From: Eric Dumazet <eduma...@google.com>
Date: Wed, 19 Jun 2019 09:38:38 -0700
> KMSAN caught uninit-value in tcp_create_openreq_child() [1]
> This is caused by a recent change, combined by the fact
> that TCP cleared num_timeout, num_retrans and sk fields only
> when a request socket was about to be queued.
>
> Under syncookie mode, a temporary request socket is used,
> and req->num_timeout could contain garbage.
>
> Lets clear these three fields sooner, there is really no
> point trying to defer this and risk other bugs.
>
> [1]
>
> BUG: KMSAN: uninit-value in tcp_create_openreq_child+0x157f/0x1cc0
> net/ipv4/tcp_minisocks.c:526
...
> Fixes: 336c39a03151 ("tcp: undo init congestion window on false SYNACK
> timeout")
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Cc: Yuchung Cheng <ych...@google.com>
> Cc: Neal Cardwell <ncardw...@google.com>
> Cc: Soheil Hassas Yeganeh <soh...@google.com>
> Reported-by: syzbot <syzkal...@googlegroups.com>
Applied, thanks Eric.
