------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 16713 Comm: syz-executor.1 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8648>]    lr : [<807e6a3c>]    psr: 80000113
sp : df9b19c8  ip : df9b1a00  fp : df9b19e4
r10: 00000000  r9 : ffefd004  r8 : ff7e7f1c
r7 : 00000040  r6 : df9b19e8  r5 : 83f6e0c8  r4 : ffefd004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : df9b19e8
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 8601de80  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xdf9b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 83f6e0c8 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdf9b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdf9b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdf9b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.1 (pid: 16713, stack limit = 0xdf9b0000)
Stack: (0xdf9b19c8 to 0xdf9b2000)
19c0:                   ff7e7efc 83f6e0c8 dede324c 83f5f040 df9b1a44 df9b19e8
19e0: 804c3dd4 807e85b8 00000002 00000000 00000000 00000000 00000000 00000000
1a00: 00000000 00000000 00000000 00000000 00000000 00000000 00000001 fd083831
1a20: 83f6e0c8 00000001 dede324c 8438dc04 8438dc00 8438dc00 df9b1a6c df9b1a48
1a40: 804c6a18 804c3d24 dede324c 00000001 df9b1adc 00000000 857b9800 83f66d00
1a60: df9b1abc df9b1a70 804bbbf4 804c68c8 dede324c 00000000 00000001 dede324c
1a80: 00000001 00100cca 00000000 fd083831 df9b1adb 00000001 00100cca 00000000
1aa0: 00000000 df9b1adb 00000007 00000000 df9b1b34 df9b1ac0 804bd614 804bbb58
1ac0: df9b1adb 00000000 8027cb0c dede324c 00000001 00000001 01dd3e40 00000000
1ae0: 00000000 00000000 00000000 00000000 00000001 00000000 df9b1af8 df9b1af8
1b00: 818753b0 fd083831 00000406 00000001 00000000 00000001 84317180 00100cca
1b20: 00000000 df9b1c48 df9b1bac df9b1b38 804bd968 804bd45c 00000000 fd083831
1b40: 00000001 df9b1c48 00000000 00000000 df9b1b84 df9b1b60 8042e9b0 8042e804
1b60: df9b1c48 8260cac8 84317180 20000000 83f66d00 00000000 df9b1bac fd083831
1b80: 804bcde8 df9b1c48 00000000 00000001 84317180 83f66d00 00000000 00000000
1ba0: df9b1c0c df9b1bb0 8047f368 804bd90c 8049445c 80479d1c df9b1c7c 857b9800
1bc0: 00000000 00000000 20000000 840a7300 df9b1c0c df9b1be0 83f66d00 804943e4
1be0: fe57d003 00000215 857b9800 20000000 84317180 20000000 840a7300 00000000
1c00: df9b1cbc df9b1c10 80480c4c 8047f174 840a7340 ffffffff df9b1c80 200007c0
1c20: 81c66394 845fab0c 840a7340 20000000 20ffffff 845fab0c 00000000 ffffffff
1c40: df9b1c48 df9b1d40 84317180 00000cc0 00020000 20000000 20000000 00000a15
1c60: 855e7800 8601de80 00000180 00000000 00000000 00000000 00000000 defbd5a8
1c80: 00000000 00000000 df9b1cbc fd083831 80480308 df9b1d40 200007c0 00000215
1ca0: 00000a07 20000000 840a7300 00000002 df9b1d04 df9b1cc0 80215d94 80480880
1cc0: 84204370 00000002 00000008 00000030 00000000 857b9800 00000000 8261d0e0
1ce0: 00000a07 200007c0 df9b1d40 80215c4c 857b9800 200007c0 df9b1d3c df9b1d08
1d00: 802161dc 80215c58 8052987c 80528190 df9b1d3c df9b1d20 805281a0 818490c0
1d20: 20000013 ffffffff df9b1d74 2d722030 df9b1e0c df9b1d40 80200ae4 802161b0
1d40: 200007c0 85379020 00000d8f 31303030 30303030 3030302d 30306563 df9b1e60
1d60: 2d722030 30207078 200007c0 df9b1e0c 30303030 df9b1d8c 20303030 818490c0
1d80: 20000013 ffffffff 8089c158 00000000 00000e2f 85379000 00000e2f 200007c0
1da0: 00000e2f 00000000 00000000 807eabb8 80216314 85379000 df9b1e68 85379000
1dc0: 85379e2f ddeb4ce0 df9b1e0c df9b1dd8 804eeca4 802197ac 802ac2cc fd083831
1de0: 852795c0 84204370 00000000 84204398 df9b1e68 00000000 00000e2f 843178a0
1e00: df9b1e54 df9b1e10 80528ea8 807eaa5c 00000000 84204398 827192e4 84204388
1e20: 85379000 df9b1e80 857b9800 00000000 df9b1f68 85283540 00000000 00002020
1e40: 80528fc4 00000001 df9b1ed4 df9b1e58 805290c4 80528a4c 00002020 df9b1e68
1e60: 200007c0 00002020 00000001 00000000 df9b1e60 00002020 00000001 00000000
1e80: 85283540 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1ea0: 00000000 00000000 804f4a74 fd083831 00000008 85283540 00002020 857b9800
1ec0: df9b1f68 200007c0 df9b1f64 df9b1ed8 804f672c 80528fd0 df9b1f04 df9b1ee8
1ee0: 8020c17c 8020d138 00000000 00000001 818a33d0 ecac8b10 df9b1f44 df9b1f08
1f00: 8020d1c0 8020c164 000f4240 00000000 df9b1f4c df9b1f20 8051ccac 802e2798
1f20: 857b9800 00000000 00000000 200007c0 00002020 fd083831 857b9800 85283543
1f40: 85283540 00000000 00000000 80200288 857b9800 00000003 df9b1f94 df9b1f68
1f60: 804f73ac 804f66a0 00000000 00000000 80203054 fd083831 00000000 00000000
1f80: 0014c2c8 00000003 df9b1fa4 df9b1f98 804f743c 804f7340 00000000 df9b1fa8
1fa0: 80200060 804f7438 00000000 00000000 00000003 200007c0 00002020 00000000
1fc0: 00000000 00000000 0014c2c8 00000003 7efda32e 7efda32f 003d0f00 76b340fc
1fe0: 76b33f08 76b33ef8 000167f8 00050bc0 60000010 00000003 00000000 00000000
Call trace: 
[<807e85ac>] (sg_init_one) from [<804c3dd4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:83f5f040 r6:dede324c r5:83f6e0c8 r4:ff7e7efc
[<804c3d18>] (zswap_decompress) from [<804c6a18>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:8438dc00 r8:8438dc00 r7:8438dc04 r6:dede324c r5:00000001 r4:83f6e0c8
[<804c68bc>] (zswap_load) from [<804bbbf4>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:83f66d00 r8:857b9800 r7:00000000 r6:df9b1adc r5:00000001 r4:dede324c
[<804bbb4c>] (swap_read_folio) from [<804bd614>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:df9b1adb r7:00000000 r6:00000000 r5:00100cca
 r4:00000001
[<804bd450>] (swap_cluster_readahead) from [<804bd968>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:df9b1c48 r9:00000000 r8:00100cca r7:84317180 r6:00000001 r5:00000000
 r4:00000001
[<804bd900>] (swapin_readahead) from [<8047f368>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:83f66d00 r7:84317180 r6:00000001 r5:00000000
 r4:df9b1c48
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:840a7300 r8:20000000 r7:84317180 r6:20000000 r5:857b9800
 r4:00000215
[<80480874>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000002 r9:840a7300 r8:20000000 r7:00000a07 r6:00000215 r5:200007c0
 r4:df9b1d40
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:200007c0 r9:857b9800 r8:80215c4c r7:df9b1d40 r6:200007c0 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xdf9b1d40 to 0xdf9b1d88)
1d40: 200007c0 85379020 00000d8f 31303030 30303030 3030302d 30306563 df9b1e60
1d60: 2d722030 30207078 200007c0 df9b1e0c 30303030 df9b1d8c 20303030 818490c0
1d80: 20000013 ffffffff
 r8:2d722030 r7:df9b1d74 r6:ffffffff r5:20000013 r4:818490c0
[<807eaa50>] (_copy_to_iter) from [<80528ea8>] (copy_to_iter include/linux/uio.h:196 [inline])
[<807eaa50>] (_copy_to_iter) from [<80528ea8>] (seq_read_iter+0x468/0x584 fs/seq_file.c:281)
 r10:843178a0 r9:00000e2f r8:00000000 r7:df9b1e68 r6:84204398 r5:00000000
 r4:84204370
[<80528a40>] (seq_read_iter) from [<805290c4>] (seq_read+0x100/0x134 fs/seq_file.c:162)
 r10:00000001 r9:80528fc4 r8:00002020 r7:00000000 r6:85283540 r5:df9b1f68
 r4:00000000
[<80528fc4>] (seq_read) from [<804f672c>] (vfs_read+0x98/0x314 fs/read_write.c:474)
 r8:200007c0 r7:df9b1f68 r6:857b9800 r5:00002020 r4:85283540
[<804f6694>] (vfs_read) from [<804f73ac>] (ksys_read+0x78/0xf8 fs/read_write.c:619)
 r10:00000003 r9:857b9800 r8:80200288 r7:00000000 r6:00000000 r5:85283540
 r4:85283543
[<804f7334>] (ksys_read) from [<804f743c>] (__do_sys_read fs/read_write.c:629 [inline])
[<804f7334>] (ksys_read) from [<804f743c>] (sys_read+0x10/0x14 fs/read_write.c:627)
 r7:00000003 r6:0014c2c8 r5:00000000 r4:00000000
[<804f742c>] (sys_read) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xdf9b1fa8 to 0xdf9b1ff0)
1fa0:                   00000000 00000000 00000003 200007c0 00002020 00000000
1fc0: 00000000 00000000 0014c2c8 00000003 7efda32e 7efda32f 003d0f00 76b340fc
1fe0: 76b33f08 76b33ef8 000167f8 00050bc0
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction