------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 1 PID: 18115 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8648>]    lr : [<807e6a3c>]    psr: 80000113
sp : e08a9a70  ip : e08a9aa8  fp : e08a9a8c
r10: 00000000  r9 : ffedc000  r8 : ff7fbf1c
r7 : 00000f5e  r6 : e08a9a90  r5 : 853394d8  r4 : ffedc000
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : e08a9a90
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 84d54280  DAC: 00000000
Register r0 information: 2-page vmalloc region starting at 0xe08a8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 853394d8 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xe08a8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xe08a8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xe08a8000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.0 (pid: 18115, stack limit = 0xe08a8000)
Stack: (0xe08a9a70 to 0xe08aa000)
9a60:                                     ff7fbefc 853394d8 dee1e718 841ce940
9a80: e08a9aec e08a9a90 804c3dd4 807e85b8 00000002 00000000 00000000 00000000
9aa0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9ac0: 00000001 5e800f3e 853394d8 00000001 dee1e718 843ad544 843ad540 843ad540
9ae0: e08a9b14 e08a9af0 804c6a18 804c3d24 dee1e718 00000001 e08a9b84 00000000
9b00: 83d84800 84247900 e08a9b64 e08a9b18 804bbbf4 804c68c8 804bd118 802e2798
9b20: e08a9b94 00000000 00100cca 00000000 00000000 5e800f3e e08a9cb8 00000001
9b40: 00100cca 00000000 00000000 e08a9b83 00000007 00000000 e08a9bdc e08a9b68
9b60: 804bd614 804bbb58 e08a9b83 00000000 00000000 dee1e718 00000003 00000003
9b80: 018a9c38 00000000 00000000 00000000 00000000 00000000 00000001 00000000
9ba0: e08a9ba0 e08a9ba0 818753b0 5e800f3e 00000406 00000001 00000000 00000003
9bc0: 843ef8a0 00100cca 00000000 e08a9cf0 e08a9c54 e08a9be0 804bd968 804bd45c
9be0: 00000000 5e800f3e 00000001 e08a9cf0 00000000 00000000 e08a9c2c e08a9c08
9c00: 8042e9b0 8042e804 e08a9cf0 8260cac8 843ef8a0 20001000 84247900 00000000
9c20: e08a9c54 5e800f3e 804bcde8 e08a9cf0 00000000 00000003 843ef8a0 84247900
9c40: 00000000 00000000 e08a9cb4 e08a9c58 8047f368 804bd90c 8049445c 80479d1c
9c60: e08a9d24 83d84800 00000000 00000000 20001000 83f54300 e08a9cb4 e08a9c88
9c80: 84247900 804943e4 fe0b1003 00000215 83d84800 20001000 843ef8a0 20001000
9ca0: 83f54300 00000000 e08a9d64 e08a9cb8 80480c4c 8047f174 83f54340 ffffffff
9cc0: e08a9d28 20001100 81c66394 84f7350c 83f54340 20000000 20ffffff 84f7350c
9ce0: 00000000 ffffffff e08a9cf0 e08a9de8 843ef8a0 00000cc0 00020001 20001000
9d00: 20001000 00000a15 84cd0800 84d54280 00000380 00000000 00000000 00000000
9d20: 00000000 defb28f8 00000000 00000000 e08a9d64 5e800f3e 80480308 e08a9de8
9d40: 20001100 00000215 00000a07 20001000 83f54300 00000002 e08a9dac e08a9d68
9d60: 80215d94 80480880 b4e55c30 e8691587 1bda4f10 e6531e12 c4a8817e 83d84800
9d80: 818a3788 8261d0e0 00000a07 20001100 e08a9de8 80215c4c 83d84800 00000180
9da0: e08a9de4 e08a9db0 802161dc 80215c58 8027173c 690bd88a 6131c286 77dccf15
9dc0: b4e55c30 818490c0 a0000013 ffffffff e08a9e1c 34be2ba0 e08a9eb4 e08a9de8
9de0: 80200ae4 802161b0 20001100 e08a9f1c ffffffa0 ea0a8ff7 10b5d694 d393c27d
9e00: 6481da06 20001100 34be2ba0 1bdc6b95 00000180 e08a9eb4 4d22f74d e08a9e34
9e20: 568ee372 818490c0 a0000013 ffffffff 8089c158 00000000 00000040 00000000
9e40: 00000000 20001100 00000040 00000000 e08a9f70 807eaae8 f9617492 47e8e5cf
9e60: 1a6ad595 e08a9efc 817d3b78 c1a97372 1d598427 3e27c1bc 55db6910 c7ee6eb5
9e80: 8c221bc9 5e800f3e 3d35f48c 00000000 e08a9f70 e08a9efc e08a9ebc 83d84800
9ea0: 83d84800 00000180 e08a9f64 e08a9eb8 8099dd84 807eaa5c 82e4f5bc 61707865
9ec0: 3320646e 79622d32 6b206574 ecd545d1 01719600 e59b64ec d511a7fa 86aa81cb
9ee0: 0649fe7c dc3b2892 fa09e3ec 00000002 00000000 00000000 00000000 ea0a8ff7
9f00: 10b5d694 d393c27d 6481da06 34be2ba0 1bdc6b95 4d22f74d 568ee372 4853f53d
9f20: 23a382a3 1a62ea4e 4fe54cfc c7ee6eb6 8c221bc9 94364016 3d35f48c 5e800f3e
9f40: 8024c880 00000086 00000000 0014c2c8 00000180 80200288 e08a9fa4 e08a9f68
9f60: 8099ea6c 8099dce4 0006b3f0 ecac8b10 00000000 00000000 20001100 00000086
9f80: 00000001 00000000 0006b3f4 5e800f3e ffffffff 00000000 00000000 e08a9fa8
9fa0: 80200060 8099e9f8 00000000 00000000 20001100 00000086 00000000 00000000
9fc0: 00000000 00000000 0014c2c8 00000180 7ef1c32e 7ef1c32f 003d0f00 76bf90fc
9fe0: 76bf8f08 76bf8ef8 000167f8 00050bc0 60000010 20001100 00000000 00000000
Call trace: 
[<807e85ac>] (sg_init_one) from [<804c3dd4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:841ce940 r6:dee1e718 r5:853394d8 r4:ff7fbefc
[<804c3d18>] (zswap_decompress) from [<804c6a18>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:843ad540 r8:843ad540 r7:843ad544 r6:dee1e718 r5:00000001 r4:853394d8
[<804c68bc>] (zswap_load) from [<804bbbf4>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:84247900 r8:83d84800 r7:00000000 r6:e08a9b84 r5:00000001 r4:dee1e718
[<804bbb4c>] (swap_read_folio) from [<804bd614>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:e08a9b83 r7:00000000 r6:00000000 r5:00100cca
 r4:00000001
[<804bd450>] (swap_cluster_readahead) from [<804bd968>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:e08a9cf0 r9:00000000 r8:00100cca r7:843ef8a0 r6:00000003 r5:00000000
 r4:00000001
[<804bd900>] (swapin_readahead) from [<8047f368>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:84247900 r7:843ef8a0 r6:00000003 r5:00000000
 r4:e08a9cf0
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:83f54300 r8:20001000 r7:843ef8a0 r6:20001000 r5:83d84800
 r4:00000215
[<80480874>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000002 r9:83f54300 r8:20001000 r7:00000a07 r6:00000215 r5:20001100
 r4:e08a9de8
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:00000180 r9:83d84800 r8:80215c4c r7:e08a9de8 r6:20001100 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xe08a9de8 to 0xe08a9e30)
9de0:                   20001100 e08a9f1c ffffffa0 ea0a8ff7 10b5d694 d393c27d
9e00: 6481da06 20001100 34be2ba0 1bdc6b95 00000180 e08a9eb4 4d22f74d e08a9e34
9e20: 568ee372 818490c0 a0000013 ffffffff
 r8:34be2ba0 r7:e08a9e1c r6:ffffffff r5:a0000013 r4:818490c0
[<807eaa50>] (_copy_to_iter) from [<8099dd84>] (copy_to_iter include/linux/uio.h:196 [inline])
[<807eaa50>] (_copy_to_iter) from [<8099dd84>] (get_random_bytes_user+0xac/0x158 drivers/char/random.c:451)
 r10:00000180 r9:83d84800 r8:83d84800 r7:e08a9ebc r6:e08a9efc r5:e08a9f70
 r4:00000000
[<8099dcd8>] (get_random_bytes_user) from [<8099ea6c>] (__do_sys_getrandom drivers/char/random.c:1390 [inline])
[<8099dcd8>] (get_random_bytes_user) from [<8099ea6c>] (sys_getrandom+0x80/0xf8 drivers/char/random.c:1364)
 r8:80200288 r7:00000180 r6:0014c2c8 r5:00000000 r4:00000086
[<8099e9ec>] (sys_getrandom) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xe08a9fa8 to 0xe08a9ff0)
9fa0:                   00000000 00000000 20001100 00000086 00000000 00000000
9fc0: 00000000 00000000 0014c2c8 00000180 7ef1c32e 7ef1c32f 003d0f00 76bf90fc
9fe0: 76bf8f08 76bf8ef8 000167f8 00050bc0
 r4:00000000
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction