rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P18356/1:b..l P154/3:b..l P18333/1:b..l P18334/1:b..l
rcu: 	(detected by 1, t=10502 jiffies, g=70593, q=4124 ncpus=2)
task:syz.3.5284      state:R  running task     stack:24480 pid:18334 tgid:18332 ppid:5834   task_flags:0x400040 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6908
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7235
 irqentry_exit+0x17b/0x670 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:lock_acquire+0x5e/0x380 kernel/locking/lockdep.c:5872
Code: 05 7b d2 28 12 83 f8 07 0f 87 f0 00 00 00 48 0f a3 05 46 4f f5 0e 0f 82 c2 02 00 00 8b 35 0e 83 f5 0e 85 f6 0f 85 dd 00 00 00 <48> 8b 44 24 30 65 48 2b 05 1d d2 28 12 0f 85 02 03 00 00 48 83 c4
RSP: 0018:ffffc900198af468 EFLAGS: 00000206
RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8de57649 RDI: ffffffff8c1af920
RBP: ffffffff8e7e7420 R08: 0000000086db7919 R09: 0000000000000007
R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 rcu_read_lock include/linux/rcupdate.h:850 [inline]
 lruvec_stat_mod_folio+0x90/0x390 mm/memcontrol.c:797
 collapse_file+0x351b/0x3cc0 mm/khugepaged.c:2232
 hpage_collapse_scan_file+0x603/0x1fc0 mm/khugepaged.c:2380
 madvise_collapse+0x412/0xbe0 mm/khugepaged.c:2809
 madvise_vma_behavior+0x1987/0x3050 mm/madvise.c:1370
 madvise_walk_vmas+0x2fe/0xa90 mm/madvise.c:1719
 madvise_do_behavior+0x1ea/0x510 mm/madvise.c:1935
 do_madvise+0x195/0x240 mm/madvise.c:2028
 __do_sys_madvise mm/madvise.c:2037 [inline]
 __se_sys_madvise mm/madvise.c:2035 [inline]
 __x64_sys_madvise+0xa9/0x110 mm/madvise.c:2035
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1790f9c799
RSP: 002b:00007f1791f22028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
RAX: ffffffffffffffda RBX: 00007f1791216090 RCX: 00007f1790f9c799
RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000
RBP: 00007f1791032bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1791216128 R14: 00007f1791216090 R15: 00007ffe9376ee18
 </TASK>
task:syz.3.5284      state:R  running task     stack:26024 pid:18333 tgid:18332 ppid:5834   task_flags:0x400140 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6908
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7235
 irqentry_exit+0x17b/0x670 kernel/entry/common.c:239
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__sanitizer_cov_trace_pc+0xb/0x70 kernel/kcov.c:213
Code: 5f 00 be 03 00 00 00 5b e9 e2 91 eb 02 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 8b 05 e5 19 05 12 <48> 8b 34 24 65 48 8b 15 c1 19 05 12 a9 00 01 ff 00 74 1b f6 c4 01
RSP: 0018:ffffc9000605f980 EFLAGS: 00000246
RAX: 0000000080000000 RBX: ffff888079775c1e RCX: ffffffff8b84dad3
RDX: 0000000000000002 RSI: 0000000000000002 RDI: ffff8880223fdb80
RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000002
R10: 0000000000000002 R11: 0000000000000000 R12: dffffc0000000000
R13: 0000000000000300 R14: 00000000009b5000 R15: 0000000000000000
 xa_is_node include/linux/xarray.h:1270 [inline]
 mas_start lib/maple_tree.c:1202 [inline]
 mtree_load+0x381/0xa40 lib/maple_tree.c:5890
 vma_lookup include/linux/mm.h:3964 [inline]
 __get_user_pages+0x7d4/0x34d0 mm/gup.c:1385
 __get_user_pages_locked mm/gup.c:1752 [inline]
 faultin_page_range+0x425/0x9e0 mm/gup.c:1912
 madvise_populate mm/madvise.c:974 [inline]
 madvise_do_behavior+0x354/0x510 mm/madvise.c:1933
 do_madvise+0x195/0x240 mm/madvise.c:2028
 __do_sys_madvise mm/madvise.c:2037 [inline]
 __se_sys_madvise mm/madvise.c:2035 [inline]
 __x64_sys_madvise+0xa9/0x110 mm/madvise.c:2035
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1790f9c799
RSP: 002b:00007f1791f43028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
RAX: ffffffffffffffda RBX: 00007f1791215fa0 RCX: 00007f1790f9c799
RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000
RBP: 00007f1791032bd9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f1791216038 R14: 00007f1791215fa0 R15: 00007ffe9376ee18
 </TASK>
task:kworker/u8:6    state:R  running task     stack:23400 pid:154   tgid:154   ppid:2      task_flags:0x4208160 flags:0x00080000
Workqueue: krds_cp_wq#4/0 rds_connect_worker
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6908
 preempt_schedule_common+0x42/0xc0 kernel/sched/core.c:7092
 preempt_schedule_thunk+0x16/0x30 arch/x86/entry/thunk.S:12
 __local_bh_enable_ip+0xff/0x120 kernel/softirq.c:457
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 ipt_do_table+0xd5c/0x1b00 net/ipv4/netfilter/ip_tables.c:357
 iptable_mangle_hook+0x69/0x4b0 net/ipv4/netfilter/iptable_mangle.c:80
 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline]
 nf_hook_slow+0xbf/0x220 net/netfilter/core.c:623
 nf_hook include/linux/netfilter.h:273 [inline]
 NF_HOOK_COND include/linux/netfilter.h:306 [inline]
 ip_output+0x703/0xc10 net/ipv4/ip_output.c:438
 dst_output include/net/dst.h:470 [inline]
 ip_local_out+0x193/0x1f0 net/ipv4/ip_output.c:131
 __ip_queue_xmit+0x885/0x1e90 net/ipv4/ip_output.c:534
 __tcp_transmit_skb+0x3347/0x4b50 net/ipv4/tcp_output.c:1693
 __tcp_send_ack.part.0+0x4c5/0x930 net/ipv4/tcp_output.c:4503
 __tcp_send_ack+0x69/0x80 net/ipv4/tcp_output.c:4469
 tcp_send_ack_reflect_ect net/ipv4/tcp_input.c:4038 [inline]
 tcp_rcv_synsent_state_process net/ipv4/tcp_input.c:7021 [inline]
 tcp_rcv_state_process+0x577e/0x6f70 net/ipv4/tcp_input.c:7215
 tcp_v4_do_rcv+0x68d/0x10d0 net/ipv4/tcp_ipv4.c:1907
 sk_backlog_rcv include/net/sock.h:1185 [inline]
 __release_sock+0x35a/0x440 net/core/sock.c:3213
 release_sock+0x5a/0x220 net/core/sock.c:3795
 inet_stream_connect+0x79/0xa0 net/ipv4/af_inet.c:751
 kernel_connect+0x107/0x160 net/socket.c:3634
 rds_tcp_conn_path_connect+0x72b/0xaa0 net/rds/tcp_connect.c:205
 rds_connect_worker+0x1b4/0x2d0 net/rds/threads.c:176
 process_one_work+0x9d7/0x1920 kernel/workqueue.c:3275
 process_scheduled_works kernel/workqueue.c:3358 [inline]
 worker_thread+0x5da/0xe40 kernel/workqueue.c:3439
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
task:syz.1.5293      state:R  running task     stack:27552 pid:18356 tgid:18355 ppid:5820   task_flags:0x400140 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5295 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6908
 preempt_schedule_notrace+0x5f/0xd0 kernel/sched/core.c:7185
 preempt_schedule_notrace_thunk+0x16/0x30 arch/x86/entry/thunk.S:13
 rcu_is_watching+0x8e/0xc0 kernel/rcu/tree.c:753
 rcu_read_lock include/linux/rcupdate.h:851 [inline]
 count_memcg_events_mm.constprop.0+0x11c/0x2a0 include/linux/memcontrol.h:983
 count_memcg_event_mm include/linux/memcontrol.h:993 [inline]
 mm_account_fault mm/memory.c:6489 [inline]
 handle_mm_fault+0x7ea/0xa20 mm/memory.c:6650
 faultin_page mm/gup.c:1126 [inline]
 __get_user_pages+0xf9c/0x34d0 mm/gup.c:1428
 populate_vma_page_range+0x267/0x3f0 mm/gup.c:1860
 __mm_populate+0x107/0x3a0 mm/gup.c:1963
 mm_populate include/linux/mm.h:3899 [inline]
 vm_mmap_pgoff+0x37f/0x470 mm/util.c:586
 ksys_mmap_pgoff+0xe1/0x650 mm/mmap.c:605
 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:89 [inline]
 __se_sys_mmap arch/x86/kernel/sys_x86_64.c:82 [inline]
 __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:82
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ffbaa99c799
RSP: 002b:00007ffbab8b3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007ffbaac15fa0 RCX: 00007ffbaa99c799
RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
RBP: 00007ffbaaa32bd9 R08: 0000000000000002 R09: 0000000000008000
R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffbaac16038 R14: 00007ffbaac15fa0 R15: 00007ffe2a929948
 </TASK>