------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 5717 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8648>]    lr : [<807e6a3c>]    psr: 80000113
sp : e00b1b70  ip : e00b1ba8  fp : e00b1b8c
r10: 00000000  r9 : ffefd004  r8 : ff7e7f1c
r7 : 00000035  r6 : e00b1b90  r5 : 851e2348  r4 : ffefd004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : e00b1b90
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 84cac680  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xe00b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 851e2348 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xe00b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xe00b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xe00b0000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.0 (pid: 5717, stack limit = 0xe00b0000)
Stack: (0xe00b1b70 to 0xe00b2000)
1b60:                                     ff7e7efc 851e2348 def3fc9c 82f7ce40
1b80: e00b1bec e00b1b90 804c3dd4 807e85b8 00000002 00000000 00000000 00000000
1ba0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1bc0: 00000002 1676165d 851e2348 00000002 def3fc9c 8427b584 8427b580 8427b580
1be0: e00b1c14 e00b1bf0 804c6a18 804c3d24 def3fc9c 00000001 e00b1c84 00000000
1c00: 8370bc00 84801700 e00b1c64 e00b1c18 804bbbf4 804c68c8 804bd118 802e2798
1c20: 00000000 00000000 00100cca 00000000 00000000 1676165d 00000000 00000002
1c40: 00100cca 00000000 00000000 e00b1c83 00000007 00000000 e00b1cdc e00b1c68
1c60: 804bd614 804bbb58 e00b1c83 00000000 00000000 def3fc9c 00000002 00000002
1c80: 01000000 00000000 00000000 00000000 00000000 00000000 00000001 00000000
1ca0: e00b1ca0 e00b1ca0 818753b0 1676165d 00000406 00000001 00000000 00000002
1cc0: 83fa22a0 00100cca 00000000 e00b1df0 e00b1d54 e00b1ce0 804bd968 804bd45c
1ce0: 00000000 1676165d 00000001 e00b1df0 00000000 00000000 e00b1d2c e00b1d08
1d00: 8042e9b0 8042e804 e00b1df0 8260cac8 83fa22a0 20000000 84801700 00000000
1d20: e00b1d54 1676165d 804bcde8 e00b1df0 00000000 00000002 83fa22a0 84801700
1d40: 00000000 00000000 e00b1db4 e00b1d58 8047f368 804bd90c 8049445c 80479d1c
1d60: e00b1e24 8370bc00 00000000 00000000 20000000 840bf300 e00b1db4 e00b1d88
1d80: 84801700 804943e4 fe40e003 00000215 8370bc00 20000000 83fa22a0 20000000
1da0: 840bf300 00000000 e00b1e64 e00b1db8 80480c4c 8047f174 840bf340 ffffffff
1dc0: e00b1e28 20000000 81c66394 84b0090c 840bf340 20000000 20ffffff 84b0090c
1de0: 00000000 ffffffff e00b1df0 e00b1ee8 83fa22a0 00000cc0 00020000 20000000
1e00: 20000000 00000a15 851f0800 84cac680 00000280 00000000 00000000 00000000
1e20: 00000000 defba20c 00000000 00000000 e00b1e64 1676165d 80480308 e00b1ee8
1e40: 20000000 00000215 00000a07 20000000 840bf300 00000002 e00b1eac e00b1e68
1e60: 80215d94 80480880 802a0498 00000000 00000000 1676165d e00b1eac 8370bc00
1e80: e00b1eb4 8261d0e0 00000a07 20000000 e00b1ee8 80215c4c 8370bc00 0000002b
1ea0: e00b1ee4 e00b1eb0 802161dc 80215c58 e00b1ecc e00b1ec0 818a387c 8027b094
1ec0: e00b1f14 81849118 00000013 ffffffff e00b1f1c 00000009 e00b1fa4 e00b1ee8
1ee0: 80200ae4 802161b0 20000000 e00b1f7c fffffff0 00000000 8370bc00 20000000
1f00: 00000000 00000000 00000009 00000000 0000002b e00b1fa4 00000010 e00b1f34
1f20: 00000000 81849118 00000013 ffffffff 8089c158 20000000 00000000 00000000
1f40: 00000000 20000000 00000010 00000000 8370bc00 8025e6bc 00000000 00000000
1f60: 05aa3f30 00000000 0006b3f0 00000000 00000009 00000000 00000000 1676165d
1f80: 00000000 00000000 0014c2c0 0000002b 80200288 8370bc00 00000000 e00b1fa8
1fa0: 80200060 8025e5f4 00000000 00000000 20000000 00000000 00000000 00000000
1fc0: 00000000 00000000 0014c2c0 0000002b 7ed3d32e 7ed3d32f 003d0f00 76b040fc
1fe0: 76b03f08 76b03ef8 000167f8 00050bc0 60000010 20000000 00000000 00000000
Call trace: 
[<807e85ac>] (sg_init_one) from [<804c3dd4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:82f7ce40 r6:def3fc9c r5:851e2348 r4:ff7e7efc
[<804c3d18>] (zswap_decompress) from [<804c6a18>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:8427b580 r8:8427b580 r7:8427b584 r6:def3fc9c r5:00000002 r4:851e2348
[<804c68bc>] (zswap_load) from [<804bbbf4>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:84801700 r8:8370bc00 r7:00000000 r6:e00b1c84 r5:00000001 r4:def3fc9c
[<804bbb4c>] (swap_read_folio) from [<804bd614>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:e00b1c83 r7:00000000 r6:00000000 r5:00100cca
 r4:00000002
[<804bd450>] (swap_cluster_readahead) from [<804bd968>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:e00b1df0 r9:00000000 r8:00100cca r7:83fa22a0 r6:00000002 r5:00000000
 r4:00000001
[<804bd900>] (swapin_readahead) from [<8047f368>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:84801700 r7:83fa22a0 r6:00000002 r5:00000000
 r4:e00b1df0
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f168>] (do_swap_page) from [<80480c4c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:840bf300 r8:20000000 r7:83fa22a0 r6:20000000 r5:8370bc00
 r4:00000215
[<80480874>] (handle_mm_fault) from [<80215d94>] (do_page_fault+0x148/0x3a8 arch/arm/mm/fault.c:333)
 r10:00000002 r9:840bf300 r8:20000000 r7:00000a07 r6:00000215 r5:20000000
 r4:e00b1ee8
[<80215c4c>] (do_page_fault) from [<802161dc>] (do_DataAbort+0x38/0xa8 arch/arm/mm/fault.c:565)
 r10:0000002b r9:8370bc00 r8:80215c4c r7:e00b1ee8 r6:20000000 r5:00000a07
 r4:8261d0e0
[<802161a4>] (do_DataAbort) from [<80200ae4>] (__dabt_svc+0x44/0x60 arch/arm/kernel/entry-armv.S:212)
Exception stack(0xe00b1ee8 to 0xe00b1f30)
1ee0:                   20000000 e00b1f7c fffffff0 00000000 8370bc00 20000000
1f00: 00000000 00000000 00000009 00000000 0000002b e00b1fa4 00000010 e00b1f34
1f20: 00000000 81849118 00000013 ffffffff
 r8:00000009 r7:e00b1f1c r6:ffffffff r5:00000013 r4:81849118
[<8025e5e8>] (sys_times) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xe00b1fa8 to 0xe00b1ff0)
1fa0:                   00000000 00000000 20000000 00000000 00000000 00000000
1fc0: 00000000 00000000 0014c2c0 0000002b 7ed3d32e 7ed3d32f 003d0f00 76b040fc
1fe0: 76b03f08 76b03ef8 000167f8 00050bc0
 r9:8370bc00 r8:80200288 r7:0000002b r6:0014c2c0 r5:00000000 r4:00000000
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction