INFO: task syz-executor.3:15070 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D28648 15070 11464 0x80000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 exit_mm kernel/exit.c:512 [inline] do_exit+0x6e4/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 __do_sys_exit_group kernel/exit.c:978 [inline] __se_sys_exit_group kernel/exit.c:976 [inline] __x64_sys_exit_group+0x3a/0x50 kernel/exit.c:976 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6abc6dd5f9 Code: Bad RIP value. RSP: 002b:00007fffba012a58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f6abc6dd5f9 RDX: 00007f6abc68f3cb RSI: ffffffffffffffb8 RDI: 0000000000000000 RBP: 0000000000000000 R08: 000000471e0637d7 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffba012b40 INFO: task syz-executor.3:15076 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D28312 15076 11464 0x80000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 exit_mm kernel/exit.c:512 [inline] do_exit+0x6e4/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 get_signal+0x3f2/0x1f70 kernel/signal.c:2589 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6abc6dd5f9 Code: Bad RIP value. RSP: 002b:00007f6abb050218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007f6abc7fdf88 RCX: 00007f6abc6dd5f9 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6abc7fdf88 RBP: 00007f6abc7fdf80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6abc7fdf8c R13: 00007fffba01281f R14: 00007f6abb050300 R15: 0000000000022000 INFO: task syz-executor.3:15079 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29760 15079 11464 0x80000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 exit_mm kernel/exit.c:512 [inline] do_exit+0x6e4/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 get_signal+0x3f2/0x1f70 kernel/signal.c:2589 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6abc6dd5f9 Code: Bad RIP value. RSP: 002b:00007f6abb02f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007f6abc7fe058 RCX: 00007f6abc6dd5f9 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6abc7fe058 RBP: 00007f6abc7fe050 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6abc7fe05c R13: 00007fffba01281f R14: 00007f6abb02f300 R15: 0000000000022000 INFO: task syz-executor.3:15081 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29760 15081 11464 0x80000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 exit_mm kernel/exit.c:512 [inline] do_exit+0x6e4/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 get_signal+0x3f2/0x1f70 kernel/signal.c:2589 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6abc6dd5f9 Code: Bad RIP value. RSP: 002b:00007f6abafed218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007f6abc7fe1f8 RCX: 00007f6abc6dd5f9 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6abc7fe1f8 RBP: 00007f6abc7fe1f0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6abc7fe1fc R13: 00007fffba01281f R14: 00007f6abafed300 R15: 0000000000022000 INFO: task syz-executor.3:15082 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29024 15082 11464 0x80000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 exit_mm kernel/exit.c:512 [inline] do_exit+0x6e4/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 get_signal+0x3f2/0x1f70 kernel/signal.c:2589 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6abc6dd5f9 Code: Bad RIP value. RSP: 002b:00007f6abafcc218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007f6abc7fe2c8 RCX: 00007f6abc6dd5f9 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6abc7fe2c8 RBP: 00007f6abc7fe2c0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6abc7fe2cc R13: 00007fffba01281f R14: 00007f6abafcc300 R15: 0000000000022000 INFO: task syz-executor.3:15083 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D29088 15083 11464 0x80000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline] rwsem_down_read_failed+0x20a/0x390 kernel/locking/rwsem-xadd.c:309 call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94 __down_read arch/x86/include/asm/rwsem.h:83 [inline] down_read+0x44/0x80 kernel/locking/rwsem.c:26 exit_mm kernel/exit.c:512 [inline] do_exit+0x6e4/0x2be0 kernel/exit.c:857 do_group_exit+0x125/0x310 kernel/exit.c:967 get_signal+0x3f2/0x1f70 kernel/signal.c:2589 do_signal+0x8f/0x1670 arch/x86/kernel/signal.c:799 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline] syscall_return_slowpath arch/x86/entry/common.c:271 [inline] do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f6abc6dd5f9 Code: Bad RIP value. RSP: 002b:00007f6abafab218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007f6abc7fe398 RCX: 00007f6abc6dd5f9 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6abc7fe398 RBP: 00007f6abc7fe390 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6abc7fe39c R13: 00007fffba01281f R14: 00007f6abafab300 R15: 0000000000022000 Showing all locks held in the system: 3 locks held by kworker/u4:2/146: 1 lock held by khungtaskd/1571: #0: 000000002e4967cf (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 1 lock held by systemd-udevd/4697: 1 lock held by in:imklog/7810: #0: 00000000ebab123c (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767 1 lock held by syz-executor.3/15070: #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline] #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857 1 lock held by syz-executor.3/15076: #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline] #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857 1 lock held by syz-executor.3/15079: #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline] #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857 1 lock held by syz-executor.3/15080: 1 lock held by syz-executor.3/15081: #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline] #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857 1 lock held by syz-executor.3/15082: #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline] #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857 1 lock held by syz-executor.3/15083: #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: exit_mm kernel/exit.c:512 [inline] #0: 000000005e12fe0a (&mm->mmap_sem){++++}, at: do_exit+0x6e4/0x2be0 kernel/exit.c:857 2 locks held by kworker/1:29/20561: #0: 00000000d0b56bf4 ((wq_completion)"rcu_gp"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 000000008fd94f72 ((work_completion)(&rew.rew_work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 1 lock held by syz-executor.2/26629: #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: perf_event_ctx_lock_nested+0x237/0x430 kernel/events/core.c:1283 1 lock held by syz-executor.2/26630: #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: __do_sys_perf_event_open kernel/events/core.c:10822 [inline] #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: __se_sys_perf_event_open+0xaf7/0x2720 kernel/events/core.c:10549 1 lock held by syz-executor.2/26632: #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: __do_sys_perf_event_open kernel/events/core.c:10822 [inline] #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: __se_sys_perf_event_open+0xaf7/0x2720 kernel/events/core.c:10549 3 locks held by syz-executor.5/26633: #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: perf_event_ctx_lock_nested+0x237/0x430 kernel/events/core.c:1283 #1: 00000000349930d5 (&event->mmap_mutex){+.+.}, at: perf_event_set_output+0x2b6/0x4c0 kernel/events/core.c:10442 #2: 0000000078817f7b (rcu_preempt_state.exp_mutex){+.+.}, at: exp_funnel_lock kernel/rcu/tree_exp.h:297 [inline] #2: 0000000078817f7b (rcu_preempt_state.exp_mutex){+.+.}, at: _synchronize_rcu_expedited+0x4dc/0x6f0 kernel/rcu/tree_exp.h:667 1 lock held by syz-executor.5/26636: #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: __do_sys_perf_event_open kernel/events/core.c:10822 [inline] #0: 0000000025860359 (&cpuctx_mutex){+.+.}, at: __se_sys_perf_event_open+0xaf7/0x2720 kernel/events/core.c:10549 2 locks held by syz-executor.4/26666: 1 lock held by systemd-udevd/26669: ============================================= NMI backtrace for cpu 1 CPU: 1 PID: 1571 Comm: khungtaskd Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline] watchdog+0x991/0xe60 kernel/hung_task.c:287 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 PID: 4697 Comm: systemd-udevd Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022 RIP: 0010:native_apic_mem_write+0x0/0x10 arch/x86/include/asm/apic.h:104 Code: d0 7c 04 84 d2 75 13 83 3d cc 17 3d 0b 01 7f 02 5d c3 89 ef 5d e9 f5 fe c9 06 48 c7 c7 00 97 65 8c e8 84 e2 6f 00 eb df 66 90 <89> ff 89 b7 00 c0 5f ff c3 0f 1f 80 00 00 00 00 48 b8 00 00 00 00 RSP: 0018:ffff8880ba0079f8 EFLAGS: 00000046 RAX: dffffc0000000000 RBX: ffffffff89cfb1a0 RCX: 0000000000000020 RDX: 1ffffffff139f636 RSI: 000000000000081b RDI: 0000000000000380 RBP: ffff8880ba01e2c0 R08: ffffffff8c665018 R09: 0000000000000000 R10: 0000000000000007 R11: ffffffff8c66501b R12: 000000000000081b R13: 0000000000000000 R14: ffff8880ba024cc0 R15: ffff8880ba024d30 FS: 00007f0dd8dd38c0(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffc2dfc1b10 CR3: 000000009ae22000 CR4: 00000000003406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: apic_write arch/x86/include/asm/apic.h:389 [inline] lapic_next_event+0x4d/0x80 arch/x86/kernel/apic/apic.c:460 clockevents_program_event+0x234/0x350 kernel/time/clockevents.c:344 tick_program_event+0xac/0x140 kernel/time/tick-oneshot.c:48 hrtimer_interrupt+0x40a/0x9e0 kernel/time/hrtimer.c:1598 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1071 [inline] smp_apic_timer_interrupt+0x10c/0x550 arch/x86/kernel/apic/apic.c:1096 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894 RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline] RIP: 0010:lock_release+0x429/0x8b0 kernel/locking/lockdep.c:3930 Code: 84 08 00 00 00 00 00 00 48 c1 e8 03 80 3c 10 00 0f 85 95 03 00 00 48 83 3d 7b 34 a6 08 00 0f 84 cc 01 00 00 48 8b 3c 24 57 9d <0f> 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 49 c7 04 04 00 00 00 RSP: 0018:ffff8880ba007c18 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 RAX: 1ffffffff13e3051 RBX: ffff88809adda000 RCX: 1ffff110135bb516 RDX: dffffc0000000000 RSI: 0000000000000002 RDI: 0000000000000286 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff11017400f86 R13: 6ef1e41ac93df87f R14: ffff88809adda000 R15: 0000000000000002 rcu_lock_release include/linux/rcupdate.h:247 [inline] rcu_read_unlock include/linux/rcupdate.h:681 [inline] sta_info_get_bss+0x1b1/0x340 net/mac80211/sta_info.c:203 __ieee80211_rx_handle_packet net/mac80211/rx.c:4542 [inline] ieee80211_rx_napi+0x106d/0x2470 net/mac80211/rx.c:4672 ieee80211_rx include/net/mac80211.h:4109 [inline] ieee80211_tasklet_handler+0x101/0x160 net/mac80211/main.c:229 tasklet_action_common.constprop.0+0x265/0x360 kernel/softirq.c:522 __do_softirq+0x265/0x980 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:372 [inline] irq_exit+0x215/0x260 kernel/softirq.c:412 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1098 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894 RIP: 0010:___bpf_prog_run+0x31aa/0x4e80 kernel/bpf/core.c:1104 Code: 85 f9 13 00 00 41 0f b6 46 01 89 c2 83 e0 0f 4c 8d 7c c5 00 c0 ea 04 0f b6 d2 48 8d 54 d5 00 48 89 d0 48 c1 e8 03 80 3c 18 00 <0f> 85 db 08 00 00 48 8b 02 4c 89 fa 48 c1 ea 03 80 3c 1a 00 0f 85 RSP: 0018:ffff88809ade7a30 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13 RAX: 1ffff110135bcf61 RBX: dffffc0000000000 RCX: 1ffff110135bcf67 RDX: ffff88809ade7b08 RSI: ffffffff816c6804 RDI: ffffc90001ad8049 RBP: ffff88809ade7b00 R08: 0000000000000000 R09: 000000007fff0000 R10: 0000000000000004 R11: 0000000000000000 R12: ffffffff886fb460 R13: ffffed10135bcf62 R14: ffffc90001ad8048 R15: ffff88809ade7b30