syzbot

NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 6 already freed
------------[ cut here ]------------
kernel BUG at fs/inode.c:599!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 3511 Comm: syz-executor Not tainted 5.15.162-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
RIP: 0010:evict+0x615/0x620 fs/inode.c:599
Code: fe c1 38 c1 0f 8c de fc ff ff 4c 89 ff e8 d3 ff ec ff e9 d1 fc ff ff e8 f9 30 a3 ff 0f 0b e8 f2 30 a3 ff 0f 0b e8 eb 30 a3 ff <0f> 0b e8 e4 30 a3 ff 0f 0b 66 90 41 56 53 49 89 fe e8 d5 30 a3 ff
RSP: 0018:ffffc90002e77ae8 EFLAGS: 00010293
RAX: ffffffff81dd2a75 RBX: 0000000000000064 RCX: ffff8880163f8000
RDX: 0000000000000000 RSI: 0000000000000064 RDI: 0000000000000060
RBP: ffff8880639381e0 R08: ffffffff81dd2906 R09: 0000000000000003
R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff888063938180
R13: ffff8880639381e0 R14: dffffc0000000000 R15: ffff888063938158
FS:  00005555560ca500(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2f017ff8 CR3: 0000000067acb000 CR4: 00000000003526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 nilfs_put_root+0x93/0xb0 fs/nilfs2/the_nilfs.c:911
 nilfs_segctor_destroy fs/nilfs2/segment.c:2830 [inline]
 nilfs_detach_log_writer+0x8c7/0xbe0 fs/nilfs2/segment.c:2892
 nilfs_put_super+0x49/0x150 fs/nilfs2/super.c:498
 generic_shutdown_super+0x136/0x2c0 fs/super.c:475
 kill_block_super+0x7a/0xe0 fs/super.c:1414
 deactivate_locked_super+0xa0/0x110 fs/super.c:335
 cleanup_mnt+0x44e/0x500 fs/namespace.c:1143
 task_work_run+0x129/0x1a0 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop+0x106/0x130 kernel/entry/common.c:181
 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x5d/0x240 kernel/entry/common.c:307
 do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f81ab784d47
Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffed7e6c548 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007f81ab7f1515 RCX: 00007f81ab784d47
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffed7e6c600
RBP: 00007ffed7e6c600 R08: 0000000000000000 R09: 0000000000000000
R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffed7e6d6c0
R13: 00007f81ab7f1515 R14: 000000000000cb1e R15: 000000000000c782
 </TASK>
Modules linked in:
---[ end trace 15e9cf76dde5a3b2 ]---
RIP: 0010:evict+0x615/0x620 fs/inode.c:599
Code: fe c1 38 c1 0f 8c de fc ff ff 4c 89 ff e8 d3 ff ec ff e9 d1 fc ff ff e8 f9 30 a3 ff 0f 0b e8 f2 30 a3 ff 0f 0b e8 eb 30 a3 ff <0f> 0b e8 e4 30 a3 ff 0f 0b 66 90 41 56 53 49 89 fe e8 d5 30 a3 ff
RSP: 0018:ffffc90002e77ae8 EFLAGS: 00010293
RAX: ffffffff81dd2a75 RBX: 0000000000000064 RCX: ffff8880163f8000
RDX: 0000000000000000 RSI: 0000000000000064 RDI: 0000000000000060
RBP: ffff8880639381e0 R08: ffffffff81dd2906 R09: 0000000000000003
R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff888063938180
R13: ffff8880639381e0 R14: dffffc0000000000 R15: ffff888063938158
FS:  00005555560ca500(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2f017ff8 CR3: 0000000067acb000 CR4: 00000000003526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400