WARNING in pskb_expand

WARNING in pskb_expand_head
Status: upstream: reported C repro on 2021/01/24 20:51
Reported-by: syzbot+a1c17e56a8a62294c714@syzkaller.appspotmail.com
First crash: 280d, last: 5d17h

Cause bisection: introduced by (bisect log) :
commit 3226b158e67cfaa677fd180152bfb28989cb2fac
Author: Eric Dumazet <edumazet@google.com>
Date: Wed Jan 13 16:18:19 2021 +0000

net: avoid 32 x truesize under-estimation for tiny skbs

Crash: WARNING in pskb_expand_head (log)
Repro: C syz .config

Sample crash report:

RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000001bbbbbb
R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000
------------[ cut here ]------------
WARNING: CPU: 1 PID: 8703 at mm/page_alloc.c:4976 __alloc_pages_nodemask+0x5f8/0x730 mm/page_alloc.c:5011
Modules linked in:
CPU: 1 PID: 8703 Comm: syz-executor857 Not tainted 5.11.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__alloc_pages_nodemask+0x5f8/0x730 mm/page_alloc.c:4976
Code: 00 00 0c 00 0f 85 a7 00 00 00 8b 3c 24 4c 89 f2 44 89 e6 c6 44 24 70 00 48 89 6c 24 58 e8 d0 d7 ff ff 49 89 c5 e9 ea fc ff ff <0f> 0b e9 b5 fd ff ff 89 74 24 14 4c 89 4c 24 08 4c 89 74 24 18 e8
RSP: 0018:ffffc90001ecf910 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 1ffff920003d9f26 RCX: 0000000000000000
RDX: 0000000000000000 RSI: dffffc0000000000 RDI: 0000000000060a20
RBP: 0000000000020a20 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff86f1be3c R11: 0000000000000000 R12: 0000000000000012
R13: 0000000020010300 R14: 0000000000060a20 R15: 0000000000000000
FS:  0000000001148880(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000006d5090 CR3: 000000001d414000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __alloc_pages include/linux/gfp.h:511 [inline]
 __alloc_pages_node include/linux/gfp.h:524 [inline]
 alloc_pages_node include/linux/gfp.h:538 [inline]
 kmalloc_large_node+0x60/0x110 mm/slub.c:3984
 __kmalloc_node_track_caller+0x319/0x3f0 mm/slub.c:4481
 __kmalloc_reserve net/core/skbuff.c:150 [inline]
 pskb_expand_head+0xae9/0x1050 net/core/skbuff.c:1632
 __skb_grow include/linux/skbuff.h:2748 [inline]
 tun_napi_alloc_frags drivers/net/tun.c:1377 [inline]
 tun_get_user+0x1f52/0x3690 drivers/net/tun.c:1730
 tun_chr_write_iter+0xe1/0x1d0 drivers/net/tun.c:1926
 call_write_iter include/linux/fs.h:1901 [inline]
 new_sync_write+0x426/0x650 fs/read_write.c:518
 vfs_write+0x791/0xa30 fs/read_write.c:605
 ksys_write+0x12d/0x250 fs/read_write.c:658
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4440a9
Code: e8 6c 05 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fffdb5a8e08 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004440a9
RDX: 000000002001016f RSI: 0000000020000380 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000001bbbbbb
R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff
R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000

Crashes (76):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-bpf-next-kasan-gce	2021/01/20 21:48	bpf-next	7d68e3828842	d4f4eca5	.config	log	report	syz	C		WARNING in pskb_expand_head
ci-upstream-kasan-gce-root	2021/08/25 14:58	upstream	6e764bcd1cf7	b599f2fc	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/08/25 01:20	upstream	6e764bcd1cf7	b599f2fc	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/08/18 01:55	upstream	794c7931a242	a2fe1cb5	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/07/26 15:58	upstream	ff1176468d36	fd511809	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/06/29 06:24	upstream	233a806b00e3	9d2ab5df	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-root	2021/06/18 05:16	upstream	fd0aa1a4567d	aba2b2fb	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-root	2021/05/26 18:59	upstream	ad9f25d33860	54f0bcf1	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-root	2021/04/19 07:48	upstream	bf05bf16c76b	7e2b734b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/04/18 18:25	upstream	c98ff1d013d2	7e2b734b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/04/10 04:58	upstream	17e7124aad76	6a81331a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-root	2021/03/30 20:17	upstream	1e43c377a79f	6a81331a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/02/19 22:05	upstream	f40ddce88593	f689d40a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-kasan-gce-smack-root	2021/02/18 02:31	upstream	f40ddce88593	14052202	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/10/22 22:00	bpf	1acfe7c9b44b	282f03fb	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/10/21 05:13	bpf	6020e87c1373	f111d03b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-this-kasan-gce	2021/09/27 14:58	net	763716a55cb1	78494d16	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/09/13 16:07	bpf	57f780f1c433	3ce60af8	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/08/31 19:40	bpf	57f780f1c433	7eb7e152	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/08/16 22:22	bpf	3776f3517ed9	33c26cb7	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/08/13 20:33	bpf	3776f3517ed9	3fd2ea69	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/08/06 15:14	bpf	a02215ce72a3	f9e341e3	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/07/17 08:21	bpf	a6c39de76d70	f115ae98	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-this-kasan-gce	2021/07/15 17:51	net	3ffd3dad4b5d	b9a2f64e	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-this-kasan-gce	2021/07/15 15:04	net	3ffd3dad4b5d	b9a2f64e	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/07/06 17:54	bpf	2620e92ae6ed	6c4484eb	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/06/30 16:33	bpf	d6765985a42a	84fd4c77	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/06/24 19:01	bpf	c2f5c57d99de	ec865f6a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-this-kasan-gce	2021/06/24 04:31	net	7c2becf7968b	fe4ab389	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/06/05 01:54	bpf	1a8024239dac	966a236b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/05/25 15:55	bpf	a8deba8547e3	3c7fef33	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/05/25 15:53	bpf	a8deba8547e3	3c7fef33	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/05/18 01:39	bpf	d0c0fe10ce6d	a343ba6b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/04/10 13:41	bpf	afd0be729953	bfeda1b1	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/02/19 22:00	bpf	57baf8cc70ea	f689d40a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/02/10 15:45	bpf	b8776f14a470	2bd9619f	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-kasan-gce	2021/02/01 17:42	bpf	06cc6e5dc659	e6b95f32	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/10/15 18:25	bpf-next	431bfb9ee3e2	0c5d9412	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/10/12 02:33	bpf-next	431bfb9ee3e2	838e7e2c	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/10/06 22:10	bpf-next	9d0578722391	62ee0987	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-kasan-gce	2021/10/02 07:06	net-next	20ab39d13e2e	db0f5787	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/10/01 00:32	bpf-next	e68ac0082787	1d849ab4	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-kasan-gce	2021/09/26 21:59	net-next	d59bdda85eb7	78494d16	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/27 01:19	bpf-next	48b2e71c2e53	b318694d	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/17 14:00	bpf-next	1bda52f80471	33c26cb7	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/16 19:11	bpf-next	fa183a86eefd	33c26cb7	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/14 04:35	bpf-next	faff1cca3b8b	2489ab88	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/10 03:02	bpf-next	6aab1c81b98a	6972b106	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/08 07:33	bpf-next	c83ae15dc947	6972b106	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/05 22:23	bpf-next	372642ea83ff	d2d6e680	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/08/05 08:25	bpf-next	372642ea83ff	7f7bb950	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/07/25 03:45	bpf-next	2b7e9f25e590	4d1b57d4	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/06/23 17:59	bpf-next	4b9718b5a201	aba2b2fb	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/06/19 23:30	bpf-next	f42cfb469f9b	aba2b2fb	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/06/14 05:16	bpf-next	ca16b429f39b	1ba81399	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/05/30 02:43	bpf-next	e8e0f0f48478	325a8dab	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/05/29 21:36	bpf-next	e8e0f0f48478	325a8dab	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/05/18 05:07	bpf-next	f18ba26da88a	a343ba6b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/05/11 21:39	bpf-next	f4cceb783169	b3c3bb8e	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/04/16 03:44	bpf-next	d3d93e34bd98	c59079a6	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/04/09 16:33	bpf-next	92d3bff28aa4	6a81331a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-kasan-gce	2021/03/30 17:49	net-next	37f368d8d09d	6a81331a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/03/30 17:32	bpf-next	7aae231ac93b	6a81331a	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-net-kasan-gce	2021/02/27 09:46	net-next	d310ec03a34e	4c37c133	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/02/27 01:35	bpf-next	a7d24d9582f8	4c37c133	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/02/23 20:04	bpf-next	6b12bb20aeb3	fcc6d71b	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/02/18 02:21	bpf-next	7b1e385c9a48	14052202	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/02/10 15:56	bpf-next	ee5cc0363ea0	2bd9619f	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/01/26 14:11	bpf-next	190d1c921ad0	52e37319	.config	log	report			info	WARNING in pskb_expand_head
ci-upstream-bpf-next-kasan-gce	2021/01/20 20:42	bpf-next	7d68e3828842	d4f4eca5	.config	log	report			info	WARNING in pskb_expand_head