------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 3888 Comm: syz-executor.1 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8658>]    lr : [<807e6a4c>]    psr: 80000113
sp : e044da70  ip : e044daa8  fp : e044da8c
r10: 00000000  r9 : ffefd004  r8 : ff7e7f1c
r7 : 00000156  r6 : e044da90  r5 : 85511668  r4 : ffefd004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : e044da90
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 8532ac40  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xe044c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 85511668 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xe044c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xe044c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xe044c000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.1 (pid: 3888, stack limit = 0xe044c000)
Stack: (0xe044da70 to 0xe044e000)
da60:                                     ff7e7efc 85511668 decc3db0 84078280
da80: e044daec e044da90 804c3de4 807e85c8 00000002 00000000 00000000 00000000
daa0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dac0: 00000001 53ddcd5d 85511668 00000001 decc3db0 84320dc4 84320dc0 84320dc0
dae0: e044db14 e044daf0 804c6a28 804c3d34 decc3db0 00000001 e044db84 00000000
db00: 84dbe000 842ddd00 e044db64 e044db18 804bbc04 804c68d8 804bd128 802e27a0
db20: 84dbe000 00000000 00100cca 00000000 00000000 53ddcd5d 842ddd00 00000001
db40: 00100cca 00000000 00000000 e044db83 00000007 00000000 e044dbdc e044db68
db60: 804bd624 804bbb68 e044db83 00000000 00000000 decc3db0 00000001 00000001
db80: 01000000 00000000 00000000 00000000 00000000 00000000 00000001 00000000
dba0: e044dba0 e044dba0 818753b0 53ddcd5d 00000406 00000001 00000000 00000001
dbc0: 857b50c0 00100cca 00000000 e044dcf0 e044dc54 e044dbe0 804bd978 804bd46c
dbe0: 00000000 53ddcd5d 80200bb4 e044dcf0 00000000 00000000 e044dc2c e044dc08
dc00: 8042e9c0 8042e814 e044dcf0 8260cac8 857b50c0 20000000 842ddd00 00000000
dc20: e044dc54 53ddcd5d 804bcdf8 e044dcf0 00000000 00000001 857b50c0 842ddd00
dc40: 00000000 00000000 e044dcb4 e044dc58 8047f378 804bd91c 8049446c 80479d2c
dc60: e044dd24 84dbe000 00000000 00000000 20000000 841f4900 e044dcb4 e044dc88
dc80: 842ddd00 804943f4 fe1be003 00000215 84dbe000 20000000 857b50c0 20000000
dca0: 841f4900 00000000 e044dd64 e044dcb8 80480c5c 8047f184 841f4940 ffffffff
dcc0: e044dd28 20000000 81c66394 851dac0c 841f4940 20000000 20ffffff 851dac0c
dce0: 00000000 ffffffff e044dcf0 e044dde8 857b50c0 00000cc0 00020000 20000000
dd00: 20000000 00000a15 85686800 8532ac40 00000180 00000000 00000000 00000000
dd20: 00000000 defb4ecc 00000000 00000000 e044dd64 53ddcd5d 80480318 e044dde8
dd40: 20000000 00000215 00000a07 20000000 841f4900 00000002 e044ddac e044dd68
dd60: 80215d94 80480890 a56ecb7e e8638c33 449d9de7 927f6307 717f706b 84dbe000
dd80: 00000000 8261d0e0 00000a07 20000000 e044dde8 80215c4c 84dbe000 00000180
dda0: e044dde4 e044ddb0 802161dc 80215c58 8027caf4 ef9f1e35 748a76a1 2082d7e2
ddc0: a56ecb7e 818490c0 a0000013 ffffffff e044de1c 28bba117 e044deb4 e044dde8
dde0: 80200ae4 802161b0 20000000 e044df1c ffffffa0 10baec3e df03235a 26ce8af0
de00: db8d71f0 20000000 28bba117 d6f99dd6 00000180 e044deb4 1c72657d e044de34
de20: a0b40922 818490c0 a0000013 ffffffff 8089c168 00000000 00000040 00000000
de40: 00000000 20000000 00000040 00000000 e044df70 807eaaf8 706d0c7c 736b3ca8
de60: 13015ff9 e044defc 6e60af74 50d5f5f0 ee0c6f2a 0cf74922 cecc418f bbf2f748
de80: bdf50c96 53ddcd5d f4ec0b96 00000000 e044df70 e044defc e044debc 84dbe000
dea0: 84dbe000 00000180 e044df64 e044deb8 8099dd94 807eaa6c 00000000 61707865
dec0: 3320646e 79622d32 6b206574 b550646f c3f83ddd f27a5073 325359ae 52b0f7ca
dee0: 14fb4ccc c35c4abf 420329d1 00000002 00000000 00000000 00000000 10baec3e
df00: df03235a 26ce8af0 db8d71f0 28bba117 d6f99dd6 1c72657d a0b40922 a386edba
df20: 0307bbf6 d05393e1 10cf6b60 bbf2f749 bdf50c96 b1bc4b7c f4ec0b96 53ddcd5d
df40: 8024c880 00000083 00000000 0014c2c8 00000180 80200288 e044dfa4 e044df68
df60: 8099ea7c 8099dcf4 0006b3f0 ecac8b10 00000000 00000000 20000000 00000083
df80: 00000001 00000000 0006b3f4 53ddcd5d ffffffff 00000000 00000000 e044dfa8
dfa0: 80200060 8099ea08 00000000 00000000 20000000 00000083 00000000 00000000
dfc0: 00000000 00000000 0014c2c8 00000180 7eefa32e 7eefa32f 003d0f00 76b880fc
dfe0: 76b87f08 76b87ef8 000167f8 00050bc0 60000010 20000000 00000000 00000000
Call trace: 
[<807e85bc>] (sg_init_one) from [<804c3de4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:84078280 r6:decc3db0 r5:85511668 r4:ff7e7efc
[<804c3d28>] (zswap_decompress) from [<804c6a28>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:84320dc0 r8:84320dc0 r7:84320dc4 r6:decc3db0 r5:00000001 r4:85511668
[<804c68cc>] (zswap_load) from [<804bbc04>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:842ddd00 r8:84dbe000 r7:00000000 r6:e044db84 r5:00000001 r4:decc3db0
[<804bbb5c>] (swap_read_folio) from [<804bd624>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:e044db83 r7:00000000 r6:00000000 r5:00100cca
 r4:00000001
[<804bd460>] (swap_cluster_readahead) from [<804bd978>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:e044dcf0 r9:00000000 r8:00100cca r7:857b50c0 r6:00000001 r5:00000000
 r4:00000001
[<804bd910>] (swapin_readahead) from [<8047f378>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:842ddd00 r7:857b50c0 r6:00000001 r5:00000000
 r4:e044dcf0
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:841f4900 r8:20000000 r7:857b50c0 r6:20000000 r5:84dbe000
 r4:00000215
[<80480884>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000002 r9:841f4900 r8:20000000 r7:00000a07 r6:00000215 r5:20000000
 r4:e044dde8
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:00000180 r9:84dbe000 r8:80215c4c r7:e044dde8 r6:20000000 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xe044dde8 to 0xe044de30)
dde0:                   20000000 e044df1c ffffffa0 10baec3e df03235a 26ce8af0
de00: db8d71f0 20000000 28bba117 d6f99dd6 00000180 e044deb4 1c72657d e044de34
de20: a0b40922 818490c0 a0000013 ffffffff
 r8:28bba117 r7:e044de1c r6:ffffffff r5:a0000013 r4:818490c0
[<807eaa60>] (_copy_to_iter) from [<8099dd94>] (copy_to_iter include/linux/uio.h:196 [inline])
[<807eaa60>] (_copy_to_iter) from [<8099dd94>] (get_random_bytes_user+0xac/0x158 drivers/char/random.c:451)
 r10:00000180 r9:84dbe000 r8:84dbe000 r7:e044debc r6:e044defc r5:e044df70
 r4:00000000
[<8099dce8>] (get_random_bytes_user) from [<8099ea7c>] (__do_sys_getrandom drivers/char/random.c:1390 [inline])
[<8099dce8>] (get_random_bytes_user) from [<8099ea7c>] (sys_getrandom+0x80/0xf8 drivers/char/random.c:1364)
 r8:80200288 r7:00000180 r6:0014c2c8 r5:00000000 r4:00000083
[<8099e9fc>] (sys_getrandom) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xe044dfa8 to 0xe044dff0)
dfa0:                   00000000 00000000 20000000 00000083 00000000 00000000
dfc0: 00000000 00000000 0014c2c8 00000180 7eefa32e 7eefa32f 003d0f00 76b880fc
dfe0: 76b87f08 76b87ef8 000167f8 00050bc0
 r4:00000000
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction