------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 7456 Comm: syz-executor.1 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8650>]    lr : [<807e6a44>]    psr: 80000113
sp : dff41988  ip : dff419c0  fp : dff419a4
r10: 00000000  r9 : ffefb004  r8 : ff7e7f1c
r7 : 0000005e  r6 : dff419a8  r5 : 852d1258  r4 : ffefb004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : dff419a8
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 852ddb00  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xdff40000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 852d1258 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdff40000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdff40000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdff40000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.1 (pid: 7456, stack limit = 0xdff40000)
Stack: (0xdff41988 to 0xdff42000)
1980:                   ff7e7efc 852d1258 dee11e00 84026040 dff41a04 dff419a8
19a0: 804c3ddc 807e85c0 00000002 00000000 00000000 00000000 00000000 00000000
19c0: 00000000 00000000 00000000 00000000 00000000 00000000 00000001 ee7e499c
19e0: 852d1258 00000001 dee11e00 843d6404 843d6400 843d6400 dff41a2c dff41a08
1a00: 804c6a20 804c3d2c dee11e00 00000001 dff41a9c 00000000 82efc800 8402bf00
1a20: dff41a7c dff41a30 804bbbfc 804c68d0 804bd120 802e27a0 81fb053c 00000000
1a40: 00100cca 00000000 00000000 ee7e499c 00000003 00000001 00100cca 00000000
1a60: 00000000 dff41a9b 00000007 00000000 dff41af4 dff41a80 804bd61c 804bbb60
1a80: dff41a9b 00000000 ddde4280 dee11e00 00000001 00000001 012102f4 00000000
1aa0: 00000000 00000000 00000000 00000000 00000001 00000000 dff41ab8 dff41ab8
1ac0: 818753b0 ee7e499c 00000406 00000001 00000000 00000001 853c5a20 00100cca
1ae0: 00000000 dff41c08 dff41b6c dff41af8 804bd970 804bd464 00000000 ee7e499c
1b00: dff41b70 dff41c08 00000000 00000000 dff41b44 dff41b20 8042e9b8 8042e80c
1b20: dff41c08 8260cac8 853c5a20 20000000 8402bf00 00000000 dff41b6c ee7e499c
1b40: 804bcdf0 dff41c08 00000000 00000001 853c5a20 8402bf00 00000000 00000000
1b60: dff41bcc dff41b70 8047f370 804bd914 80494464 80479d24 dff41c3c 82efc800
1b80: 00000000 00000000 20000000 84183600 dff41bcc dff41ba0 8402bf00 804943ec
1ba0: fc37a003 00000214 82efc800 20000000 853c5a20 20000000 84183600 00000000
1bc0: dff41c7c dff41bd0 80480c54 8047f17c 84183640 ffffffff dff41c40 20000720
1be0: 81c66394 853c140c 84183640 20000000 2032dfff 853c140c 00000000 ffffffff
1c00: dff41c08 dff41d00 853c5a20 00000cc0 00020000 20000000 20000000 00000a14
1c20: 851d2800 852ddb00 00000180 00000000 00000000 00000000 00000000 def70d3c
1c40: 00000000 00000000 dff41c7c ee7e499c 80480310 dff41d00 20000720 00000214
1c60: 00000207 20000000 84183600 00000007 dff41cc4 dff41c80 80215d94 80480888
1c80: dff41cac 200d0000 853c5900 00000000 00000095 82efc800 00000000 8261d0e0
1ca0: 00000207 20000720 dff41d00 80215c4c 82efc800 ffefd1c0 dff41cfc dff41cc8
1cc0: 802161dc 80215c58 00000000 00200000 00040000 82efc800 853db600 81848d94
1ce0: 80000013 ffffffff dff41d34 00000d5f dff41dbc dff41d00 80200ae4 802161b0
1d00: ffefd1c0 20000720 00000d5b 00000000 00000e40 000002a1 00000000 20000480
1d20: 00000d5f dff41edc ffefd1c0 dff41dbc 00000001 dff41d4c 807eb2e4 81848d94
1d40: 80000013 ffffffff 8089c180 ffefd1c0 00000d5f 00000000 00000e40 807eb2e4
1d60: 828584e8 00200000 dff41dac dff41eb8 80479cb0 8027b094 f252971f 00c00000
1d80: 00000001 ee7e499c 00000001 ee7e499c 000001c0 000cfe40 000001c0 00000e40
1da0: dee0c9c4 00000000 828584e8 ffefd000 dff41df4 dff41dc0 807eb838 807eb18c
1dc0: dff41df4 dff41eb8 000001c0 000cfe40 000000d0 dff41eb8 85075004 00000001
1de0: 00000e40 00200000 dff41ea4 dff41df8 804a1894 807eb73c 85075000 dff41e30
1e00: 000013d6 fffff000 00000005 dff41f40 00000006 82ef8000 00000201 000cfe40
1e20: 000d0000 20000000 85075000 853db600 00000001 00000000 00000000 00000000
1e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1e60: 00000000 00000000 00000000 00000000 00000000 ee7e499c 807ecf48 000013d6
1e80: dff41f14 200003c0 00000446 dff41f14 00000000 dff41ed4 dff41f84 dff41ea8
1ea0: 804a1c1c 804a1684 00000001 dff41eb8 00000008 00000000 00010001 000002a1
1ec0: dff41edc 000010aa 00000007 00000000 00000000 20004800 0000008b 20000480
1ee0: 00001000 20001480 00000078 20001540 0000008b 20001600 000000e3 20001700
1f00: 000000fb 200001c0 00000013 20001800 00000057 20000200 000000c5 20001a00
1f20: 0000003f 20001a80 000000e2 20001b80 000000f3 20001c80 00000053 200001c0
1f40: 00200000 00000000 00000000 00000000 00000000 ee7e499c 8020316c 00000006
1f60: 00000000 0014c2d4 00000179 80200288 82efc800 00000179 dff41fa4 dff41f88
1f80: 804a1ca0 804a1afc 00000006 00000000 00000001 82efc800 00000000 dff41fa8
1fa0: 80200060 804a1c80 00000006 00000000 00000446 20001880 00000008 200003c0
1fc0: 00000006 00000000 0014c2d4 00000179 7ea4832e 7ea4832f 003d0f00 76b4c0fc
1fe0: 76b4bf08 76b4bef8 000167f8 00050bc0 60000010 00000446 00000000 00000000
Call trace: 
[<807e85b4>] (sg_init_one) from [<804c3ddc>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:84026040 r6:dee11e00 r5:852d1258 r4:ff7e7efc
[<804c3d20>] (zswap_decompress) from [<804c6a20>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:843d6400 r8:843d6400 r7:843d6404 r6:dee11e00 r5:00000001 r4:852d1258
[<804c68c4>] (zswap_load) from [<804bbbfc>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:8402bf00 r8:82efc800 r7:00000000 r6:dff41a9c r5:00000001 r4:dee11e00
[<804bbb54>] (swap_read_folio) from [<804bd61c>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:dff41a9b r7:00000000 r6:00000000 r5:00100cca
 r4:00000001
[<804bd458>] (swap_cluster_readahead) from [<804bd970>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:dff41c08 r9:00000000 r8:00100cca r7:853c5a20 r6:00000001 r5:00000000
 r4:00000001
[<804bd908>] (swapin_readahead) from [<8047f370>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:8402bf00 r7:853c5a20 r6:00000001 r5:00000000
 r4:dff41c08
[<8047f170>] (do_swap_page) from [<80480c54>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f170>] (do_swap_page) from [<80480c54>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f170>] (do_swap_page) from [<80480c54>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:84183600 r8:20000000 r7:853c5a20 r6:20000000 r5:82efc800
 r4:00000214
[<8048087c>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000007 r9:84183600 r8:20000000 r7:00000207 r6:00000214 r5:20000720
 r4:dff41d00
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:ffefd1c0 r9:82efc800 r8:80215c4c r7:dff41d00 r6:20000720 r5:00000207
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xdff41d00 to 0xdff41d48)
1d00: ffefd1c0 20000720 00000d5b 00000000 00000e40 000002a1 00000000 20000480
1d20: 00000d5f dff41edc ffefd1c0 dff41dbc 00000001 dff41d4c 807eb2e4 81848d94
1d40: 80000013 ffffffff
 r8:00000d5f r7:dff41d34 r6:ffffffff r5:80000013 r4:81848d94
[<807eb180>] (_copy_from_iter) from [<807eb838>] (copy_page_from_iter lib/iov_iter.c:422 [inline])
[<807eb180>] (_copy_from_iter) from [<807eb838>] (copy_page_from_iter+0x108/0x144 lib/iov_iter.c:411)
 r10:ffefd000 r9:828584e8 r8:00000000 r7:dee0c9c4 r6:00000e40 r5:000001c0
 r4:000cfe40
[<807eb730>] (copy_page_from_iter) from [<804a1894>] (process_vm_rw_pages mm/process_vm_access.c:43 [inline])
[<807eb730>] (copy_page_from_iter) from [<804a1894>] (process_vm_rw_single_vec mm/process_vm_access.c:118 [inline])
[<807eb730>] (copy_page_from_iter) from [<804a1894>] (process_vm_rw_core.constprop.0+0x21c/0x478 mm/process_vm_access.c:216)
 r10:00200000 r9:00000e40 r8:00000001 r7:85075004 r6:dff41eb8 r5:000000d0
 r4:000cfe40
[<804a1678>] (process_vm_rw_core.constprop.0) from [<804a1c1c>] (process_vm_rw+0x12c/0x150 mm/process_vm_access.c:284)
 r10:dff41ed4 r9:00000000 r8:dff41f14 r7:00000446 r6:200003c0 r5:dff41f14
 r4:000013d6
[<804a1af0>] (process_vm_rw) from [<804a1ca0>] (__do_sys_process_vm_writev mm/process_vm_access.c:304 [inline])
[<804a1af0>] (process_vm_rw) from [<804a1ca0>] (sys_process_vm_writev+0x2c/0x34 mm/process_vm_access.c:299)
 r10:00000179 r9:82efc800 r8:80200288 r7:00000179 r6:0014c2d4 r5:00000000
 r4:00000006
[<804a1c74>] (sys_process_vm_writev) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xdff41fa8 to 0xdff41ff0)
1fa0:                   00000006 00000000 00000446 20001880 00000008 200003c0
1fc0: 00000006 00000000 0014c2d4 00000179 7ea4832e 7ea4832f 003d0f00 76b4c0fc
1fe0: 76b4bf08 76b4bef8 000167f8 00050bc0
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction