------------[ cut here ]------------
kernel BUG at arch/x86/mm/physaddr.c:28!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
CPU: 0 UID: 0 PID: 6478 Comm: udevd Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
RIP: 0010:__phys_addr+0x15a/0x170 arch/x86/mm/physaddr.c:28
Code: c0 b7 00 e9 3d ff ff ff e8 13 0b 53 00 48 c7 c7 e0 bb 9a 8e 4c 89 f6 4c 89 fa e8 31 58 b7 03 e9 45 ff ff ff e8 f7 0a 53 00 90 <0f> 0b e8 ef 0a 53 00 90 0f 0b e8 e7 0a 53 00 90 0f 0b 0f 1f 40 00
RSP: 0018:ffffc90003f0fa30 EFLAGS: 00010293
RAX: ffffffff816eace9 RBX: 0000000080000180 RCX: ffff88801e369e00
RDX: 0000000000000000 RSI: 0000000080000180 RDI: 0000778000000180
RBP: 0000000000000000 R08: ffffffff816eabdb R09: 1ffffffff28a1d0e
R10: dffffc0000000000 R11: fffffbfff28a1d0f R12: 0000000000000180
R13: ffffea0000000000 R14: 0000778000000180 R15: 0000000000000000
FS:  00007f5ac68c5c80(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd3d78dc88 CR3: 0000000056860000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 virt_to_folio include/linux/mm.h:1295 [inline]
 virt_to_slab mm/slab.h:211 [inline]
 qlink_to_cache mm/kasan/quarantine.c:131 [inline]
 qlist_free_all+0x3d/0x140 mm/kasan/quarantine.c:176
 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x23/0x80 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4115 [inline]
 slab_alloc_node mm/slub.c:4164 [inline]
 __do_kmalloc_node mm/slub.c:4293 [inline]
 __kmalloc_noprof+0x236/0x4c0 mm/slub.c:4306
 kmalloc_noprof include/linux/slab.h:905 [inline]
 tomoyo_realpath_from_path+0xcf/0x5e0 security/tomoyo/realpath.c:251
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_number_perm+0x239/0x770 security/tomoyo/file.c:723
 security_file_ioctl+0xc6/0x2a0 security/security.c:2913
 __do_sys_ioctl fs/ioctl.c:900 [inline]
 __se_sys_ioctl+0x46/0x170 fs/ioctl.c:892
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5ac699fd49
Code: 5c c3 48 8d 44 24 08 48 89 54 24 e0 48 89 44 24 c0 48 8d 44 24 d0 48 89 44 24 c8 b8 10 00 00 00 c7 44 24 b8 10 00 00 00 0f 05 <41> 89 c0 3d 00 f0 ff ff 76 10 48 8b 15 ae 60 0d 00 f7 d8 41 83 c8
RSP: 002b:00007ffcdf573198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000055f4c96c2420 RCX: 00007f5ac699fd49
RDX: 000055f4c96c2448 RSI: 0000000000001268 RDI: 0000000000000009
RBP: 000055f4c96c2420 R08: 000055f4c96cd320 R09: 00007f5ac6b21260
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f5ac6b21240 R14: 00007f5ac6b25430 R15: 0000000000000002
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__phys_addr+0x15a/0x170 arch/x86/mm/physaddr.c:28
Code: c0 b7 00 e9 3d ff ff ff e8 13 0b 53 00 48 c7 c7 e0 bb 9a 8e 4c 89 f6 4c 89 fa e8 31 58 b7 03 e9 45 ff ff ff e8 f7 0a 53 00 90 <0f> 0b e8 ef 0a 53 00 90 0f 0b e8 e7 0a 53 00 90 0f 0b 0f 1f 40 00
RSP: 0018:ffffc90003f0fa30 EFLAGS: 00010293

RAX: ffffffff816eace9 RBX: 0000000080000180 RCX: ffff88801e369e00
RDX: 0000000000000000 RSI: 0000000080000180 RDI: 0000778000000180
RBP: 0000000000000000 R08: ffffffff816eabdb R09: 1ffffffff28a1d0e
R10: dffffc0000000000 R11: fffffbfff28a1d0f R12: 0000000000000180
R13: ffffea0000000000 R14: 0000778000000180 R15: 0000000000000000
FS:  00007f5ac68c5c80(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005597901f00f8 CR3: 0000000056860000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400