0x372/0x890
[ 2229.275770][ T3563]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2229.281907][ T3563]  register_for_each_vma+0x372/0x890
[ 2229.287167][ T3563]  __uprobe_register+0x3f4/0x8a0
[ 2229.292115][ T3563]  uprobe_register_refctr+0x29/0x40
[ 2229.297285][ T3563]  probe_event_enable+0x2be/0x7d0
[ 2229.302335][ T3563]  ? __uprobe_trace_func+0x430/0x430
[ 2229.307595][ T3563]  trace_uprobe_register+0x88/0x410
[ 2229.312778][ T3563]  perf_trace_event_init+0x34e/0x790
[ 2229.318034][ T3563]  perf_uprobe_init+0xf5/0x140
[ 2229.322768][ T3563]  perf_uprobe_event_init+0xde/0x140
[ 2229.328037][ T3563]  perf_try_init_event+0x21a/0x400
[ 2229.333202][ T3563]  perf_event_alloc+0xa60/0x1790
[ 2229.338121][ T3563]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2229.343725][ T3563]  ? vfs_write+0x50c/0x770
[ 2229.348112][ T3563]  __x64_sys_perf_event_open+0x63/0x70
[ 2229.353555][ T3563]  do_syscall_64+0x4a/0x90
[ 2229.357959][ T3563]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2229.363908][ T3563] RIP: 0033:0x4665d9
[ 2229.367774][ T3563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2229.387405][ T3563] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2229.395819][ T3563] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:44 executing program 4 (fault-call:1 fault-nth:72):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:44 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2229.403764][ T3563] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2229.411775][ T3563] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2229.419717][ T3563] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2229.427684][ T3563] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2229.724359][ T3594] FAULT_INJECTION: forcing a failure.
[ 2229.724359][ T3594] name failslab, interval 1, probability 0, space 0, times 0
[ 2229.737093][ T3594] CPU: 1 PID: 3594 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2229.745847][ T3594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2229.755880][ T3594] Call Trace:
[ 2229.759146][ T3594]  dump_stack+0x137/0x19d
[ 2229.763480][ T3594]  should_fail+0x23c/0x250
[ 2229.767867][ T3594]  __should_failslab+0x81/0x90
[ 2229.772680][ T3594]  ? register_for_each_vma+0x372/0x890
[ 2229.778123][ T3594]  should_failslab+0x5/0x20
[ 2229.782598][ T3594]  kmem_cache_alloc_trace+0x49/0x310
[ 2229.787856][ T3594]  ? register_for_each_vma+0x372/0x890
[ 2229.793356][ T3594]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2229.799392][ T3594]  register_for_each_vma+0x372/0x890
[ 2229.804655][ T3594]  __uprobe_register+0x3f4/0x8a0
[ 2229.809576][ T3594]  uprobe_register_refctr+0x29/0x40
[ 2229.814745][ T3594]  probe_event_enable+0x2be/0x7d0
[ 2229.819803][ T3594]  ? __uprobe_trace_func+0x430/0x430
[ 2229.825078][ T3594]  trace_uprobe_register+0x88/0x410
[ 2229.830252][ T3594]  perf_trace_event_init+0x34e/0x790
[ 2229.835509][ T3594]  perf_uprobe_init+0xf5/0x140
[ 2229.840248][ T3594]  perf_uprobe_event_init+0xde/0x140
[ 2229.845554][ T3594]  perf_try_init_event+0x21a/0x400
[ 2229.850654][ T3594]  perf_event_alloc+0xa60/0x1790
[ 2229.855565][ T3594]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2229.861172][ T3594]  ? vfs_write+0x50c/0x770
[ 2229.865562][ T3594]  __x64_sys_perf_event_open+0x63/0x70
[ 2229.871039][ T3594]  do_syscall_64+0x4a/0x90
[ 2229.875475][ T3594]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2229.881364][ T3594] RIP: 0033:0x4665d9
[ 2229.885298][ T3594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2229.904894][ T3594] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2229.913276][ T3594] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:44 executing program 3 (fault-call:6 fault-nth:43):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:44 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfsl')

03:42:44 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xf6ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2229.921219][ T3594] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2229.929188][ T3594] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2229.937141][ T3594] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2229.945090][ T3594] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:44 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfst')

03:42:44 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2229.997898][ T3600] devpts: called with bogus options
03:42:45 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2230.035898][ T3592] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2230.043883][ T3592] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2230.055471][ T3592] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2230.063459][ T3592] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2230.261077][ T3592] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2230.267103][ T3613] devpts: called with bogus options
[ 2230.269184][ T3592] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2230.290751][ T3592] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2230.298924][ T3592] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:45 executing program 4 (fault-call:1 fault-nth:73):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600000c"})

03:42:45 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffff6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:45 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfsz')

[ 2230.342088][ T3601] FAULT_INJECTION: forcing a failure.
[ 2230.342088][ T3601] name failslab, interval 1, probability 0, space 0, times 0
[ 2230.354676][ T3601] CPU: 0 PID: 3601 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2230.363319][ T3601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2230.373345][ T3601] Call Trace:
[ 2230.376598][ T3601]  dump_stack+0x137/0x19d
[ 2230.380920][ T3601]  should_fail+0x23c/0x250
[ 2230.385310][ T3601]  __should_failslab+0x81/0x90
[ 2230.390126][ T3601]  ? register_for_each_vma+0x372/0x890
[ 2230.395558][ T3601]  should_failslab+0x5/0x20
[ 2230.400040][ T3601]  kmem_cache_alloc_trace+0x49/0x310
[ 2230.405361][ T3601]  ? register_for_each_vma+0x372/0x890
[ 2230.410796][ T3601]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2230.416773][ T3601]  register_for_each_vma+0x372/0x890
[ 2230.422030][ T3601]  __uprobe_register+0x3f4/0x8a0
[ 2230.426944][ T3601]  uprobe_register_refctr+0x29/0x40
[ 2230.432124][ T3601]  probe_event_enable+0x2be/0x7d0
[ 2230.437222][ T3601]  ? __uprobe_trace_func+0x430/0x430
[ 2230.442496][ T3601]  trace_uprobe_register+0x88/0x410
[ 2230.447771][ T3601]  perf_trace_event_init+0x34e/0x790
[ 2230.453055][ T3601]  perf_uprobe_init+0xf5/0x140
[ 2230.457788][ T3601]  perf_uprobe_event_init+0xde/0x140
[ 2230.463164][ T3601]  perf_try_init_event+0x21a/0x400
[ 2230.468245][ T3601]  perf_event_alloc+0xa60/0x1790
[ 2230.473187][ T3601]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2230.478787][ T3601]  ? vfs_write+0x50c/0x770
[ 2230.483172][ T3601]  __x64_sys_perf_event_open+0x63/0x70
[ 2230.488603][ T3601]  do_syscall_64+0x4a/0x90
[ 2230.492991][ T3601]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2230.498857][ T3601] RIP: 0033:0x4665d9
[ 2230.502721][ T3601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2230.522298][ T3601] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2230.530701][ T3601] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2230.538671][ T3601] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2230.546638][ T3601] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2230.554601][ T3601] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2230.562543][ T3601] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2230.582493][ T3625] devpts: called with bogus options
[ 2230.633572][ T3629] FAULT_INJECTION: forcing a failure.
[ 2230.633572][ T3629] name failslab, interval 1, probability 0, space 0, times 0
[ 2230.646222][ T3629] CPU: 1 PID: 3629 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2230.654881][ T3629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2230.664950][ T3629] Call Trace:
[ 2230.668248][ T3629]  dump_stack+0x137/0x19d
[ 2230.672620][ T3629]  should_fail+0x23c/0x250
[ 2230.677118][ T3629]  __should_failslab+0x81/0x90
[ 2230.681874][ T3629]  ? register_for_each_vma+0x372/0x890
[ 2230.687317][ T3629]  should_failslab+0x5/0x20
[ 2230.691807][ T3629]  kmem_cache_alloc_trace+0x49/0x310
[ 2230.697081][ T3629]  ? register_for_each_vma+0x372/0x890
[ 2230.702593][ T3629]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2230.708566][ T3629]  register_for_each_vma+0x372/0x890
[ 2230.713951][ T3629]  __uprobe_register+0x3f4/0x8a0
[ 2230.718883][ T3629]  uprobe_register_refctr+0x29/0x40
[ 2230.724126][ T3629]  probe_event_enable+0x2be/0x7d0
[ 2230.729124][ T3629]  ? __uprobe_trace_func+0x430/0x430
[ 2230.734380][ T3629]  trace_uprobe_register+0x88/0x410
[ 2230.739598][ T3629]  perf_trace_event_init+0x34e/0x790
[ 2230.744945][ T3629]  perf_uprobe_init+0xf5/0x140
[ 2230.749754][ T3629]  perf_uprobe_event_init+0xde/0x140
[ 2230.755156][ T3629]  perf_try_init_event+0x21a/0x400
[ 2230.760316][ T3629]  perf_event_alloc+0xa60/0x1790
[ 2230.765238][ T3629]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2230.770936][ T3629]  ? vfs_write+0x50c/0x770
[ 2230.775334][ T3629]  __x64_sys_perf_event_open+0x63/0x70
[ 2230.780828][ T3629]  do_syscall_64+0x4a/0x90
[ 2230.785230][ T3629]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2230.791117][ T3629] RIP: 0033:0x4665d9
[ 2230.794981][ T3629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2230.814559][ T3629] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2230.823082][ T3629] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2230.831042][ T3629] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2230.838983][ T3629] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2230.846985][ T3629] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2230.854953][ T3629] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:46 executing program 3 (fault-call:6 fault-nth:44):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:46 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:46 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2231.129740][ T3624] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2231.137735][ T3624] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2231.148824][ T3624] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2231.156862][ T3624] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:46 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2231.338307][ T3624] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2231.339074][ T3642] devpts: called with bogus options
[ 2231.346313][ T3624] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2231.362721][ T3624] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2231.370767][ T3624] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:46 executing program 4 (fault-call:1 fault-nth:74):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2231.442103][ T3653] devpts: called with bogus options
[ 2231.451864][ T3639] FAULT_INJECTION: forcing a failure.
[ 2231.451864][ T3639] name failslab, interval 1, probability 0, space 0, times 0
[ 2231.464473][ T3639] CPU: 1 PID: 3639 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2231.473130][ T3639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2231.483228][ T3639] Call Trace:
[ 2231.486485][ T3639]  dump_stack+0x137/0x19d
[ 2231.490834][ T3639]  should_fail+0x23c/0x250
[ 2231.495248][ T3639]  __should_failslab+0x81/0x90
[ 2231.500074][ T3639]  ? register_for_each_vma+0x372/0x890
[ 2231.505533][ T3639]  should_failslab+0x5/0x20
[ 2231.510037][ T3639]  kmem_cache_alloc_trace+0x49/0x310
[ 2231.515374][ T3639]  ? register_for_each_vma+0x372/0x890
[ 2231.520831][ T3639]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2231.526789][ T3639]  register_for_each_vma+0x372/0x890
[ 2231.532145][ T3639]  __uprobe_register+0x3f4/0x8a0
[ 2231.537074][ T3639]  uprobe_register_refctr+0x29/0x40
03:42:46 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2231.542264][ T3639]  probe_event_enable+0x2be/0x7d0
[ 2231.547297][ T3639]  ? __uprobe_trace_func+0x430/0x430
[ 2231.552592][ T3639]  trace_uprobe_register+0x88/0x410
[ 2231.557821][ T3639]  perf_trace_event_init+0x34e/0x790
[ 2231.563112][ T3639]  perf_uprobe_init+0xf5/0x140
[ 2231.567861][ T3639]  perf_uprobe_event_init+0xde/0x140
[ 2231.573136][ T3639]  perf_try_init_event+0x21a/0x400
[ 2231.578229][ T3639]  perf_event_alloc+0xa60/0x1790
[ 2231.583138][ T3639]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2231.588840][ T3639]  ? vfs_write+0x50c/0x770
[ 2231.593241][ T3639]  __x64_sys_perf_event_open+0x63/0x70
[ 2231.598672][ T3639]  do_syscall_64+0x4a/0x90
[ 2231.603115][ T3639]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2231.608981][ T3639] RIP: 0033:0x4665d9
[ 2231.612883][ T3639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2231.632504][ T3639] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:46 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:46 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2231.640886][ T3639] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2231.648838][ T3639] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2231.656840][ T3639] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2231.664781][ T3639] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2231.672764][ T3639] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2231.729636][ T3667] devpts: called with bogus options
[ 2231.761407][ T3663] FAULT_INJECTION: forcing a failure.
[ 2231.761407][ T3663] name failslab, interval 1, probability 0, space 0, times 0
[ 2231.774062][ T3663] CPU: 1 PID: 3663 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2231.782719][ T3663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2231.792815][ T3663] Call Trace:
[ 2231.796117][ T3663]  dump_stack+0x137/0x19d
[ 2231.800471][ T3663]  should_fail+0x23c/0x250
[ 2231.804857][ T3663]  __should_failslab+0x81/0x90
[ 2231.809617][ T3663]  ? register_for_each_vma+0x372/0x890
[ 2231.815084][ T3663]  should_failslab+0x5/0x20
[ 2231.819564][ T3663]  kmem_cache_alloc_trace+0x49/0x310
[ 2231.824820][ T3663]  ? register_for_each_vma+0x372/0x890
[ 2231.830384][ T3663]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2231.836335][ T3663]  register_for_each_vma+0x372/0x890
[ 2231.841604][ T3663]  __uprobe_register+0x3f4/0x8a0
[ 2231.846539][ T3663]  uprobe_register_refctr+0x29/0x40
[ 2231.851728][ T3663]  probe_event_enable+0x2be/0x7d0
[ 2231.856727][ T3663]  ? __uprobe_trace_func+0x430/0x430
[ 2231.862030][ T3663]  trace_uprobe_register+0x88/0x410
[ 2231.867206][ T3663]  perf_trace_event_init+0x34e/0x790
[ 2231.872561][ T3663]  perf_uprobe_init+0xf5/0x140
[ 2231.877341][ T3663]  perf_uprobe_event_init+0xde/0x140
[ 2231.882598][ T3663]  perf_try_init_event+0x21a/0x400
[ 2231.887701][ T3663]  perf_event_alloc+0xa60/0x1790
[ 2231.892657][ T3663]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2231.898306][ T3663]  ? vfs_write+0x50c/0x770
[ 2231.902692][ T3663]  __x64_sys_perf_event_open+0x63/0x70
[ 2231.908131][ T3663]  do_syscall_64+0x4a/0x90
[ 2231.912535][ T3663]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2231.918436][ T3663] RIP: 0033:0x4665d9
[ 2231.922307][ T3663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2231.941897][ T3663] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2231.950279][ T3663] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2231.958241][ T3663] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2231.966236][ T3663] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2231.974188][ T3663] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2231.982132][ T3663] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:47 executing program 3 (fault-call:6 fault-nth:45):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:47 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600000f"})

03:42:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:47 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000001000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:47 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2232.250292][ T3661] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2232.258289][ T3661] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2232.269328][ T3661] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2232.277319][ T3661] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:47 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2232.460745][ T3677] devpts: called with bogus options
03:42:47 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2232.481469][ T3661] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2232.489460][ T3661] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2232.503770][ T3661] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2232.511758][ T3661] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2232.534877][ T3680] FAULT_INJECTION: forcing a failure.
[ 2232.534877][ T3680] name failslab, interval 1, probability 0, space 0, times 0
[ 2232.547474][ T3680] CPU: 0 PID: 3680 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2232.553230][ T3690] devpts: called with bogus options
[ 2232.556153][ T3680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2232.556163][ T3680] Call Trace:
[ 2232.556169][ T3680]  dump_stack+0x137/0x19d
[ 2232.578962][ T3680]  should_fail+0x23c/0x250
[ 2232.583380][ T3680]  __should_failslab+0x81/0x90
[ 2232.588214][ T3680]  ? register_for_each_vma+0x372/0x890
[ 2232.593689][ T3680]  should_failslab+0x5/0x20
[ 2232.598200][ T3680]  kmem_cache_alloc_trace+0x49/0x310
[ 2232.603468][ T3680]  ? register_for_each_vma+0x372/0x890
[ 2232.608921][ T3680]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2232.614886][ T3680]  register_for_each_vma+0x372/0x890
[ 2232.620161][ T3680]  __uprobe_register+0x3f4/0x8a0
[ 2232.625169][ T3680]  uprobe_register_refctr+0x29/0x40
[ 2232.630366][ T3680]  probe_event_enable+0x2be/0x7d0
[ 2232.635535][ T3680]  ? __uprobe_trace_func+0x430/0x430
[ 2232.640821][ T3680]  trace_uprobe_register+0x88/0x410
[ 2232.646019][ T3680]  perf_trace_event_init+0x34e/0x790
[ 2232.651288][ T3680]  perf_uprobe_init+0xf5/0x140
[ 2232.656034][ T3680]  perf_uprobe_event_init+0xde/0x140
[ 2232.661305][ T3680]  perf_try_init_event+0x21a/0x400
[ 2232.666520][ T3680]  perf_event_alloc+0xa60/0x1790
[ 2232.671520][ T3680]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2232.677133][ T3680]  ? vfs_write+0x50c/0x770
[ 2232.681536][ T3680]  __x64_sys_perf_event_open+0x63/0x70
[ 2232.686974][ T3680]  do_syscall_64+0x4a/0x90
[ 2232.691388][ T3680]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2232.697298][ T3680] RIP: 0033:0x4665d9
[ 2232.701187][ T3680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2232.720774][ T3680] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:47 executing program 4 (fault-call:1 fault-nth:75):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:47 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:47 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:47 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2232.729204][ T3680] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2232.737147][ T3680] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2232.745103][ T3680] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2232.753062][ T3680] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2232.761006][ T3680] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2232.847909][ T3709] devpts: called with bogus options
[ 2233.048534][ T3707] FAULT_INJECTION: forcing a failure.
[ 2233.048534][ T3707] name failslab, interval 1, probability 0, space 0, times 0
[ 2233.061245][ T3707] CPU: 0 PID: 3707 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2233.069932][ T3707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2233.079965][ T3707] Call Trace:
[ 2233.083241][ T3707]  dump_stack+0x137/0x19d
[ 2233.087562][ T3707]  should_fail+0x23c/0x250
[ 2233.091968][ T3707]  __should_failslab+0x81/0x90
[ 2233.096736][ T3707]  ? register_for_each_vma+0x372/0x890
[ 2233.102189][ T3707]  should_failslab+0x5/0x20
[ 2233.106663][ T3707]  kmem_cache_alloc_trace+0x49/0x310
[ 2233.111961][ T3707]  ? register_for_each_vma+0x372/0x890
[ 2233.117439][ T3707]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2233.123421][ T3707]  register_for_each_vma+0x372/0x890
[ 2233.128706][ T3707]  __uprobe_register+0x3f4/0x8a0
[ 2233.133687][ T3707]  uprobe_register_refctr+0x29/0x40
[ 2233.138857][ T3707]  probe_event_enable+0x2be/0x7d0
[ 2233.143853][ T3707]  ? __uprobe_trace_func+0x430/0x430
[ 2233.149117][ T3707]  trace_uprobe_register+0x88/0x410
[ 2233.154290][ T3707]  perf_trace_event_init+0x34e/0x790
[ 2233.159551][ T3707]  perf_uprobe_init+0xf5/0x140
[ 2233.164301][ T3707]  perf_uprobe_event_init+0xde/0x140
[ 2233.169568][ T3707]  perf_try_init_event+0x21a/0x400
[ 2233.174673][ T3707]  perf_event_alloc+0xa60/0x1790
[ 2233.179589][ T3707]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2233.185193][ T3707]  ? vfs_write+0x50c/0x770
[ 2233.189639][ T3707]  __x64_sys_perf_event_open+0x63/0x70
[ 2233.195077][ T3707]  do_syscall_64+0x4a/0x90
[ 2233.199550][ T3707]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2233.205460][ T3707] RIP: 0033:0x4665d9
[ 2233.209337][ T3707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2233.228976][ T3707] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2233.237405][ T3707] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:48 executing program 3 (fault-call:6 fault-nth:46):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:48 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:48 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2233.245441][ T3707] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2233.253386][ T3707] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2233.261326][ T3707] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2233.269290][ T3707] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:48 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2233.325733][ T3720] devpts: called with bogus options
03:42:48 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1004000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2233.357851][ T3702] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2233.365852][ T3702] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2233.377280][ T3702] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2233.385271][ T3702] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2233.566576][ T3731] devpts: called with bogus options
[ 2233.578166][ T3702] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2233.586152][ T3702] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2233.597502][ T3702] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2233.605551][ T3702] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2233.637333][ T3718] FAULT_INJECTION: forcing a failure.
[ 2233.637333][ T3718] name failslab, interval 1, probability 0, space 0, times 0
[ 2233.649950][ T3718] CPU: 1 PID: 3718 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2233.658619][ T3718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2233.668707][ T3718] Call Trace:
[ 2233.672029][ T3718]  dump_stack+0x137/0x19d
[ 2233.676336][ T3718]  should_fail+0x23c/0x250
[ 2233.680722][ T3718]  __should_failslab+0x81/0x90
[ 2233.685459][ T3718]  ? register_for_each_vma+0x372/0x890
[ 2233.690927][ T3718]  should_failslab+0x5/0x20
[ 2233.695404][ T3718]  kmem_cache_alloc_trace+0x49/0x310
[ 2233.700743][ T3718]  ? register_for_each_vma+0x372/0x890
[ 2233.706180][ T3718]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2233.712135][ T3718]  register_for_each_vma+0x372/0x890
[ 2233.717476][ T3718]  __uprobe_register+0x3f4/0x8a0
[ 2233.722433][ T3718]  uprobe_register_refctr+0x29/0x40
[ 2233.727607][ T3718]  probe_event_enable+0x2be/0x7d0
[ 2233.732737][ T3718]  ? __uprobe_trace_func+0x430/0x430
[ 2233.737996][ T3718]  trace_uprobe_register+0x88/0x410
[ 2233.743188][ T3718]  perf_trace_event_init+0x34e/0x790
[ 2233.748518][ T3718]  perf_uprobe_init+0xf5/0x140
[ 2233.753320][ T3718]  perf_uprobe_event_init+0xde/0x140
[ 2233.758574][ T3718]  perf_try_init_event+0x21a/0x400
[ 2233.763669][ T3718]  perf_event_alloc+0xa60/0x1790
[ 2233.768649][ T3718]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2233.774283][ T3718]  ? vfs_write+0x50c/0x770
[ 2233.778685][ T3718]  __x64_sys_perf_event_open+0x63/0x70
[ 2233.784138][ T3718]  do_syscall_64+0x4a/0x90
[ 2233.788532][ T3718]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2233.794403][ T3718] RIP: 0033:0x4665d9
[ 2233.798266][ T3718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2233.817875][ T3718] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2233.826288][ T3718] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:48 executing program 4 (fault-call:1 fault-nth:76):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c81260000ff"})

03:42:48 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:48 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x10000010000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2233.834229][ T3718] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2233.842179][ T3718] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2233.850123][ T3718] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2233.858109][ T3718] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2234.125609][ T3750] FAULT_INJECTION: forcing a failure.
[ 2234.125609][ T3750] name failslab, interval 1, probability 0, space 0, times 0
[ 2234.138236][ T3750] CPU: 1 PID: 3750 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2234.146920][ T3750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2234.156964][ T3750] Call Trace:
[ 2234.160218][ T3750]  dump_stack+0x137/0x19d
[ 2234.164541][ T3750]  should_fail+0x23c/0x250
[ 2234.168967][ T3750]  __should_failslab+0x81/0x90
[ 2234.173754][ T3750]  ? register_for_each_vma+0x372/0x890
[ 2234.179192][ T3750]  should_failslab+0x5/0x20
[ 2234.183701][ T3750]  kmem_cache_alloc_trace+0x49/0x310
[ 2234.188958][ T3750]  ? register_for_each_vma+0x372/0x890
[ 2234.194414][ T3750]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2234.200367][ T3750]  register_for_each_vma+0x372/0x890
[ 2234.205704][ T3750]  __uprobe_register+0x3f4/0x8a0
[ 2234.210686][ T3750]  uprobe_register_refctr+0x29/0x40
[ 2234.215860][ T3750]  probe_event_enable+0x2be/0x7d0
[ 2234.220895][ T3750]  ? __uprobe_trace_func+0x430/0x430
[ 2234.226244][ T3750]  trace_uprobe_register+0x88/0x410
[ 2234.231415][ T3750]  perf_trace_event_init+0x34e/0x790
[ 2234.236772][ T3750]  perf_uprobe_init+0xf5/0x140
[ 2234.241509][ T3750]  perf_uprobe_event_init+0xde/0x140
[ 2234.246763][ T3750]  perf_try_init_event+0x21a/0x400
[ 2234.251853][ T3750]  perf_event_alloc+0xa60/0x1790
[ 2234.256769][ T3750]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2234.262372][ T3750]  ? vfs_write+0x50c/0x770
[ 2234.266845][ T3750]  __x64_sys_perf_event_open+0x63/0x70
[ 2234.272305][ T3750]  do_syscall_64+0x4a/0x90
[ 2234.276691][ T3750]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2234.282560][ T3750] RIP: 0033:0x4665d9
[ 2234.286421][ T3750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2234.306018][ T3750] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2234.314403][ T3750] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:49 executing program 3 (fault-call:6 fault-nth:47):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:49 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x40000100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:49 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:49 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2234.322374][ T3750] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2234.330314][ T3750] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2234.338254][ T3750] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2234.346205][ T3750] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2234.384995][ T3758] devpts: called with bogus options
03:42:49 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:49 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2234.414235][ T3756] FAULT_INJECTION: forcing a failure.
[ 2234.414235][ T3756] name failslab, interval 1, probability 0, space 0, times 0
[ 2234.426948][ T3756] CPU: 1 PID: 3756 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2234.435706][ T3756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2234.445830][ T3756] Call Trace:
[ 2234.449094][ T3756]  dump_stack+0x137/0x19d
[ 2234.453411][ T3756]  should_fail+0x23c/0x250
[ 2234.457813][ T3756]  __should_failslab+0x81/0x90
[ 2234.462557][ T3756]  ? register_for_each_vma+0x372/0x890
[ 2234.468127][ T3756]  should_failslab+0x5/0x20
[ 2234.472621][ T3756]  kmem_cache_alloc_trace+0x49/0x310
[ 2234.477886][ T3756]  ? register_for_each_vma+0x372/0x890
[ 2234.483330][ T3756]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2234.489367][ T3756]  register_for_each_vma+0x372/0x890
[ 2234.494637][ T3756]  __uprobe_register+0x3f4/0x8a0
[ 2234.499561][ T3756]  uprobe_register_refctr+0x29/0x40
[ 2234.504758][ T3756]  probe_event_enable+0x2be/0x7d0
[ 2234.509776][ T3756]  ? __uprobe_trace_func+0x430/0x430
[ 2234.515110][ T3756]  trace_uprobe_register+0x88/0x410
[ 2234.520370][ T3756]  perf_trace_event_init+0x34e/0x790
[ 2234.525640][ T3756]  perf_uprobe_init+0xf5/0x140
[ 2234.530389][ T3756]  perf_uprobe_event_init+0xde/0x140
[ 2234.535664][ T3756]  perf_try_init_event+0x21a/0x400
[ 2234.540833][ T3756]  perf_event_alloc+0xa60/0x1790
[ 2234.545761][ T3756]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2234.551394][ T3756]  ? vfs_write+0x50c/0x770
[ 2234.555800][ T3756]  __x64_sys_perf_event_open+0x63/0x70
[ 2234.561305][ T3756]  do_syscall_64+0x4a/0x90
[ 2234.565709][ T3756]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2234.569048][ T3769] devpts: called with bogus options
[ 2234.571597][ T3756] RIP: 0033:0x4665d9
[ 2234.571610][ T3756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2234.571622][ T3756] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2234.571634][ T3756] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2234.571666][ T3756] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2234.571674][ T3756] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2234.632481][ T3756] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2234.640424][ T3756] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
03:42:49 executing program 4 (fault-call:1 fault-nth:77):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:49 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c81260000fd"})

03:42:49 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs ')

03:42:49 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2234.942104][ T3755] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2234.950388][ T3755] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2234.962373][ T3755] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2234.970343][ T3755] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2235.139745][ T3783] devpts: called with bogus options
[ 2235.163379][ T3755] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2235.171434][ T3755] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2235.182871][ T3755] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2235.190845][ T3755] ref_ctr decrement failed for inode: 0x361d offset: 0x1200 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2235.215594][ T3784] FAULT_INJECTION: forcing a failure.
[ 2235.215594][ T3784] name failslab, interval 1, probability 0, space 0, times 0
[ 2235.228347][ T3784] CPU: 0 PID: 3784 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2235.236999][ T3784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2235.247059][ T3784] Call Trace:
[ 2235.250329][ T3784]  dump_stack+0x137/0x19d
[ 2235.254664][ T3784]  should_fail+0x23c/0x250
[ 2235.259196][ T3784]  __should_failslab+0x81/0x90
[ 2235.263949][ T3784]  ? register_for_each_vma+0x372/0x890
[ 2235.269409][ T3784]  should_failslab+0x5/0x20
[ 2235.273897][ T3784]  kmem_cache_alloc_trace+0x49/0x310
[ 2235.279164][ T3784]  ? register_for_each_vma+0x372/0x890
[ 2235.284708][ T3784]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2235.290667][ T3784]  register_for_each_vma+0x372/0x890
[ 2235.295953][ T3784]  __uprobe_register+0x3f4/0x8a0
[ 2235.300950][ T3784]  uprobe_register_refctr+0x29/0x40
[ 2235.306179][ T3784]  probe_event_enable+0x2be/0x7d0
[ 2235.311252][ T3784]  ? __uprobe_trace_func+0x430/0x430
[ 2235.316509][ T3784]  trace_uprobe_register+0x88/0x410
[ 2235.321720][ T3784]  perf_trace_event_init+0x34e/0x790
[ 2235.327065][ T3784]  perf_uprobe_init+0xf5/0x140
[ 2235.331846][ T3784]  perf_uprobe_event_init+0xde/0x140
[ 2235.337218][ T3784]  perf_try_init_event+0x21a/0x400
[ 2235.342315][ T3784]  perf_event_alloc+0xa60/0x1790
[ 2235.347223][ T3784]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2235.352835][ T3784]  ? vfs_write+0x50c/0x770
[ 2235.357221][ T3784]  __x64_sys_perf_event_open+0x63/0x70
[ 2235.362651][ T3784]  do_syscall_64+0x4a/0x90
[ 2235.367171][ T3784]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2235.373074][ T3784] RIP: 0033:0x4665d9
[ 2235.376955][ T3784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2235.396754][ T3784] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2235.405195][ T3784] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:50 executing program 3 (fault-call:6 fault-nth:48):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:50 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:50 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:50 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2235.413197][ T3784] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2235.421354][ T3784] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2235.429370][ T3784] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2235.437315][ T3784] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:50 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:50 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2235.493385][ T3796] devpts: called with bogus options
[ 2235.704084][ T3810] devpts: called with bogus options
[ 2235.709729][ T3797] FAULT_INJECTION: forcing a failure.
[ 2235.709729][ T3797] name failslab, interval 1, probability 0, space 0, times 0
[ 2235.722352][ T3797] CPU: 0 PID: 3797 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2235.731094][ T3797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2235.741178][ T3797] Call Trace:
[ 2235.744450][ T3797]  dump_stack+0x137/0x19d
[ 2235.748794][ T3797]  should_fail+0x23c/0x250
[ 2235.753206][ T3797]  __should_failslab+0x81/0x90
[ 2235.758004][ T3797]  ? register_for_each_vma+0x372/0x890
[ 2235.763451][ T3797]  should_failslab+0x5/0x20
[ 2235.767978][ T3797]  kmem_cache_alloc_trace+0x49/0x310
[ 2235.773295][ T3797]  ? register_for_each_vma+0x372/0x890
[ 2235.778806][ T3797]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2235.784770][ T3797]  register_for_each_vma+0x372/0x890
[ 2235.790207][ T3797]  __uprobe_register+0x3f4/0x8a0
[ 2235.795214][ T3797]  uprobe_register_refctr+0x29/0x40
[ 2235.800410][ T3797]  probe_event_enable+0x2be/0x7d0
[ 2235.805450][ T3797]  ? __uprobe_trace_func+0x430/0x430
[ 2235.810722][ T3797]  trace_uprobe_register+0x88/0x410
[ 2235.816013][ T3797]  perf_trace_event_init+0x34e/0x790
[ 2235.821315][ T3797]  perf_uprobe_init+0xf5/0x140
[ 2235.826112][ T3797]  perf_uprobe_event_init+0xde/0x140
[ 2235.831399][ T3797]  perf_try_init_event+0x21a/0x400
[ 2235.836480][ T3797]  perf_event_alloc+0xa60/0x1790
[ 2235.841404][ T3797]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2235.847046][ T3797]  ? vfs_write+0x50c/0x770
[ 2235.851445][ T3797]  __x64_sys_perf_event_open+0x63/0x70
[ 2235.856947][ T3797]  do_syscall_64+0x4a/0x90
[ 2235.861510][ T3797]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2235.867530][ T3797] RIP: 0033:0x4665d9
[ 2235.871446][ T3797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2235.891045][ T3797] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:50 executing program 4 (fault-call:1 fault-nth:78):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:50 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:50 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2235.899428][ T3797] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2235.907371][ T3797] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2235.915315][ T3797] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2235.923332][ T3797] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2235.931283][ T3797] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2235.977409][ T3822] devpts: called with bogus options
[ 2236.030270][ T3824] FAULT_INJECTION: forcing a failure.
[ 2236.030270][ T3824] name failslab, interval 1, probability 0, space 0, times 0
[ 2236.042875][ T3824] CPU: 0 PID: 3824 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2236.051536][ T3824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2236.061579][ T3824] Call Trace:
[ 2236.064871][ T3824]  dump_stack+0x137/0x19d
[ 2236.069192][ T3824]  should_fail+0x23c/0x250
[ 2236.073635][ T3824]  __should_failslab+0x81/0x90
[ 2236.078406][ T3824]  ? register_for_each_vma+0x372/0x890
[ 2236.083850][ T3824]  should_failslab+0x5/0x20
[ 2236.088448][ T3824]  kmem_cache_alloc_trace+0x49/0x310
[ 2236.093743][ T3824]  ? register_for_each_vma+0x372/0x890
[ 2236.099242][ T3824]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2236.105416][ T3824]  register_for_each_vma+0x372/0x890
[ 2236.110692][ T3824]  __uprobe_register+0x3f4/0x8a0
[ 2236.115742][ T3824]  uprobe_register_refctr+0x29/0x40
[ 2236.120940][ T3824]  probe_event_enable+0x2be/0x7d0
[ 2236.126007][ T3824]  ? __uprobe_trace_func+0x430/0x430
[ 2236.131487][ T3824]  trace_uprobe_register+0x88/0x410
[ 2236.136733][ T3824]  perf_trace_event_init+0x34e/0x790
[ 2236.141995][ T3824]  perf_uprobe_init+0xf5/0x140
[ 2236.146851][ T3824]  perf_uprobe_event_init+0xde/0x140
[ 2236.152136][ T3824]  perf_try_init_event+0x21a/0x400
[ 2236.157336][ T3824]  perf_event_alloc+0xa60/0x1790
[ 2236.162253][ T3824]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2236.167875][ T3824]  ? vfs_write+0x50c/0x770
[ 2236.172266][ T3824]  __x64_sys_perf_event_open+0x63/0x70
[ 2236.177698][ T3824]  do_syscall_64+0x4a/0x90
[ 2236.182091][ T3824]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2236.187961][ T3824] RIP: 0033:0x4665d9
[ 2236.191862][ T3824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2236.211518][ T3824] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2236.220048][ T3824] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2236.228001][ T3824] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2236.236017][ T3824] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2236.243982][ T3824] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2236.252095][ T3824] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:51 executing program 3 (fault-call:6 fault-nth:49):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:51 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x10')

03:42:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40000800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:51 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

[ 2236.561793][ T3823] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2236.569818][ T3823] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2236.581186][ T3823] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2236.589185][ T3823] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
03:42:51 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:51 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2236.766517][ T3838] devpts: called with bogus options
[ 2236.771112][ T3823] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2236.779706][ T3823] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2236.790861][ T3823] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2236.798845][ T3823] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2236.841963][ T3840] FAULT_INJECTION: forcing a failure.
[ 2236.841963][ T3840] name failslab, interval 1, probability 0, space 0, times 0
[ 2236.851050][ T3853] devpts: called with bogus options
[ 2236.854602][ T3840] CPU: 1 PID: 3840 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2236.868437][ T3840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2236.878477][ T3840] Call Trace:
[ 2236.881742][ T3840]  dump_stack+0x137/0x19d
[ 2236.886118][ T3840]  should_fail+0x23c/0x250
[ 2236.890539][ T3840]  __should_failslab+0x81/0x90
[ 2236.895294][ T3840]  ? register_for_each_vma+0x372/0x890
[ 2236.900841][ T3840]  should_failslab+0x5/0x20
[ 2236.905491][ T3840]  kmem_cache_alloc_trace+0x49/0x310
[ 2236.910776][ T3840]  ? register_for_each_vma+0x372/0x890
[ 2236.916244][ T3840]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2236.922218][ T3840]  register_for_each_vma+0x372/0x890
[ 2236.927500][ T3840]  __uprobe_register+0x3f4/0x8a0
[ 2236.932452][ T3840]  uprobe_register_refctr+0x29/0x40
[ 2236.937707][ T3840]  probe_event_enable+0x2be/0x7d0
[ 2236.942721][ T3840]  ? __uprobe_trace_func+0x430/0x430
[ 2236.948074][ T3840]  trace_uprobe_register+0x88/0x410
[ 2236.953305][ T3840]  perf_trace_event_init+0x34e/0x790
[ 2236.958736][ T3840]  perf_uprobe_init+0xf5/0x140
[ 2236.963518][ T3840]  perf_uprobe_event_init+0xde/0x140
[ 2236.968810][ T3840]  perf_try_init_event+0x21a/0x400
[ 2236.973972][ T3840]  perf_event_alloc+0xa60/0x1790
[ 2236.978895][ T3840]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2236.984527][ T3840]  ? vfs_write+0x50c/0x770
[ 2236.988937][ T3840]  __x64_sys_perf_event_open+0x63/0x70
[ 2236.994385][ T3840]  do_syscall_64+0x4a/0x90
[ 2236.998871][ T3840]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2237.004752][ T3840] RIP: 0033:0x4665d9
[ 2237.008620][ T3840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2237.028246][ T3840] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
03:42:51 executing program 4 (fault-call:1 fault-nth:79):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:51 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfeffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:51 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:51 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xf6ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2237.036679][ T3840] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
[ 2237.044663][ T3840] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2237.052615][ T3840] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2237.060653][ T3840] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2237.068606][ T3840] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2237.145808][ T3867] devpts: called with bogus options
[ 2237.334576][ T3866] FAULT_INJECTION: forcing a failure.
[ 2237.334576][ T3866] name failslab, interval 1, probability 0, space 0, times 0
[ 2237.347333][ T3866] CPU: 0 PID: 3866 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2237.356012][ T3866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2237.366058][ T3866] Call Trace:
[ 2237.369313][ T3866]  dump_stack+0x137/0x19d
[ 2237.373690][ T3866]  should_fail+0x23c/0x250
[ 2237.378080][ T3866]  __should_failslab+0x81/0x90
[ 2237.382829][ T3866]  ? register_for_each_vma+0x372/0x890
[ 2237.388262][ T3866]  should_failslab+0x5/0x20
[ 2237.392761][ T3866]  kmem_cache_alloc_trace+0x49/0x310
[ 2237.398060][ T3866]  ? register_for_each_vma+0x372/0x890
[ 2237.403490][ T3866]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2237.409511][ T3866]  register_for_each_vma+0x372/0x890
[ 2237.414768][ T3866]  __uprobe_register+0x3f4/0x8a0
[ 2237.419680][ T3866]  uprobe_register_refctr+0x29/0x40
[ 2237.424863][ T3866]  probe_event_enable+0x2be/0x7d0
[ 2237.429880][ T3866]  ? __uprobe_trace_func+0x430/0x430
[ 2237.435142][ T3866]  trace_uprobe_register+0x88/0x410
[ 2237.440340][ T3866]  perf_trace_event_init+0x34e/0x790
[ 2237.445662][ T3866]  perf_uprobe_init+0xf5/0x140
[ 2237.450510][ T3866]  perf_uprobe_event_init+0xde/0x140
[ 2237.455794][ T3866]  perf_try_init_event+0x21a/0x400
[ 2237.460943][ T3866]  perf_event_alloc+0xa60/0x1790
[ 2237.465850][ T3866]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2237.471517][ T3866]  ? vfs_write+0x50c/0x770
[ 2237.475945][ T3866]  __x64_sys_perf_event_open+0x63/0x70
[ 2237.481380][ T3866]  do_syscall_64+0x4a/0x90
[ 2237.485782][ T3866]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2237.491726][ T3866] RIP: 0033:0x4665d9
[ 2237.495608][ T3866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2237.515193][ T3866] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2237.523581][ T3866] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:52 executing program 3 (fault-call:6 fault-nth:50):
socket$packet(0x11, 0x2, 0x300)
socket(0x11, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:52 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:52 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfeffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:52 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2237.531576][ T3866] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2237.539521][ T3866] RBP: 00007f544ac9c1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2237.547488][ T3866] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2237.555446][ T3866] R13: 00007ffea5eceb1f R14: 00007f544ac9c300 R15: 0000000000022000
03:42:52 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

03:42:52 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x2f606557d6081b8a, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, "00e5ffffffffffffff00000000ba65002000"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xffffff0b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xbffa, 0x0, "078cf0251c0e00"})
mknod(0x0, 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x25, 0x0, 0x0, 0x0, 0x0, "0000000300000000db82456fa79c812600"})

03:42:52 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

[ 2237.614809][ T3876] devpts: called with bogus options
[ 2237.648380][ T3859] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2237.656487][ T3859] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2237.667943][ T3859] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2237.675939][ T3859] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2237.868254][ T3859] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2237.876269][ T3859] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x0000000018998e07
[ 2237.889991][ T3859] ref_ctr going negative. vaddr: 0x20000004, curr val: 0, delta: -1
[ 2237.898027][ T3859] ref_ctr decrement failed for inode: 0x361d offset: 0x0 ref_ctr_offset: 0x4 of mm: 0x00000000b0df8ce6
[ 2237.909203][ T3890] devpts: called with bogus options
[ 2237.915478][ T3890] devpts: called with bogus options
[ 2237.951347][ T3878] FAULT_INJECTION: forcing a failure.
[ 2237.951347][ T3878] name failslab, interval 1, probability 0, space 0, times 0
[ 2237.963977][ T3878] CPU: 1 PID: 3878 Comm: syz-executor.3 Not tainted 5.13.0-rc7-syzkaller #0
[ 2237.972648][ T3878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2237.982831][ T3878] Call Trace:
[ 2237.986097][ T3878]  dump_stack+0x137/0x19d
[ 2237.990430][ T3878]  should_fail+0x23c/0x250
[ 2237.995101][ T3878]  __should_failslab+0x81/0x90
[ 2237.999896][ T3878]  ? register_for_each_vma+0x372/0x890
[ 2238.005410][ T3878]  should_failslab+0x5/0x20
[ 2238.009890][ T3878]  kmem_cache_alloc_trace+0x49/0x310
[ 2238.015172][ T3878]  ? register_for_each_vma+0x372/0x890
[ 2238.020682][ T3878]  ? vma_interval_tree_iter_next+0x24c/0x280
[ 2238.026637][ T3878]  register_for_each_vma+0x372/0x890
[ 2238.031909][ T3878]  __uprobe_register+0x3f4/0x8a0
[ 2238.036901][ T3878]  uprobe_register_refctr+0x29/0x40
[ 2238.042174][ T3878]  probe_event_enable+0x2be/0x7d0
[ 2238.047176][ T3878]  ? __uprobe_trace_func+0x430/0x430
[ 2238.052514][ T3878]  trace_uprobe_register+0x88/0x410
[ 2238.057686][ T3878]  perf_trace_event_init+0x34e/0x790
[ 2238.063014][ T3878]  perf_uprobe_init+0xf5/0x140
[ 2238.067762][ T3878]  perf_uprobe_event_init+0xde/0x140
[ 2238.073019][ T3878]  perf_try_init_event+0x21a/0x400
[ 2238.078100][ T3878]  perf_event_alloc+0xa60/0x1790
[ 2238.083030][ T3878]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2238.088633][ T3878]  ? vfs_write+0x50c/0x770
[ 2238.093021][ T3878]  __x64_sys_perf_event_open+0x63/0x70
[ 2238.098473][ T3878]  do_syscall_64+0x4a/0x90
[ 2238.102863][ T3878]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2238.108804][ T3878] RIP: 0033:0x4665d9
[ 2238.112712][ T3878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2238.132320][ T3878] RSP: 002b:00007fb6293db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2238.140716][ T3878] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
03:42:53 executing program 4 (fault-call:1 fault-nth:80):
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:53 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:53 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1800003, 0x12, r0, 0x0)
preadv(r0, &(0x7f0000000280), 0x18, 0xd9f, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1200}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

03:42:53 executing program 5:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='devpts\x00', 0x0, &(0x7f0000000300)='ramfs\x00')

[ 2238.148661][ T3878] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000180
[ 2238.156613][ T3878] RBP: 00007fb6293db1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2238.164562][ T3878] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002
[ 2238.172524][ T3878] R13: 00007ffcba864c8f R14: 00007fb6293db300 R15: 0000000000022000
[ 2238.215542][ T3903] devpts: called with bogus options
[ 2238.265347][ T3904] FAULT_INJECTION: forcing a failure.
[ 2238.265347][ T3904] name failslab, interval 1, probability 0, space 0, times 0
[ 2238.277970][ T3904] CPU: 0 PID: 3904 Comm: syz-executor.4 Not tainted 5.13.0-rc7-syzkaller #0
[ 2238.286663][ T3904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 2238.296739][ T3904] Call Trace:
[ 2238.300003][ T3904]  dump_stack+0x137/0x19d
[ 2238.304311][ T3904]  should_fail+0x23c/0x250
[ 2238.308733][ T3904]  __should_failslab+0x81/0x90
[ 2238.313468][ T3904]  ? register_for_each_vma+0x372/0x890
[ 2238.318960][ T3904]  should_failslab+0x5/0x20
[ 2238.323439][ T3904]  kmem_cache_alloc_trace+0x49/0x310
[ 2238.328694][ T3904]  ? register_for_each_vma+0x372/0x890
[ 2238.334126][ T3904]  ? vma_interval_tree_iter_next+0x263/0x280
[ 2238.340075][ T3904]  register_for_each_vma+0x372/0x890
[ 2238.345381][ T3904]  __uprobe_register+0x3f4/0x8a0
[ 2238.350297][ T3904]  uprobe_register_refctr+0x29/0x40
[ 2238.355568][ T3904]  probe_event_enable+0x2be/0x7d0
[ 2238.360595][ T3904]  ? __uprobe_trace_func+0x430/0x430
[ 2238.365853][ T3904]  trace_uprobe_register+0x88/0x410
[ 2238.371237][ T3904]  perf_trace_event_init+0x34e/0x790
[ 2238.376505][ T3904]  perf_uprobe_init+0xf5/0x140
[ 2238.381256][ T3904]  perf_uprobe_event_init+0xde/0x140
[ 2238.386597][ T3904]  perf_try_init_event+0x21a/0x400
[ 2238.391718][ T3904]  perf_event_alloc+0xa60/0x1790
[ 2238.396688][ T3904]  __se_sys_perf_event_open+0x5c7/0x2740
[ 2238.402367][ T3904]  ? vfs_write+0x50c/0x770
[ 2238.406894][ T3904]  __x64_sys_perf_event_open+0x63/0x70
[ 2238.412386][ T3904]  do_syscall_64+0x4a/0x90
[ 2238.416795][ T3904]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2238.422675][ T3904] RIP: 0033:0x4665d9
[ 2238.426551][ T3904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2238.446270][ T3904] RSP: 002b:00007f544ac9c188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[ 2238.454867][ T3904] RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9