------------[ cut here ]------------
WARNING: CPU: 0 PID: 3360 at mm/kfence/core.c:1143 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
Modules linked in:
CPU: 0 PID: 3360 Comm: syz-executor.0 Not tainted 6.8.0-rc6-syzkaller-00120-g87adedeba51a #0
Hardware name: linux,dummy-virt (DT)
pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
lr : kfence_free include/linux/kfence.h:187 [inline]
lr : slab_free_hook mm/slub.c:2100 [inline]
lr : slab_free mm/slub.c:4299 [inline]
lr : kfree+0x188/0x278 mm/slub.c:4409
sp : ffff8000837cbae0
x29: ffff8000837cbae0 x28: 0000000000000001 x27: fbff0000072499c0
x26: 0000000000000000 x25: 000000000000000d x24: fbff000002c03700
x23: 609f8000804a25b4 x22: 0000000000000000 x21: ffff8000804a25b4
x20: ffff00007ff3ffe0 x19: fffffc0001ffcfc0 x18: ffff8000837cbad8
x17: 0000000000000000 x16: 1effe00000b25ea1 x15: 0000000000000001
x14: 0000ffff9ed50000 x13: 0000000000000000 x12: ffff800081db0d48
x11: 0000000000000001 x10: f7ff00000592f50c x9 : 0000000000000009
x8 : 0000000000000080 x7 : fbff00000347067c x6 : 0000000000000008
x5 : fbff000007249200 x4 : ffff00007f868000 x3 : ffff8000825102b8
x2 : f4ff000024207680 x1 : ffff00007f895e10 x0 : ffff00007ff3ffe0
Call trace:
 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2100 [inline]
 slab_free mm/slub.c:4299 [inline]
 kfree+0x188/0x278 mm/slub.c:4409
 exit_sem+0x444/0x680 ipc/sem.c:2445
 do_exit+0x690/0x964 kernel/exit.c:864
 do_group_exit+0x34/0x90 kernel/exit.c:1020
 get_signal+0x884/0x894 kernel/signal.c:2893
 do_signal arch/arm64/kernel/signal.c:1249 [inline]
 do_notify_resume+0x10c/0x1474 arch/arm64/kernel/signal.c:1302
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:137 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:144 [inline]
 el0_svc+0xd4/0xd8 arch/arm64/kernel/entry-common.c:679
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598
---[ end trace 0000000000000000 ]---