------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 21947 Comm: syz-executor.1 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8650>]    lr : [<807e6a44>]    psr: 80000113
sp : dfc9dc38  ip : dfc9dc70  fp : dfc9dc54
r10: 00000000  r9 : ffefd004  r8 : ff7e7f1c
r7 : 00000044  r6 : dfc9dc58  r5 : 840ab898  r4 : ffefd004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : dfc9dc58
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 852f3480  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xdfc9c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 840ab898 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdfc9c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdfc9c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdfc9c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.1 (pid: 21947, stack limit = 0xdfc9c000)
Stack: (0xdfc9dc38 to 0xdfc9e000)
dc20:                                                       ff7e7efc 840ab898
dc40: dee0d1ec 841db7c0 dfc9dcb4 dfc9dc58 804c3ddc 807e85c0 00000002 00000000
dc60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dc80: 00000000 00000000 0000034c 24866897 840ab898 0000034c dee0d1ec 84620744
dca0: 84620740 84620740 dfc9dcdc dfc9dcb8 804c6a20 804c3d2c dee0d1ec 00000001
dcc0: dfc9dd4c 00000000 8410bc00 843f0300 dfc9dd2c dfc9dce0 804bbbfc 804c68d0
dce0: 804bd120 802e27a0 802033d4 00000000 00100cca 00000000 00000000 24866897
dd00: 8189aa28 0000034c 00100cca 00000000 00000000 dfc9dd4b 0000034f 00000000
dd20: dfc9dda4 dfc9dd30 804bd61c 804bbb60 dfc9dd4b 00000000 dfc9dd6c dee0d1ec
dd40: 0000034c 0000034c 01dd0280 00000000 00000000 00000000 00000000 00000000
dd60: 00000001 00000000 dfc9dd68 dfc9dd68 818753b0 24866897 00000406 00000001
dd80: 00000000 0000034c 84457900 00100cca 00000000 dfc9deb8 dfc9de1c dfc9dda8
dda0: 804bd970 804bd464 00000000 24866897 00000001 dfc9deb8 00000000 00000000
ddc0: dfc9ddf4 dfc9ddd0 8042e9b8 8042e80c dfc9deb8 8260cac8 84457900 20000000
dde0: 843f0300 00000000 dfc9de1c 24866897 804bcdf0 dfc9deb8 00000000 0000034c
de00: 84457900 843f0300 00000000 00000040 dfc9de7c dfc9de20 8047f370 804bd914
de20: 80494464 80479d24 dfc9deec 8410bc00 00000000 00000000 8410bc00 83e6a700
de40: dfc9de7c dfc9de50 843f0300 804943ec fe645003 00001255 8410bc00 20000540
de60: 84457900 8410bc00 83e6a700 00000040 dfc9df2c dfc9de80 80480c54 8047f17c
de80: dfc9dee0 dfc9dfb0 dfc9dea4 dfc9de98 8089c160 dfc9dee0 dfc9decc dfc9dea8
dea0: 8027caf4 802ac7ac 00000008 81c66394 dfc9deb8 dfc9dfb0 84457900 00000cc0
dec0: 00020000 20000000 20000540 00001a55 8505c800 852f3480 00034c80 00000000
dee0: 00000000 00000000 00000000 defbf1c8 00000000 00000000 20ffffff 24866897
df00: 00000000 dfc9dfb0 20000540 00000255 00000a07 8410bc00 83e6a700 00000002
df20: dfc9df74 dfc9df30 80215e14 80480888 81897c90 81897b5c dfc9df5c dfc9df48
df40: 8024c880 84457900 40000000 8261d0e0 00000a07 20000540 dfc9dfb0 80215c4c
df60: 0014c29c 7ec4e4dc dfc9dfac dfc9df78 802161dc 80215c58 dfc9dfac dfc9df88
df80: 8020ca6c 80203060 0006b3f4 0001d4ac 40000010 ffffffff 8410bc00 824a9044
dfa0: 00000000 dfc9dfb0 80200e3c 802161b0 00000000 00000000 200000c0 20000540
dfc0: 00000004 00000000 00000000 000001f4 fffffffe 0014c29c 7ec4e4dc 0021453d
dfe0: 01fcc590 7ec4e3a8 0001d150 0001d4ac 40000010 ffffffff 00000000 00000000
Call trace: 
[<807e85b4>] (sg_init_one) from [<804c3ddc>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:841db7c0 r6:dee0d1ec r5:840ab898 r4:ff7e7efc
[<804c3d20>] (zswap_decompress) from [<804c6a20>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:84620740 r8:84620740 r7:84620744 r6:dee0d1ec r5:0000034c r4:840ab898
[<804c68c4>] (zswap_load) from [<804bbbfc>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:843f0300 r8:8410bc00 r7:00000000 r6:dfc9dd4c r5:00000001 r4:dee0d1ec
[<804bbb54>] (swap_read_folio) from [<804bd61c>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:0000034f r8:dfc9dd4b r7:00000000 r6:00000000 r5:00100cca
 r4:0000034c
[<804bd458>] (swap_cluster_readahead) from [<804bd970>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:dfc9deb8 r9:00000000 r8:00100cca r7:84457900 r6:0000034c r5:00000000
 r4:00000001
[<804bd908>] (swapin_readahead) from [<8047f370>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000040 r9:00000000 r8:843f0300 r7:84457900 r6:0000034c r5:00000000
 r4:dfc9deb8
[<8047f170>] (do_swap_page) from [<80480c54>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f170>] (do_swap_page) from [<80480c54>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f170>] (do_swap_page) from [<80480c54>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000040 r9:83e6a700 r8:8410bc00 r7:84457900 r6:20000540 r5:8410bc00
 r4:00001255
[<8048087c>] (handle_mm_fault) from [<80215e14>] (do_page_fault+0x1c8/0x3a8 arch/arm/mm/fault.c:299)
 r10:00000002 r9:83e6a700 r8:8410bc00 r7:00000a07 r6:00000255 r5:20000540
 r4:dfc9dfb0
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:7ec4e4dc r9:0014c29c r8:80215c4c r7:dfc9dfb0 r6:20000540 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200e3c>] (__dabt_usr+0x5c/0x60 arch/arm/kernel/entry-armv.S:427)
Exception stack(0xdfc9dfb0 to 0xdfc9dff8)
dfa0:                                     00000000 00000000 200000c0 20000540
dfc0: 00000004 00000000 00000000 000001f4 fffffffe 0014c29c 7ec4e4dc 0021453d
dfe0: 01fcc590 7ec4e3a8 0001d150 0001d4ac 40000010 ffffffff
 r8:824a9044 r7:8410bc00 r6:ffffffff r5:40000010 r4:0001d4ac
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction