------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 22655 Comm: syz-executor.1 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8658>]    lr : [<807e6a4c>]    psr: 80000113
sp : dfeb9c38  ip : dfeb9c70  fp : dfeb9c54
r10: 00000000  r9 : ffefd004  r8 : ff7e7f1c
r7 : 00000042  r6 : dfeb9c58  r5 : 83f31cf8  r4 : ffefd004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : dfeb9c58
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 85785f80  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xdfeb8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 83f31cf8 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdfeb8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdfeb8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdfeb8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.1 (pid: 22655, stack limit = 0xdfeb8000)
Stack: (0xdfeb9c38 to 0xdfeba000)
9c20:                                                       ff7e7efc 83f31cf8
9c40: dece0184 82c92dc0 dfeb9cb4 dfeb9c58 804c3de4 807e85c8 00000002 00000000
9c60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9c80: 00000000 00000000 00000003 fe9ab3bc 83f31cf8 00000003 dece0184 8465e4c4
9ca0: 8465e4c0 8465e4c0 dfeb9cdc dfeb9cb8 804c6a28 804c3d34 dece0184 00000001
9cc0: dfeb9d4c 00000000 8525a400 845d4700 dfeb9d2c dfeb9ce0 804bbc04 804c68d8
9ce0: 804bd128 802e27a0 00000000 00000000 00100cca 00000000 00000000 fe9ab3bc
9d00: 00100cca 00000003 00100cca 00000000 00000000 dfeb9d4b 00000007 00000000
9d20: dfeb9da4 dfeb9d30 804bd624 804bbb68 dfeb9d4b 00000000 dfeb9d6c dece0184
9d40: 00000003 00000003 01dd0280 00000000 00000000 00000000 00000000 00000000
9d60: 00000001 00000000 dfeb9d68 dfeb9d68 818753b0 fe9ab3bc 00000406 00000001
9d80: 00000000 00000003 84e244e0 00100cca 00000000 dfeb9eb8 dfeb9e1c dfeb9da8
9da0: 804bd978 804bd46c 00000000 fe9ab3bc 00000001 dfeb9eb8 00000000 00000000
9dc0: dfeb9df4 dfeb9dd0 8042e9c0 8042e814 dfeb9eb8 8260cac8 84e244e0 20000000
9de0: 845d4700 00000000 dfeb9e1c fe9ab3bc 804bcdf8 dfeb9eb8 00000000 00000003
9e00: 84e244e0 845d4700 00000000 00000040 dfeb9e7c dfeb9e20 8047f378 804bd91c
9e20: 8049446c 80479d2c dfeb9eec 8525a400 00000000 00000000 8525a400 842d0300
9e40: dfeb9e7c dfeb9e50 845d4700 804943f4 fd8d1003 00001255 8525a400 20000140
9e60: 84e244e0 8525a400 842d0300 00000040 dfeb9f2c dfeb9e80 80480c5c 8047f184
9e80: dfeb9ee0 dfeb9fb0 dfeb9ea4 dfeb9e98 8089c168 dfeb9ee0 dfeb9ecc dfeb9ea8
9ea0: 8027caf4 802ac7ac 00000008 81c66394 dfeb9eb8 dfeb9fb0 84e244e0 00000cc0
9ec0: 00020000 20000000 20000140 00001a55 85c11800 85785f80 00000380 00000000
9ee0: 00000000 00000000 00000000 defa0d78 00000000 00000000 20ffffff fe9ab3bc
9f00: 00000000 dfeb9fb0 20000140 00000255 00000a07 8525a400 842d0300 00000002
9f20: dfeb9f74 dfeb9f30 80215e14 80480890 81897c90 81897b5c dfeb9f5c dfeb9f48
9f40: 8024c880 84e244e0 40000000 8261d0e0 00000a07 20000140 dfeb9fb0 80215c4c
9f60: 0014c29c 7eafe4dc dfeb9fac dfeb9f78 802161dc 80215c58 dfeb9fac dfeb9f88
9f80: 8020ca6c 80203060 0006b3f4 0001d440 40000010 ffffffff 8525a400 824a9044
9fa0: 00000000 dfeb9fb0 80200e3c 802161b0 00000000 00000000 00000000 20000140
9fc0: 00000002 00000000 00000000 000001f4 fffffffe 0014c29c 7eafe4dc 001ac2ad
9fe0: 00cf2590 7eafe3a8 0001d150 0001d440 40000010 ffffffff 00000000 00000000
Call trace: 
[<807e85bc>] (sg_init_one) from [<804c3de4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:82c92dc0 r6:dece0184 r5:83f31cf8 r4:ff7e7efc
[<804c3d28>] (zswap_decompress) from [<804c6a28>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:8465e4c0 r8:8465e4c0 r7:8465e4c4 r6:dece0184 r5:00000003 r4:83f31cf8
[<804c68cc>] (zswap_load) from [<804bbc04>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:845d4700 r8:8525a400 r7:00000000 r6:dfeb9d4c r5:00000001 r4:dece0184
[<804bbb5c>] (swap_read_folio) from [<804bd624>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:dfeb9d4b r7:00000000 r6:00000000 r5:00100cca
 r4:00000003
[<804bd460>] (swap_cluster_readahead) from [<804bd978>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:dfeb9eb8 r9:00000000 r8:00100cca r7:84e244e0 r6:00000003 r5:00000000
 r4:00000001
[<804bd910>] (swapin_readahead) from [<8047f378>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000040 r9:00000000 r8:845d4700 r7:84e244e0 r6:00000003 r5:00000000
 r4:dfeb9eb8
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000040 r9:842d0300 r8:8525a400 r7:84e244e0 r6:20000140 r5:8525a400
 r4:00001255
[<80480884>] (handle_mm_fault) from [<80215e14>] (do_page_fault+0x1c8/0x3a8 arch/arm/mm/fault.c:299)
 r10:00000002 r9:842d0300 r8:8525a400 r7:00000a07 r6:00000255 r5:20000140
 r4:dfeb9fb0
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:7eafe4dc r9:0014c29c r8:80215c4c r7:dfeb9fb0 r6:20000140 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200e3c>] (__dabt_usr+0x5c/0x60 arch/arm/kernel/entry-armv.S:427)
Exception stack(0xdfeb9fb0 to 0xdfeb9ff8)
9fa0:                                     00000000 00000000 00000000 20000140
9fc0: 00000002 00000000 00000000 000001f4 fffffffe 0014c29c 7eafe4dc 001ac2ad
9fe0: 00cf2590 7eafe3a8 0001d150 0001d440 40000010 ffffffff
 r8:824a9044 r7:8525a400 r6:ffffffff r5:40000010 r4:0001d440
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction