------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 17729 Comm: syz-executor.1 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8658>]    lr : [<807e6a4c>]    psr: 80000113
sp : e0839ad0  ip : e0839b08  fp : e0839aec
r10: e0839d50  r9 : ffefd804  r8 : ff7e7f1c
r7 : 0000027f  r6 : e0839af0  r5 : 872f1d70  r4 : ffefd804
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : e0839af0
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 84fc0d00  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xe0838000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 872f1d70 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xe0838000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: 2-page vmalloc region starting at 0xe0838000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r11 information: 2-page vmalloc region starting at 0xe0838000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xe0838000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.1 (pid: 17729, stack limit = 0xe0838000)
Stack: (0xe0839ad0 to 0xe083a000)
9ac0:                                     ff7e7efc 872f1d70 deee3098 8345a500
9ae0: e0839b4c e0839af0 804c3de4 807e85c8 00000002 00000000 00000000 00000000
9b00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9b20: 00000001 9a5b65be 872f1d70 00000001 deee3098 845bd8c4 845bd8c0 845bd8c0
9b40: e0839b74 e0839b50 804c6a28 804c3d34 deee3098 00000000 00000000 00000000
9b60: 8449e000 83fc2500 e0839bc4 e0839b78 804bbc04 804c68d8 804bd128 802e27a0
9b80: e0839bcc 00000000 00100cca 00000000 00000000 9a5b65be e0839bc4 deee3098
9ba0: 00000000 00000000 00000000 e0839be3 00000000 e0839d50 e0839c3c e0839bc8
9bc0: 804bd77c 804bbb68 e0839be3 00000000 ddde42c0 83f55800 00000001 00000001
9be0: 0128eb50 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9c00: 00000000 00000000 818753b0 9a5b65be 00000406 00000001 00000000 00000001
9c20: 84250600 00100cca 00000000 e0839d50 e0839cb4 e0839c40 804bd978 804bd46c
9c40: 00000000 9a5b65be 00000001 e0839d50 00000000 00000000 e0839c8c e0839c68
9c60: 8042e9c0 8042e814 e0839d50 8260cac8 84250600 021ec000 83fc2500 00000000
9c80: e0839cb4 9a5b65be 804bcdf8 e0839d50 00000000 00000001 84250600 83fc2500
9ca0: 00000000 00000000 e0839d14 e0839cb8 8047f378 804bd91c 8049446c 80479d2c
9cc0: e0839d84 8449e000 00000000 00000000 021ec000 851e1200 e0839d14 e0839ce8
9ce0: 83fc2500 804943f4 fe0ac003 00000214 8449e000 021ec000 84250600 021ec000
9d00: 851e1200 00000000 e0839dc4 e0839d18 80480c5c 8047f184 851e1240 ffffffff
9d20: e0839d88 021ec4e8 81c66394 8432ed0c 851e1240 021ec000 0220cfff 8432ed0c
9d40: 00000000 ffffffff e0839d50 e0839e48 84250600 00000cc0 000021ec 021ec000
9d60: 021ec000 00000a14 87288080 84fc0d00 00000180 00000000 00000000 00000000
9d80: 00000000 defb2844 00000000 00000000 e0839dc4 9a5b65be 80480318 e0839e48
9da0: 021ec4e8 00000214 00000207 021ec000 851e1200 00000007 e0839e0c e0839dc8
9dc0: 80215d94 80480890 dddd0280 8449e000 a3e21960 1b316035 e0839e04 8449e000
9de0: 82c02600 8261d0e0 00000207 021ec4e8 e0839e48 80215c4c 8449e000 00000109
9e00: e0839e44 e0839e10 802161dc 80215c58 8080cbcc 00000000 00000000 00000000
9e20: 00000000 81848d0c 00000013 ffffffff e0839e7c 80200288 e0839f44 e0839e48
9e40: 80200ae4 802161b0 e0839ed0 021ec4e8 ffffffe8 00000000 8449e000 e0839ee0
9e60: e0839fb0 021ec4e0 80200288 8449e000 00000109 e0839f44 00000018 e0839e94
9e80: 80426dec 81848d0c 00000013 ffffffff 8089c168 e0839ee0 e0839fb0 80200288
9ea0: 8449e000 e0839ed0 00000008 00000000 8449e000 80426dec 8449e000 00000000
9ec0: 00000001 0000c350 0007ad28 00000000 00000000 00000000 00000000 00000000
9ee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9f00: 802fb880 dddc7340 00000000 00000000 00000000 9a5b65be 8089c168 8449e000
9f20: e0839fb0 80200288 00000109 80200288 8449e000 00000109 e0839fac e0839f48
9f40: 8020bc18 80426c64 80307670 802fd814 00000000 81a04f98 e0839fa4 e0839f68
9f60: 803097c4 80307620 00000000 00000000 000f4240 00000000 00000000 9a5b65be
9f80: 00000000 9a5b65be 00000000 7ebf1534 00000000 00000109 80200288 8449e000
9fa0: 00000000 e0839fb0 80200088 8020bb2c 00000000 00000000 7ebf153c 7ebf1534
9fc0: 00000000 7ebf1534 00000000 00000109 00000000 00000000 7ebf1670 00000000
9fe0: 00000000 7ebf1530 00000001 0007ad28 20000010 00000000 00000000 00000000
Call trace: 
[<807e85bc>] (sg_init_one) from [<804c3de4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:8345a500 r6:deee3098 r5:872f1d70 r4:ff7e7efc
[<804c3d28>] (zswap_decompress) from [<804c6a28>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:845bd8c0 r8:845bd8c0 r7:845bd8c4 r6:deee3098 r5:00000001 r4:872f1d70
[<804c68cc>] (zswap_load) from [<804bbc04>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:83fc2500 r8:8449e000 r7:00000000 r6:00000000 r5:00000000 r4:deee3098
[<804bbb5c>] (swap_read_folio) from [<804bd77c>] (swap_cluster_readahead+0x31c/0x34c mm/swap_state.c:701)
 r10:e0839d50 r9:00000000 r8:e0839be3 r7:00000000 r6:00000000 r5:00000000
 r4:deee3098
[<804bd460>] (swap_cluster_readahead) from [<804bd978>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:e0839d50 r9:00000000 r8:00100cca r7:84250600 r6:00000001 r5:00000000
 r4:00000001
[<804bd910>] (swapin_readahead) from [<8047f378>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:83fc2500 r7:84250600 r6:00000001 r5:00000000
 r4:e0839d50
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:851e1200 r8:021ec000 r7:84250600 r6:021ec000 r5:8449e000
 r4:00000214
[<80480884>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000007 r9:851e1200 r8:021ec000 r7:00000207 r6:00000214 r5:021ec4e8
 r4:e0839e48
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:00000109 r9:8449e000 r8:80215c4c r7:e0839e48 r6:021ec4e8 r5:00000207
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xe0839e48 to 0xe0839e90)
9e40:                   e0839ed0 021ec4e8 ffffffe8 00000000 8449e000 e0839ee0
9e60: e0839fb0 021ec4e0 80200288 8449e000 00000109 e0839f44 00000018 e0839e94
9e80: 80426dec 81848d0c 00000013 ffffffff
 r8:80200288 r7:e0839e7c r6:ffffffff r5:00000013 r4:81848d0c
[<80426c58>] (__rseq_handle_notify_resume) from [<8020bc18>] (rseq_handle_notify_resume include/linux/rseq.h:38 [inline])
[<80426c58>] (__rseq_handle_notify_resume) from [<8020bc18>] (resume_user_mode_work include/linux/resume_user_mode.h:62 [inline])
[<80426c58>] (__rseq_handle_notify_resume) from [<8020bc18>] (do_work_pending+0xf8/0x4c0 arch/arm/kernel/signal.c:631)
 r10:00000109 r9:8449e000 r8:80200288 r7:00000109 r6:80200288 r5:e0839fb0
 r4:8449e000
[<8020bb20>] (do_work_pending) from [<80200088>] (slow_work_pending+0xc/0x24)
Exception stack(0xe0839fb0 to 0xe0839ff8)
9fa0:                                     00000000 00000000 7ebf153c 7ebf1534
9fc0: 00000000 7ebf1534 00000000 00000109 00000000 00000000 7ebf1670 00000000
9fe0: 00000000 7ebf1530 00000001 0007ad28 20000010 00000000
 r9:8449e000 r8:80200288 r7:00000109 r6:00000000 r5:7ebf1534 r4:00000000
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction