------------[ cut here ]------------
WARNING: CPU: 0 PID: 3330 at mm/kfence/core.c:1143 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
Modules linked in:
CPU: 0 PID: 3330 Comm: udevd Not tainted 6.8.0-rc3-syzkaller-00010-g6d280f4d760e #0
Hardware name: linux,dummy-virt (DT)
pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
lr : kfence_free include/linux/kfence.h:187 [inline]
lr : slab_free_hook mm/slub.c:2100 [inline]
lr : slab_free mm/slub.c:4299 [inline]
lr : kfree+0x188/0x278 mm/slub.c:4409
sp : ffff800080003e30
x29: ffff800080003e30 x28: ffff800080132768 x27: 000000000000000a
x26: ffff00007f9bf278 x25: ffff80008261c040 x24: f7ff000002c03f00
x23: 57ee800081766328 x22: 0000000000000000 x21: ffff800081766328
x20: ffff00007ffaf000 x19: fffffc0001ffebc0 x18: 0000000000000000
x17: ffff7ffffd4cd000 x16: ffff800080000000 x15: 0000000000000000
x14: 0000000000000365 x13: 0000000000000365 x12: 0000000000000001
x11: 0000000000000004 x10: 0000000000000002 x9 : 0000000000000010
x8 : ffff800080003e40 x7 : 00000000000001d8 x6 : 0000000000000018
x5 : f1ff000028386200 x4 : ffff00007f868000 x3 : ffff8000825102b8
x2 : fbff0000062d5e80 x1 : ffff00007f8a5bd0 x0 : ffff00007ffaf000
Call trace:
 __kfence_free+0x7c/0xb4 mm/kfence/core.c:1143
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2100 [inline]
 slab_free mm/slub.c:4299 [inline]
 kfree+0x188/0x278 mm/slub.c:4409
 in6_dev_finish_destroy_rcu+0x34/0x44 net/ipv6/addrconf_core.c:257
 rcu_do_batch kernel/rcu/tree.c:2190 [inline]
 rcu_core+0x258/0x654 kernel/rcu/tree.c:2465
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2482
 __do_softirq+0x10c/0x26c kernel/softirq.c:553
 ____do_softirq+0x10/0x1c arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:889
 do_softirq_own_stack+0x1c/0x28 arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:434 [inline]
 __irq_exit_rcu kernel/softirq.c:632 [inline]
 irq_exit_rcu+0xc0/0xdc kernel/softirq.c:644
 __el1_irq arch/arm64/kernel/entry-common.c:503 [inline]
 el1_interrupt+0x38/0x64 arch/arm64/kernel/entry-common.c:517
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:522
 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:594
 local_daif_restore arch/arm64/include/asm/daifflags.h:117 [inline]
 el0_svc+0x2c/0xd8 arch/arm64/kernel/entry-common.c:677
 el0t_64_sync_handler+0x100/0x12c arch/arm64/kernel/entry-common.c:696
 el0t_64_sync+0x19c/0x1a0 arch/arm64/kernel/entry.S:598
---[ end trace 0000000000000000 ]---