Re: [PATCH net] netdevsim: Initialize all fields of ip header when building dummy sk_buff

Next message: Chaitanya Sabnis: "[PATCH v3] ASoC: dt-bindings: cdns,xtfpga-i2s: Convert to dt-schema"
Previous message: Marco Felsch: "Re: [PATCH V3] dmaengine: imx-sdma: Fix SPBA bus detection on multi-SPBA platforms"
In reply to: Breno Leitao: "Re: [PATCH net] netdevsim: Initialize all fields of ip header when building dummy sk_buff"
Next in thread: Breno Leitao: "Re: [PATCH net] netdevsim: Initialize all fields of ip header when building dummy sk_buff"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Nikola Z. Ivanov

Date: Tue Apr 21 2026 - 04:57:42 EST

On 4/21/26 11:19 AM, Breno Leitao wrote:

On Tue, Apr 21, 2026 at 10:37:38AM +0300, Nikola Z. Ivanov wrote:

Syzbot reports a KMSAN uninit-value originating from
nsim_dev_trap_skb_build, with the allocation also
being performed in the same function.

The cause of the KMSAN warning is a missing assignment of
the tos and id fields of the ip header.

Fix this by calling skb_put_zero instead of skb_put to
guarantee null initialization.
Additionally remove the now redundant zero assignments
and reorder the remaining ones so that they more closely
match the order of the fields as they appear in the ip header.

Closes: https://syzkaller.appspot.com/bug?extid=23d7fcd204e3837866ff

How do you check in the report above that the missig un-initialized
fields are "tos" and "id"?

Thanks for the fix,
--breno

Hi Breno,

I don't think it is visible here, my guess would
be because the checksum calculator walks the
header in small chunks instead of referencing
its fields.

The whole "KMSAN: uninit-value in irqentry_exit_to_kernel_mode_preempt"
doesn't really sound quite right.

Thank you!