veth1_macvtap: left promiscuous mode
veth0_macvtap: left promiscuous mode
veth1_vlan: left promiscuous mode
veth0_vlan: left promiscuous mode
8<--- cut here ---
Unable to handle kernel paging request at virtual address 6576616c when write
[6576616c] *pgd=80000080005003, *pmd=00000000
Internal error: Oops: a06 [#1] SMP ARM
Modules linked in:
CPU: 0 UID: 0 PID: 347 Comm: kworker/u8:0 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT 
Hardware name: ARM-Versatile Express
Workqueue: netns cleanup_net
PC is at __rb_erase_augmented include/linux/rbtree_augmented.h:251 [inline]
PC is at rb_erase+0x2f4/0x394 lib/rbtree.c:443
LR is at 0x0
pc : [<81a3fdfc>]    lr : [<00000000>]    psr: 60000113
sp : eb121b10  ip : eb121b28  fp : eb121b24
r10: 00000000  r9 : 8534b600  r8 : 00000004
r7 : 850aec80  r6 : 00000001  r5 : 851e6848  r4 : 851e6800
r3 : 64697262  r2 : 6576616c  r1 : 850aecb4  r0 : 851e6868
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 875fffc0  DAC: fffffffd
Register r0 information: slab kmalloc-128 start 851e6800 pointer offset 104 size 128
Register r1 information: slab kmalloc-128 start 850aec80 pointer offset 52 size 128
Register r2 information: non-paged memory
Register r3 information: non-paged memory
Register r4 information: slab kmalloc-128 start 851e6800 pointer offset 0 size 128
Register r5 information: slab kmalloc-128 start 851e6800 pointer offset 72 size 128
Register r6 information: non-paged memory
Register r7 information: slab kmalloc-128 start 850aec80 pointer offset 0 size 128
Register r8 information: non-paged memory
Register r9 information: slab net_namespace start 8534b600 pointer offset 0 size 3456
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xeb120000 allocated at kernel_clone+0xac/0x3e4 kernel/fork.c:2844
Register r12 information: 2-page vmalloc region starting at 0xeb120000 allocated at kernel_clone+0xac/0x3e4 kernel/fork.c:2844
Process kworker/u8:0 (pid: 347, stack limit = 0xeb120000)
Stack: (0xeb121b10 to 0xeb122000)
1b00:                                     851e6800 851e6848 eb121b64 eb121b28
1b20: 80610e64 81a3fb14 0000000c 60000113 dddcc99c 60000113 00000000 d9a94c6d
1b40: 854f5804 84e9a200 854f5804 00000001 851e6800 00000011 eb121ba4 eb121b68
1b60: 80610e98 80610da0 eb121bac 84750400 85144000 82aca2a8 00000000 d9a94c6d
1b80: eb121ba4 84e9a200 00000000 8534b600 00000019 84fbf000 eb121bbc eb121ba8
1ba0: 80610f68 80610da0 854f5800 00000000 eb121bcc eb121bc0 81980d2c 80610f4c
1bc0: eb121be4 eb121bd0 8155c728 81980d28 854f6c00 00000000 eb121c14 eb121be8
1be0: 818041e0 8155c70c 00000000 81a554b0 854f6c00 854f6c00 854f6b84 00000000
1c00: 00000000 854f6c00 eb121c7c eb121c18 8180514c 81804188 8022ced4 8022be3c
1c20: 8534b600 84e16000 00000001 854f6d48 eb121c30 eb121c30 815e342c 00000000
1c40: 00000000 d9a94c6d 81a5bf34 d9a94c6d eb121c84 84e16000 854f6c00 8534b600
1c60: 00000006 8180b2c8 85144000 eb121d90 eb121ccc eb121c80 8180b360 81804abc
1c80: eb121c9c eb121c90 eb121ccc eb121c98 eb121ccc eb121ca0 816e9670 d9a94c6d
1ca0: 81c00000 829e5764 829e490c ffffffd1 00000000 8180b2c8 85144000 eb121d90
1cc0: eb121d04 eb121cd0 802926d4 8180b2d4 838b5400 00000006 eb121d04 eb121d90
1ce0: 00000006 8534b600 00000000 851f4340 85144000 00000000 eb121d1c eb121d08
1d00: 8029290c 80292680 00000000 802da2e4 eb121d44 eb121d20 8154bde4 802928f8
1d20: 8043a2b0 d9a94c6d eb121d44 000000c0 84e16000 00000001 eb121ddc eb121d48
1d40: 81557318 8154bd9c 00000000 00000000 00000000 00000000 00000000 80505530
1d60: 82c1f94c 82c20734 829d251c 00000000 00000000 00000000 838b5400 eb121e08
1d80: 81557a1c 00000000 eb121d88 eb121d88 84e16000 00000000 eb121ddc eb121da8
1da0: 81557a1c 808c888c 00000000 d9a94c6d eb121ddc 8534b5fc 8534b6f8 eb121e70
1dc0: 82c1f980 eb121e90 829d1ec4 eb121e70 eb121e54 eb121de0 815586f4 81556dd8
1de0: eb121dfc eb121df0 81a5be40 eb121e90 8534b600 8241ea90 81a4e914 81a5be20
1e00: 8534b5fc 61c88647 8388b10c 84cbe10c 8122b044 00000000 00000000 00000000
1e20: 00000000 d9a94c6d eb121e54 829d2584 eb121e90 829d2584 eb121e90 829d1ec4
1e40: 829d1ec4 844b6c00 eb121e74 eb121e58 81539f10 815583fc 829d2584 82c1f940
1e60: 829d1e80 eb121e90 eb121ed4 eb121e78 8153c370 81539eb8 81a5bf34 8029ce24
1e80: 82c1f940 829d1e80 808c9ab0 81539f14 8534b620 8534b620 00000100 00000122
1ea0: 00000000 d9a94c6d 81c01f84 84ed6780 829d1e98 8301bc00 8300e600 838b5400
1ec0: 8301bc15 8300f070 eb121f2c eb121ed8 802873bc 8153c0cc 81c01a44 838b5400
1ee0: eb121f14 eb121ef0 829d1e9c 829d1e98 829d1e9c 829d1e98 eb121f2c 00000000
1f00: 80282cf8 84ed6780 8300e620 8300e600 82804d40 84ed67ac 838b5400 61c88647
1f20: eb121f6c eb121f30 80288004 80287214 81a5bf34 8029ce24 eb121f6c eb121f48
1f40: 8028eb98 00000001 838b5400 84ed6180 f3139e60 80287e08 84ed6780 00000000
1f60: eb121fac eb121f70 8028f07c 80287e14 80274ea8 81a5bebc 838b5400 d9a94c6d
1f80: eb121fac 8458ec80 8028ef50 00000000 00000000 00000000 00000000 00000000
1fa0: 00000000 eb121fb0 80200114 8028ef5c 00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
Call trace: 
[<81a3fb08>] (rb_erase) from [<80610e64>] (erase_entry fs/proc/proc_sysctl.c:189 [inline])
[<81a3fb08>] (rb_erase) from [<80610e64>] (erase_header fs/proc/proc_sysctl.c:225 [inline])
[<81a3fb08>] (rb_erase) from [<80610e64>] (start_unregistering fs/proc/proc_sysctl.c:322 [inline])
[<81a3fb08>] (rb_erase) from [<80610e64>] (drop_sysctl_table+0xd0/0x1ac fs/proc/proc_sysctl.c:1514)
 r5:851e6848 r4:851e6800
[<80610d94>] (drop_sysctl_table) from [<80610e98>] (drop_sysctl_table+0x104/0x1ac fs/proc/proc_sysctl.c:1521)
 r8:00000011 r7:851e6800 r6:00000001 r5:854f5804 r4:84e9a200
[<80610d94>] (drop_sysctl_table) from [<80610f68>] (unregister_sysctl_table fs/proc/proc_sysctl.c:1539 [inline])
[<80610d94>] (drop_sysctl_table) from [<80610f68>] (unregister_sysctl_table+0x28/0x38 fs/proc/proc_sysctl.c:1531)
 r8:84fbf000 r7:00000019 r6:8534b600 r5:00000000 r4:84e9a200
[<80610f40>] (unregister_sysctl_table) from [<81980d2c>] (unregister_net_sysctl_table+0x10/0x14 net/sysctl_net.c:177)
 r5:00000000 r4:854f5800
[<81980d1c>] (unregister_net_sysctl_table) from [<8155c728>] (neigh_sysctl_unregister+0x28/0x34 net/core/neighbour.c:3814)
[<8155c700>] (neigh_sysctl_unregister) from [<818041e0>] (addrconf_sysctl_unregister+0x64/0x6c net/ipv6/addrconf.c:7308)
 r5:00000000 r4:854f6c00
[<8180417c>] (addrconf_sysctl_unregister) from [<8180514c>] (addrconf_ifdown+0x69c/0x764 net/ipv6/addrconf.c:4010)
 r8:854f6c00 r7:00000000 r6:00000000 r5:854f6b84 r4:854f6c00
[<81804ab0>] (addrconf_ifdown) from [<8180b360>] (addrconf_notify+0x98/0x770 net/ipv6/addrconf.c:3780)
 r10:eb121d90 r9:85144000 r8:8180b2c8 r7:00000006 r6:8534b600 r5:854f6c00
 r4:84e16000
[<8180b2c8>] (addrconf_notify) from [<802926d4>] (notifier_call_chain+0x60/0x1b4 kernel/notifier.c:85)
 r10:eb121d90 r9:85144000 r8:8180b2c8 r7:00000000 r6:ffffffd1 r5:829e490c
 r4:829e5764
[<80292674>] (notifier_call_chain) from [<8029290c>] (raw_notifier_call_chain+0x20/0x28 kernel/notifier.c:453)
 r10:00000000 r9:85144000 r8:851f4340 r7:00000000 r6:8534b600 r5:00000006
 r4:eb121d90
[<802928ec>] (raw_notifier_call_chain) from [<8154bde4>] (call_netdevice_notifiers_info+0x54/0xa0 net/core/dev.c:2176)
[<8154bd90>] (call_netdevice_notifiers_info) from [<81557318>] (call_netdevice_notifiers_extack net/core/dev.c:2214 [inline])
[<8154bd90>] (call_netdevice_notifiers_info) from [<81557318>] (call_netdevice_notifiers net/core/dev.c:2228 [inline])
[<8154bd90>] (call_netdevice_notifiers_info) from [<81557318>] (unregister_netdevice_many_notify+0x54c/0xbc4 net/core/dev.c:11970)
 r6:00000001 r5:84e16000 r4:000000c0
[<81556dcc>] (unregister_netdevice_many_notify) from [<815586f4>] (unregister_netdevice_many net/core/dev.c:12034 [inline])
[<81556dcc>] (unregister_netdevice_many_notify) from [<815586f4>] (default_device_exit_batch+0x304/0x384 net/core/dev.c:12528)
 r10:eb121e70 r9:829d1ec4 r8:eb121e90 r7:82c1f980 r6:eb121e70 r5:8534b6f8
 r4:8534b5fc
[<815583f0>] (default_device_exit_batch) from [<81539f10>] (ops_exit_list+0x64/0x68 net/core/net_namespace.c:177)
 r10:844b6c00 r9:829d1ec4 r8:829d1ec4 r7:eb121e90 r6:829d2584 r5:eb121e90
 r4:829d2584
[<81539eac>] (ops_exit_list) from [<8153c370>] (cleanup_net+0x2b0/0x49c net/core/net_namespace.c:654)
 r7:eb121e90 r6:829d1e80 r5:82c1f940 r4:829d2584
[<8153c0c0>] (cleanup_net) from [<802873bc>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r10:8300f070 r9:8301bc15 r8:838b5400 r7:8300e600 r6:8301bc00 r5:829d1e98
 r4:84ed6780
[<80287208>] (process_one_work) from [<80288004>] (process_scheduled_works kernel/workqueue.c:3319 [inline])
[<80287208>] (process_one_work) from [<80288004>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3400)
 r10:61c88647 r9:838b5400 r8:84ed67ac r7:82804d40 r6:8300e600 r5:8300e620
 r4:84ed6780
[<80287e08>] (worker_thread) from [<8028f07c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:84ed6780 r8:80287e08 r7:f3139e60 r6:84ed6180 r5:838b5400
 r4:00000001
[<8028ef50>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeb121fb0 to 0xeb121ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8028ef50
 r4:8458ec80
Code: 089da830 e58e3000 e89da830 e5903000 (e5823000) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	089da830 	ldmeq	sp, {r4, r5, fp, sp, pc}
   4:	e58e3000 	str	r3, [lr]
   8:	e89da830 	ldm	sp, {r4, r5, fp, sp, pc}
   c:	e5903000 	ldr	r3, [r0]
* 10:	e5823000 	str	r3, [r2] <-- trapping instruction