oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=10259,uid=0
Memory cgroup out of memory: Killed process 10288 (syz-executor.0) total-vm:33812kB, anon-rss:0kB, file-rss:640kB, shmem-rss:0kB, UID:0 pgtables:36kB oom_score_adj:1000
------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 1 PID: 7128 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8518>]    lr : [<807e690c>]    psr: 80000113
sp : dfdc5ad0  ip : dfdc5b08  fp : dfdc5aec
r10: 00000000  r9 : ffedc004  r8 : ff7fbf1c
r7 : 000000f9  r6 : dfdc5af0  r5 : 83d27a50  r4 : ffedc004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : dfdc5af0
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 8ce41a00  DAC: 00000000
Register r0 information: 2-page vmalloc region starting at 0xdfdc4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 83d27a50 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdfdc4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdfdc4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdfdc4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.0 (pid: 7128, stack limit = 0xdfdc4000)
Stack: (0xdfdc5ad0 to 0xdfdc6000)
5ac0:                                     ff7fbefc 83d27a50 ded97b50 83831040
5ae0: dfdc5b4c dfdc5af0 804c3dd4 807e8488 00000002 00000000 00000000 00000000
5b00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5b20: 00000024 8b70280f 83d27a50 00000024 ded97b50 848d6a84 848d6a80 848d6a80
5b40: dfdc5b74 dfdc5b50 804c6a18 804c3d24 ded97b50 00000000 dfdc5be4 00000000
5b60: 83490000 84998d00 dfdc5bc4 dfdc5b78 804bbbf4 804c68c8 804bd118 802e2798
5b80: 00000000 00000000 00100cca 00000000 00000000 8b70280f 00000000 00000024
5ba0: 00100cca 00000000 00000000 dfdc5be3 00000027 00000000 dfdc5c3c dfdc5bc8
5bc0: 804bd614 804bbb58 dfdc5be3 00000000 018e9ada ded97b50 00000025 00000025
5be0: 01676e80 00000000 00000000 00000000 00000000 00000000 00000001 00000000
5c00: dfdc5c00 dfdc5c00 81875270 8b70280f 00000406 00000001 00000000 00000025
5c20: 849ebf00 00100cca 00000000 dfdc5d50 dfdc5cb4 dfdc5c40 804bd968 804bd45c
5c40: 00000000 8b70280f dfdc5cb8 dfdc5d50 00000000 00000000 dfdc5c8c dfdc5c68
5c60: 8042e9b0 8042e804 dfdc5d50 8260cac8 849ebf00 76b95000 84998d00 00000000
5c80: dfdc5cb4 8b70280f 804bcde8 dfdc5d50 00000000 00000025 849ebf00 84998d00
5ca0: 00000000 00000000 dfdc5d14 dfdc5cb8 8047f368 804bd90c 8049445c 80479d1c
5cc0: dfdc5d84 83490000 00000000 00000000 76b95000 840a2a00 dfdc5d14 dfdc5ce8
5ce0: 84998d00 804943e4 99824003 00000214 83490000 76b95000 849ebf00 76b95000
5d00: 840a2a00 00000000 dfdc5dc4 dfdc5d18 80480c4c 8047f174 840a2a40 ffffffff
5d20: dfdc5d88 76b95ae8 81c66394 8c9bf00c 840a2a40 76b76000 76b95fff 8c9bf00c
5d40: 00000000 ffffffff dfdc5d50 dfdc5e48 849ebf00 00000cc0 00076b95 76b95000
5d60: 76b95000 00000a14 a610fda8 8ce41a08 00002580 00000000 00000000 00000000
5d80: 00000000 de18f524 00000000 00000000 dfdc5dc4 8b70280f 80480308 dfdc5e48
5da0: 76b95ae8 00000214 00000207 76b95000 840a2a00 00000007 dfdc5e0c dfdc5dc8
5dc0: 80215d94 80480880 8029d41c 8029686c 003d80d0 84ac9000 00000000 83490000
5de0: 07fc447d 8261d0e0 00000207 76b95ae8 dfdc5e48 80215c4c 83490000 003d0f00
5e00: dfdc5e44 dfdc5e10 802161dc 80215c58 81897018 81898398 00dccadc 01ffffff
5e20: dfdc5e7c 81848bcc 00000113 ffffffff dfdc5e7c 00000000 dfdc5f44 dfdc5e48
5e40: 80200ae4 802161b0 dfdc5ed0 76b95ae8 ffffffe8 00000000 83490000 dfdc5ee0
5e60: dfdc5fb0 76b95ae0 00000000 83490000 003d0f00 dfdc5f44 00000018 dfdc5e94
5e80: 80426ddc 81848bcc 00000113 ffffffff 8089c028 dfdc5ee0 dfdc5fb0 00000000
5ea0: 83490000 dfdc5ed0 00000008 00000000 83490000 80426ddc 8189a8e8 8027cb3c
5ec0: 00000000 840a2a00 00016910 00000000 00000000 00000000 00000000 ddde4280
5ee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5f00: 8027caf4 83490000 dfdc5fb0 00000000 83490000 8b70280f 83490000 83490000
5f20: dfdc5fb0 00000000 83490000 00000000 83490000 003d0f00 dfdc5fac dfdc5f48
5f40: 8020bc18 80426c54 80307668 802fd80c 00000000 81a04f98 dfdc5fa4 dfdc5f68
5f60: 803097bc 80307618 00000001 00000000 1dcd6500 00000000 80255e5c 8b70280f
5f80: 83490000 8b70280f 00016910 20000010 ffffffff 83490000 00000000 83490000
5fa0: 00000000 dfdc5fb0 80200088 8020bb2c ffffffff 00000004 000001b0 00000000
5fc0: 00000000 00000000 00000000 00000000 7e95d32e 7e95d32f 003d0f00 76b950fc
5fe0: 200013d0 200013d0 00016910 00016910 20000010 ffffffff 00000000 00000000
Call trace: 
[<807e847c>] (sg_init_one) from [<804c3dd4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:83831040 r6:ded97b50 r5:83d27a50 r4:ff7fbefc
[<804c3d18>] (zswap_decompress) from [<804c6a18>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:848d6a80 r8:848d6a80 r7:848d6a84 r6:ded97b50 r5:00000024 r4:83d27a50
[<804c68bc>] (zswap_load) from [<804bbbf4>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:84998d00 r8:83490000 r7:00000000 r6:dfdc5be4 r5:00000000 r4:ded97b50
[<804bbb4c>] (swap_read_folio) from [<804bd614>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000027 r8:dfdc5be3 r7:00000000 r6:00000000 r5:00100cca
 r4:00000024
[<804bd450>] (swap_cluster_readahead) from [<804bd968>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:dfdc5d50 r9:00000000 r8:00100cca r7:849ebf00 r6:00000025 r5:00000000
 r4:00000001
[<804bd900>] (swapin_readahead) from [<8047f368>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:84998d00 r7:849ebf00 r6:00000025 r5:00000000
 r4:dfdc5d50
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:840a2a00 r8:76b95000 r7:849ebf00 r6:76b95000 r5:83490000
 r4:00000214
[<80480874>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000007 r9:840a2a00 r8:76b95000 r7:00000207 r6:00000214 r5:76b95ae8
 r4:dfdc5e48
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:003d0f00 r9:83490000 r8:80215c4c r7:dfdc5e48 r6:76b95ae8 r5:00000207
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xdfdc5e48 to 0xdfdc5e90)
5e40:                   dfdc5ed0 76b95ae8 ffffffe8 00000000 83490000 dfdc5ee0
5e60: dfdc5fb0 76b95ae0 00000000 83490000 003d0f00 dfdc5f44 00000018 dfdc5e94
5e80: 80426ddc 81848bcc 00000113 ffffffff
 r8:00000000 r7:dfdc5e7c r6:ffffffff r5:00000113 r4:81848bcc
[<80426c48>] (__rseq_handle_notify_resume) from [<8020bc18>] (rseq_handle_notify_resume include/linux/rseq.h:38 [inline])
[<80426c48>] (__rseq_handle_notify_resume) from [<8020bc18>] (resume_user_mode_work include/linux/resume_user_mode.h:62 [inline])
[<80426c48>] (__rseq_handle_notify_resume) from [<8020bc18>] (do_work_pending+0xf8/0x4c0 arch/arm/kernel/signal.c:631)
 r10:003d0f00 r9:83490000 r8:00000000 r7:83490000 r6:00000000 r5:dfdc5fb0
 r4:83490000
[<8020bb20>] (do_work_pending) from [<80200088>] (slow_work_pending+0xc/0x24)
Exception stack(0xdfdc5fb0 to 0xdfdc5ff8)
5fa0:                                     ffffffff 00000004 000001b0 00000000
5fc0: 00000000 00000000 00000000 00000000 7e95d32e 7e95d32f 003d0f00 76b950fc
5fe0: 200013d0 200013d0 00016910 00016910 20000010 ffffffff
 r9:83490000 r8:00000000 r7:83490000 r6:ffffffff r5:20000010 r4:00016910
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction