------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 1 PID: 4144 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8650>]    lr : [<807e6a44>]    psr: 80000113
sp : dffddb78  ip : dffddbb0  fp : dffddb94
r10: 00000000  r9 : ffedc004  r8 : ff7fbf1c
r7 : 0000003d  r6 : dffddb98  r5 : 82cc1668  r4 : ffedc004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : dffddb98
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 84fcda40  DAC: 00000000
Register r0 information: 2-page vmalloc region starting at 0xdffdc000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 82cc1668 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdffdc000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdffdc000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdffdc000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.0 (pid: 4144, stack limit = 0xdffdc000)
Stack: (0xdffddb78 to 0xdffde000)
db60:                                                       ff7fbefc 82cc1668
db80: dedb3690 82c92f80 dffddbf4 dffddb98 804c3ddc 807e85c0 00000002 00000000
dba0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dbc0: 00000000 00000000 00000001 dd608c97 82cc1668 00000001 dedb3690 843f6444
dbe0: 843f6440 843f6440 dffddc1c dffddbf8 804c6a20 804c3d2c dedb3690 00000001
dc00: dffddc8c 00000000 8369a400 84586d00 dffddc6c dffddc20 804bbbfc 804c68d0
dc20: 804bd120 802e27a0 00010070 00000000 00100cca 00000000 00000000 dd608c97
dc40: 00000000 00000001 00100cca 00000000 00000000 dffddc8b 00000007 00000000
dc60: dffddce4 dffddc70 804bd61c 804bbb60 dffddc8b 00000000 00000000 dedb3690
dc80: 00000001 00000001 01fcd000 00000000 00000000 00000000 00000000 00000000
dca0: 00000001 00000000 dffddca8 dffddca8 818753b0 dd608c97 00000406 00000001
dcc0: 00000000 00000001 843ef000 00100cca 00000000 dffdddf8 dffddd5c dffddce8
dce0: 804bd970 804bd464 00000000 dd608c97 00000001 dffdddf8 00000000 00000000
dd00: dffddd34 dffddd10 8042e9b8 8042e80c dffdddf8 8260cac8 843ef000 20000000
dd20: 84586d00 00000000 dffddd5c dd608c97 804bcdf0 dffdddf8 00000000 00000001
dd40: 843ef000 84586d00 00000000 00000000 dffdddbc dffddd60 8047f370 804bd914
dd60: 80494464 80479d24 dffdde2c 8369a400 00000000 00000000 20000000 84261200
dd80: dffdddbc dffddd90 84586d00 804943ec fe5f4003 00000215 8369a400 20000000
dda0: 843ef000 20000000 84261200 00000000 dffdde6c dffdddc0 80480c54 8047f17c
ddc0: 84261240 ffffffff dffdde30 200000c0 81c66394 8407df0c 84261240 20000000
dde0: 20ffffff 8407df0c 00000000 ffffffff dffdddf8 dffddef0 843ef000 00000cc0
de00: 00020000 20000000 20000000 00000a15 84fcb800 84fcda40 00000180 00000000
de20: 00000000 00000000 00000000 defbe664 00000000 00000000 dffdde6c dd608c97
de40: 80480310 dffddef0 200000c0 00000215 00000a07 20000000 84261200 00000002
de60: dffddeb4 dffdde70 80215d94 80480888 8020d1c0 8020c164 20000013 00000000
de80: 8051d420 8369a400 dffddef8 8261d0e0 00000a07 200000c0 dffddef0 80215c4c
dea0: 8369a400 8369a400 dffddeec dffddeb8 802161dc 80215c58 82f6343c ffffffff
dec0: 000f4240 82fe8940 00000003 8184b328 80000013 ffffffff dffddf24 00000000
dee0: dffddf94 dffddef0 80200ae4 802161b0 200000c0 7effffff 00000003 00000004
df00: 00000002 00000003 0014c2cc 200000c0 00000000 00000000 8369a400 dffddf94
df20: a10000c3 dffddf40 8137c280 8184b328 80000013 ffffffff 8137c264 8051d594
df40: 8024c880 8027b094 40000000 00000001 00000000 00000004 8020316c 00000000
df60: 00000000 dd608c97 0006b3f0 00000000 00000000 0014c2cc 00000120 80200288
df80: 8369a400 00000120 dffddfa4 dffddf98 8137c478 8137c204 00000000 dffddfa8
dfa0: 80200060 8137c474 00000000 00000000 00000001 00000002 00000000 200000c0
dfc0: 00000000 00000000 0014c2cc 00000120 7e80032e 7e80032f 003d0f00 76b8f0fc
dfe0: 76b8ef08 76b8eef8 000167f8 00050bc0 60000010 00000001 00000000 00000000
Call trace: 
[<807e85b4>] (sg_init_one) from [<804c3ddc>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:82c92f80 r6:dedb3690 r5:82cc1668 r4:ff7fbefc
[<804c3d20>] (zswap_decompress) from [<804c6a20>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:843f6440 r8:843f6440 r7:843f6444 r6:dedb3690 r5:00000001 r4:82cc1668
[<804c68c4>] (zswap_load) from [<804bbbfc>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:84586d00 r8:8369a400 r7:00000000 r6:dffddc8c r5:00000001 r4:dedb3690
[<804bbb54>] (swap_read_folio) from [<804bd61c>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:dffddc8b r7:00000000 r6:00000000 r5:00100cca
 r4:00000001
[<804bd458>] (swap_cluster_readahead) from [<804bd970>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:dffdddf8 r9:00000000 r8:00100cca r7:843ef000 r6:00000001 r5:00000000
 r4:00000001
[<804bd908>] (swapin_readahead) from [<8047f370>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:84586d00 r7:843ef000 r6:00000001 r5:00000000
 r4:dffdddf8
[<8047f170>] (do_swap_page) from [<80480c54>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f170>] (do_swap_page) from [<80480c54>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f170>] (do_swap_page) from [<80480c54>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:84261200 r8:20000000 r7:843ef000 r6:20000000 r5:8369a400
 r4:00000215
[<8048087c>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000002 r9:84261200 r8:20000000 r7:00000a07 r6:00000215 r5:200000c0
 r4:dffddef0
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:8369a400 r9:8369a400 r8:80215c4c r7:dffddef0 r6:200000c0 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xdffddef0 to 0xdffddf38)
dee0:                                     200000c0 7effffff 00000003 00000004
df00: 00000002 00000003 0014c2cc 200000c0 00000000 00000000 8369a400 dffddf94
df20: a10000c3 dffddf40 8137c280 8184b328 80000013 ffffffff
 r8:00000000 r7:dffddf24 r6:ffffffff r5:80000013 r4:8184b328
[<8137c1f8>] (__sys_socketpair) from [<8137c478>] (__do_sys_socketpair net/socket.c:1822 [inline])
[<8137c1f8>] (__sys_socketpair) from [<8137c478>] (sys_socketpair+0x10/0x14 net/socket.c:1819)
 r10:00000120 r9:8369a400 r8:80200288 r7:00000120 r6:0014c2cc r5:00000000
 r4:00000000
[<8137c468>] (sys_socketpair) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xdffddfa8 to 0xdffddff0)
dfa0:                   00000000 00000000 00000001 00000002 00000000 200000c0
dfc0: 00000000 00000000 0014c2cc 00000120 7e80032e 7e80032f 003d0f00 76b8f0fc
dfe0: 76b8ef08 76b8eef8 000167f8 00050bc0
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction