------------[ cut here ]------------
WARNING: CPU: 0 PID: 3305 at mm/kfence/core.c:1143 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
Modules linked in:
CPU: 0 PID: 3305 Comm: syz-executor.1 Not tainted 6.8.0-rc4-syzkaller-00034-g8d3dea210042 #0
Hardware name: linux,dummy-virt (DT)
pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
lr : kfence_free include/linux/kfence.h:187 [inline]
lr : slab_free_hook mm/slub.c:2100 [inline]
lr : slab_free mm/slub.c:4299 [inline]
lr : kfree+0x188/0x278 mm/slub.c:4409
sp : ffff800082df3c40
x29: ffff800082df3c40 x28: faff0000074bda00 x27: 0000000000000000
x26: 0000000000000000 x25: 0000000000000000 x24: f5ff000002c03900
x23: 49b2800080246b3c x22: 0000000000000000 x21: ffff800080246b3c
x20: ffff00007feb9000 x19: fffffc0001ffae40 x18: ffff800082df3c38
x17: ffff8000800a2808 x16: ffff8000804a21f4 x15: ffff8000800a3104
x14: ffff8000800a3090 x13: ffff8000800a2818 x12: ffff800080333994
x11: ffff800080011558 x10: ffff800081908ed4 x9 : ffff800081908a64
x8 : ffff800082df3c50 x7 : 0000000000000000 x6 : ffff800080026d20
x5 : 000000008010000e x4 : ffff00007f868000 x3 : ffff8000825102b8
x2 : f3ff000003643340 x1 : ffff00007f882e78 x0 : ffff00007feb9000
Call trace:
 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2100 [inline]
 slab_free mm/slub.c:4299 [inline]
 kfree+0x188/0x278 mm/slub.c:4409
 kvfree+0x3c/0x4c mm/util.c:663
 __free_fdtable fs/file.c:37 [inline]
 put_files_struct+0xd8/0x130 fs/file.c:451
 exit_files+0x40/0x54 fs/file.c:464
 do_exit+0x2b4/0x964 kernel/exit.c:866
 do_group_exit+0x34/0x90 kernel/exit.c:1020
 __do_sys_exit_group kernel/exit.c:1031 [inline]
 __se_sys_exit_group kernel/exit.c:1029 [inline]
 pid_child_should_wake+0x0/0x5c kernel/exit.c:1029
 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:51
 el0_svc_common.constprop.0+0x40/0xe0 arch/arm64/kernel/syscall.c:136
 do_el0_svc+0x1c/0x28 arch/arm64/kernel/syscall.c:155
 el0_svc+0x34/0xd8 arch/arm64/kernel/entry-common.c:678
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598
---[ end trace 0000000000000000 ]---