------------[ cut here ]------------
kernel BUG at arch/x86/mm/physaddr.c:28!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 0 UID: 0 PID: 5461 Comm: syz-executor202 Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:__phys_addr+0x15a/0x170 arch/x86/mm/physaddr.c:28
Code: ac b8 00 e9 3d ff ff ff e8 a3 14 52 00 48 c7 c7 60 b9 7a 8e 4c 89 f6 4c 89 fa e8 f1 b6 b3 03 e9 45 ff ff ff e8 87 14 52 00 90 <0f> 0b e8 7f 14 52 00 90 0f 0b e8 77 14 52 00 90 0f 0b 0f 1f 40 00
RSP: 0018:ffffc9000d527908 EFLAGS: 00010293
RAX: ffffffff816d4999 RBX: 0000000080000001 RCX: ffff8880005f0000
RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000778000000001
RBP: 0000000000000000 R08: ffffffff816d488b R09: 1ffffffff285f30e
R10: dffffc0000000000 R11: fffffbfff285f30f R12: 0000000000000001
R13: ffffea0000000000 R14: 0000778000000001 R15: 0000000000000000
FS:  0000555587cc9380(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f84df0f0622 CR3: 00000000357f8000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 virt_to_folio include/linux/mm.h:1295 [inline]
 virt_to_slab mm/slab.h:211 [inline]
 qlink_to_cache mm/kasan/quarantine.c:131 [inline]
 qlist_free_all+0x3d/0x140 mm/kasan/quarantine.c:176
 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x23/0x80 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4115 [inline]
 slab_alloc_node mm/slub.c:4164 [inline]
 __do_kmalloc_node mm/slub.c:4293 [inline]
 __kmalloc_noprof+0x236/0x4c0 mm/slub.c:4306
 kmalloc_noprof include/linux/slab.h:905 [inline]
 kzalloc_noprof include/linux/slab.h:1037 [inline]
 tomoyo_encode2 security/tomoyo/realpath.c:45 [inline]
 tomoyo_encode+0x26f/0x540 security/tomoyo/realpath.c:80
 tomoyo_path_perm+0x3ce/0x740 security/tomoyo/file.c:831
 tomoyo_path_symlink+0xde/0x120 security/tomoyo/tomoyo.c:212
 security_path_symlink+0x16f/0x370 security/security.c:1984
 do_symlinkat+0x136/0x3a0 fs/namei.c:4695
 __do_sys_symlink fs/namei.c:4718 [inline]
 __se_sys_symlink fs/namei.c:4716 [inline]
 __x64_sys_symlink+0x7a/0x90 fs/namei.c:4716
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f84df090737
Code: 7b 00 00 00 48 8d 35 b0 f9 04 00 48 8d 3d d1 f9 04 00 e8 cc 61 fc ff e8 37 27 00 00 0f 1f 80 00 00 00 00 b8 58 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd5585c1e8 EFLAGS: 00000206 ORIG_RAX: 0000000000000058
RAX: ffffffffffffffda RBX: 00007ffd5585c280 RCX: 00007f84df090737
RDX: 0000000000000000 RSI: 00007f84df0d50be RDI: 00007ffd5585c280
RBP: 0000000000000000 R08: 0000000000000017 R09: 00007ffd5585bf37
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 0000000000000010 R14: 0000200000000000 R15: 431bde82d7b634db
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__phys_addr+0x15a/0x170 arch/x86/mm/physaddr.c:28
Code: ac b8 00 e9 3d ff ff ff e8 a3 14 52 00 48 c7 c7 60 b9 7a 8e 4c 89 f6 4c 89 fa e8 f1 b6 b3 03 e9 45 ff ff ff e8 87 14 52 00 90 <0f> 0b e8 7f 14 52 00 90 0f 0b e8 77 14 52 00 90 0f 0b 0f 1f 40 00
RSP: 0018:ffffc9000d527908 EFLAGS: 00010293
RAX: ffffffff816d4999 RBX: 0000000080000001 RCX: ffff8880005f0000
RDX: 0000000000000000 RSI: 0000000080000001 RDI: 0000778000000001
RBP: 0000000000000000 R08: ffffffff816d488b R09: 1ffffffff285f30e
R10: dffffc0000000000 R11: fffffbfff285f30f R12: 0000000000000001
R13: ffffea0000000000 R14: 0000778000000001 R15: 0000000000000000
FS:  0000555587cc9380(0000) GS:ffff88801fc00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd5585c0e8 CR3: 00000000357f8000 CR4: 0000000000352ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400