raw_sendmsg: syz-executor0 forgot to set AF_INET. Fix it! ================================================================== BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:344 [inline] BUG: KASAN: slab-out-of-bounds in sha3_update+0xdf/0x2e0 crypto/sha3_generic.c:161 Write of size 192 at addr ffff8801c56e4afc by task syz-executor7/3678 CPU: 1 PID: 3678 Comm: syz-executor7 Not tainted 4.15.0-rc5+ #237 BUG: unable to handle kernel paging request at ffff8801d2515000 IP: memset_erms+0x9/0x10 arch/x86/lib/memset_64.S:65 PGD 7e7f067 P4D 7e7f067 PUD 1d9c50063 PMD 1d4533063 PTE 80000001d2515161 Oops: 0003 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 0 PID: 3689 Comm: syz-executor7 Not tainted 4.15.0-rc5+ #237 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:memset_erms+0x9/0x10 arch/x86/lib/memset_64.S:65 RSP: 0018:ffff8801bfd2f9b8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff8801ced4dc3d RCX: 00000000fc838b78 RDX: 00000000ffffff3b RSI: 0000000000000000 RDI: ffff8801d2515000 RBP: ffff8801bfd2f9d8 R08: ffffed0039da9b87 R09: ffff8801ced4dc3d R10: 0000000000000001 R11: ffffed0059da9b6e R12: 00000000ffffff3b R13: 0000000000000000 R14: 00000000000000c5 R15: 0000000000000000 FS: 00007f688d342700(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffff8801d2515000 CR3: 00000001c40f6001 CR4: 00000000001606f0 Call Trace: memset include/linux/string.h:329 [inline] sha3_final+0xeb/0x2e0 crypto/sha3_generic.c:173 crypto_shash_final+0xe2/0x220 crypto/shash.c:145 hmac_final+0x16c/0x2b0 crypto/hmac.c:135 crypto_shash_final+0xe2/0x220 crypto/shash.c:145 kdf_ctr security/keys/dh.c:189 [inline] keyctl_dh_compute_kdf security/keys/dh.c:226 [inline] __keyctl_dh_compute+0x18d5/0x1990 security/keys/dh.c:398 keyctl_dh_compute+0xac/0xf3 security/keys/dh.c:434 SYSC_keyctl security/keys/keyctl.c:1741 [inline] SyS_keyctl+0x72/0x2c0 security/keys/keyctl.c:1637 entry_SYSCALL_64_fastpath+0x1f/0x96 RIP: 0033:0x452ac9 RSP: 002b:00007f688d341c58 EFLAGS: 00000212 ORIG_RAX: 00000000000000fa RAX: ffffffffffffffda RBX: 00007f688d342700 RCX: 0000000000452ac9 RDX: 0000000020454000 RSI: 00000000204c8ff4 RDI: 0000000000000017 RBP: 0000000000a2f870 R08: 00000000206b0000 R09: 0000000000000000 R10: 0000000000000030 R11: 0000000000000212 R12: 0000000000000000 R13: 0000000000a2f7ef R14: 00007f688d3429c0 R15: 0000000000000008 Code: 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 aa 4c 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 RIP: memset_erms+0x9/0x10 arch/x86/lib/memset_64.S:65 RSP: ffff8801bfd2f9b8 CR2: ffff8801d2515000 ---[ end trace ac8362330affd1ce ]---