------------[ cut here ]------------
kernel BUG at include/linux/scatterlist.h:187!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 25987 Comm: syz-executor.0 Not tainted 6.9.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sg_set_buf include/linux/scatterlist.h:187 [inline]
PC is at sg_init_one+0x9c/0xa8 lib/scatterlist.c:143
LR is at sg_init_table+0x2c/0x40 lib/scatterlist.c:128
pc : [<807e8658>]    lr : [<807e6a4c>]    psr: 80000013
sp : dfff59b8  ip : dfff59f0  fp : dfff59d4
r10: 00000000  r9 : ffefd004  r8 : ff7e7f1c
r7 : 00000048  r6 : dfff59d8  r5 : 83d0a2a8  r4 : ffefd004
r3 : df000000  r2 : ffffffd8  r1 : 00000000  r0 : dfff59d8
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 84d91b80  DAC: fffffffd
Register r0 information: 2-page vmalloc region starting at 0xdfff4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r1 information: NULL pointer
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab vmap_area start 83d0a2a8 pointer offset 0 size 40
Register r6 information: 2-page vmalloc region starting at 0xdfff4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r7 information: non-paged memory
Register r8 information: 0-page vmalloc region starting at 0xff7d8000 allocated at pcpu_get_vm_areas+0x0/0x12c8 mm/vmalloc.c:3064
Register r9 information: non-paged memory
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdfff4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Register r12 information: 2-page vmalloc region starting at 0xdfff4000 allocated at kernel_clone+0xac/0x3cc kernel/fork.c:2796
Process syz-executor.0 (pid: 25987, stack limit = 0xdfff4000)
Stack: (0xdfff59b8 to 0xdfff6000)
59a0:                                                       ff7e7efc 83d0a2a8
59c0: dee173ec 83d6c180 dfff5a34 dfff59d8 804c3de4 807e85c8 00000002 00000000
59e0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5a00: 00000000 00000000 00000006 10846d53 83d0a2a8 00000006 dee173ec 8444eb04
5a20: 8444eb00 8444eb00 dfff5a5c dfff5a38 804c6a28 804c3d34 dee173ec 00000001
5a40: dfff5acc 00000000 84cde000 84463e00 dfff5aac dfff5a60 804bbc04 804c68d8
5a60: 804bd128 802e27a0 dfff5a9c 00000000 00100cca 00000000 00000000 10846d53
5a80: 00000004 00000006 00100cca 00000000 00000000 dfff5acb 00000007 00000000
5aa0: dfff5b24 dfff5ab0 804bd624 804bbb68 dfff5acb 00000000 804a2124 dee173ec
5ac0: 00000005 00000005 01000001 00000000 00000000 00000000 00000000 00000000
5ae0: 00000001 00000000 dfff5ae8 dfff5ae8 818753b0 10846d53 00000406 00000001
5b00: 00000000 00000005 8444bd20 00100cca 00000000 dfff5c38 dfff5b9c dfff5b28
5b20: 804bd978 804bd46c 00000000 10846d53 00000001 dfff5c38 00000000 00000000
5b40: dfff5b74 dfff5b50 8042e9c0 8042e814 dfff5c38 8260cac8 8444bd20 20000000
5b60: 84463e00 00000000 dfff5b9c 10846d53 804bcdf8 dfff5c38 00000000 00000005
5b80: 8444bd20 84463e00 00000000 00000000 dfff5bfc dfff5ba0 8047f378 804bd91c
5ba0: 8049446c 80479d2c dfff5c6c 84cde000 00000000 00000000 00000000 847c2400
5bc0: dfff5bfc dfff5bd0 84463e00 804943f4 fe6c3003 00000095 84cde000 20000000
5be0: 8444bd20 00000000 847c2400 00000000 dfff5cac dfff5c00 80480c5c 8047f184
5c00: 81897c70 81897b5c dfff5c3c dfff5c18 8028685c 8027b094 84cde590 00000000
5c20: 00000004 10846d53 ffefd000 84cde000 dfff5c38 00000000 8444bd20 00000cc0
5c40: 00020000 20000000 20000000 00000895 841cc800 850bb940 00000500 00000000
5c60: 00000000 00000000 00000000 defc0380 00000000 00000000 defc0380 10846d53
5c80: dfff5cac 20000000 8444bd20 00000000 00000095 00000000 00000000 002d0001
5ca0: dfff5d1c dfff5cb0 8047587c 80480890 dfff5ce4 84c0e400 dfff5cfc dfff5cc8
5cc0: 00000001 dfff5e30 00000000 00200000 00040000 84cde000 847c2400 dfff5e34
5ce0: 00000000 00000000 00000000 10846d53 dfff5d4c dfff5e30 00000000 00000001
5d00: dfff5e34 847c2400 20000000 00000000 dfff5db4 dfff5d20 804769e4 804756c4
5d20: dfff5e34 dfff5e30 00000000 00000060 84cd8c00 00000060 00000001 84cd8c00
5d40: dfff5d74 dfff5d50 806d72a8 806d1fa8 00200000 00000000 20000000 847c2400
5d60: 002f0001 dfff5e34 00000001 dfff5e30 806caad0 804023a8 dfff5df4 dfff5d88
5d80: 80200b84 10846d53 dfff5dbc 847c2400 20000000 00000001 dfff5e30 dfff5e34
5da0: 00000001 000000c5 dfff5df4 dfff5db8 80477604 804768f8 dfff5e30 002d0001
5dc0: 847c2400 002d0001 00000001 10846d53 dfff5df4 847c247c 00000200 dfff5eb8
5de0: 00000001 00000001 dfff5ea4 dfff5df8 804a1848 80477590 dfff5e34 dfff5e30
5e00: 0000008b fffff000 00000000 dfff5f18 00000001 84cd8c00 dfff5e24 84f24800
5e20: 851a1348 20000000 dfff5e34 847c2400 00000001 00000000 00000000 00000000
5e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5e60: 00000000 00000000 00000000 00000000 00000000 10846d53 807ecf50 0000008b
5e80: dfff5f14 20001b00 00000261 dfff5f14 00000000 dfff5ed4 dfff5f84 dfff5ea8
5ea0: 804a1c24 804a168c 00000001 dfff5eb8 00000008 00000000 00010000 00000000
5ec0: 20004800 0000008b 00000001 00000000 00000000 20004800 0000008b 00000000
5ee0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5f00: 00000000 00000000 00000000 00000000 00000000 20000200 000000c5 00000000
5f20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5f40: 00000000 00000000 00000000 00000000 00000000 10846d53 8020316c 00000001
5f60: 00000000 0014c2d4 00000179 80200288 84cde000 00000179 dfff5fa4 dfff5f88
5f80: 804a1ca8 804a1b04 00000001 00000000 00000001 84cde000 00000000 dfff5fa8
5fa0: 80200060 804a1c88 00000001 00000000 00000261 20001880 00000001 20001b00
5fc0: 00000001 00000000 0014c2d4 00000179 7ec2e32e 7ec2e32f 003d0f00 76bae0fc
5fe0: 76badf08 76badef8 000167f8 00050bc0 60000010 00000261 00000000 00000000
Call trace: 
[<807e85bc>] (sg_init_one) from [<804c3de4>] (zswap_decompress+0xbc/0x208 mm/zswap.c:1089)
 r7:83d6c180 r6:dee173ec r5:83d0a2a8 r4:ff7e7efc
[<804c3d28>] (zswap_decompress) from [<804c6a28>] (zswap_load+0x15c/0x198 mm/zswap.c:1637)
 r9:8444eb00 r8:8444eb00 r7:8444eb04 r6:dee173ec r5:00000006 r4:83d0a2a8
[<804c68cc>] (zswap_load) from [<804bbc04>] (swap_read_folio+0xa8/0x498 mm/page_io.c:518)
 r9:84463e00 r8:84cde000 r7:00000000 r6:dfff5acc r5:00000001 r4:dee173ec
[<804bbb5c>] (swap_read_folio) from [<804bd624>] (swap_cluster_readahead+0x1c4/0x34c mm/swap_state.c:684)
 r10:00000000 r9:00000007 r8:dfff5acb r7:00000000 r6:00000000 r5:00100cca
 r4:00000006
[<804bd460>] (swap_cluster_readahead) from [<804bd978>] (swapin_readahead+0x68/0x4a8 mm/swap_state.c:904)
 r10:dfff5c38 r9:00000000 r8:00100cca r7:8444bd20 r6:00000005 r5:00000000
 r4:00000001
[<804bd910>] (swapin_readahead) from [<8047f378>] (do_swap_page+0x200/0xcc4 mm/memory.c:4046)
 r10:00000000 r9:00000000 r8:84463e00 r7:8444bd20 r6:00000005 r5:00000000
 r4:dfff5c38
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_pte_fault mm/memory.c:5301 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (__handle_mm_fault mm/memory.c:5439 [inline])
[<8047f178>] (do_swap_page) from [<80480c5c>] (handle_mm_fault+0x3d8/0x12b8 mm/memory.c:5604)
 r10:00000000 r9:847c2400 r8:00000000 r7:8444bd20 r6:20000000 r5:84cde000
 r4:00000095
[<80480884>] (handle_mm_fault) from [<8047587c>] (faultin_page mm/gup.c:958 [inline])
[<80480884>] (handle_mm_fault) from [<8047587c>] (__get_user_pages+0x1c4/0x5f8 mm/gup.c:1241)
 r10:002d0001 r9:00000000 r8:00000000 r7:00000095 r6:00000000 r5:8444bd20
 r4:20000000
[<804756b8>] (__get_user_pages) from [<804769e4>] (__get_user_pages_locked mm/gup.c:1509 [inline])
[<804756b8>] (__get_user_pages) from [<804769e4>] (__gup_longterm_locked+0xf8/0xc98 mm/gup.c:2211)
 r10:00000000 r9:20000000 r8:847c2400 r7:dfff5e34 r6:00000001 r5:00000000
 r4:dfff5e30
[<804768ec>] (__gup_longterm_locked) from [<80477604>] (pin_user_pages_remote+0x80/0xa4 mm/gup.c:3358)
 r10:000000c5 r9:00000001 r8:dfff5e34 r7:dfff5e30 r6:00000001 r5:20000000
 r4:847c2400
[<80477584>] (pin_user_pages_remote) from [<804a1848>] (process_vm_rw_single_vec mm/process_vm_access.c:106 [inline])
[<80477584>] (pin_user_pages_remote) from [<804a1848>] (process_vm_rw_core.constprop.0+0x1c8/0x478 mm/process_vm_access.c:216)
 r8:00000001 r7:00000001 r6:dfff5eb8 r5:00000200 r4:847c247c
[<804a1680>] (process_vm_rw_core.constprop.0) from [<804a1c24>] (process_vm_rw+0x12c/0x150 mm/process_vm_access.c:284)
 r10:dfff5ed4 r9:00000000 r8:dfff5f14 r7:00000261 r6:20001b00 r5:dfff5f14
 r4:0000008b
[<804a1af8>] (process_vm_rw) from [<804a1ca8>] (__do_sys_process_vm_writev mm/process_vm_access.c:304 [inline])
[<804a1af8>] (process_vm_rw) from [<804a1ca8>] (sys_process_vm_writev+0x2c/0x34 mm/process_vm_access.c:299)
 r10:00000179 r9:84cde000 r8:80200288 r7:00000179 r6:0014c2d4 r5:00000000
 r4:00000001
[<804a1c7c>] (sys_process_vm_writev) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xdfff5fa8 to 0xdfff5ff0)
5fa0:                   00000001 00000000 00000261 20001880 00000001 20001b00
5fc0: 00000001 00000000 0014c2d4 00000179 7ec2e32e 7ec2e32f 003d0f00 76bae0fc
5fe0: 76badf08 76badef8 000167f8 00050bc0
Code: 1a000004 e1822003 e8860094 e89da8f0 (e7f001f2) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	1a000004 	bne	0x18
   4:	e1822003 	orr	r2, r2, r3
   8:	e8860094 	stm	r6, {r2, r4, r7}
   c:	e89da8f0 	ldm	sp, {r4, r5, r6, r7, fp, sp, pc}
* 10:	e7f001f2 	udf	#18 <-- trapping instruction