==================================================================
BUG: KASAN: slab-out-of-bounds in ____bpf_clone_redirect net/core/filter.c:1768 [inline]
BUG: KASAN: slab-out-of-bounds in bpf_clone_redirect+0x2a7/0x2b0 net/core/filter.c:1759
Read of size 8 at addr ffff8881ca107710 by task syz-executor.3/20853

CPU: 0 PID: 20853 Comm: syz-executor.3 Not tainted 4.14.155-syzkaller #0
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xe5/0x154 lib/dump_stack.c:58
 print_address_description+0x60/0x226 mm/kasan/report.c:187
 __kasan_report.cold+0x1a/0x41 mm/kasan/report.c:316
 ____bpf_clone_redirect net/core/filter.c:1768 [inline]
 bpf_clone_redirect+0x2a7/0x2b0 net/core/filter.c:1759
 ___bpf_prog_run+0x2478/0x5510 kernel/bpf/core.c:1095

Allocated by task 0:
(stack is not available)

Freed by task 0:
(stack is not available)

The buggy address belongs to the object at ffff8881ca107640
 which belongs to the cache skbuff_head_cache of size 224
The buggy address is located 208 bytes inside of
 224-byte region [ffff8881ca107640, ffff8881ca107720)
The buggy address belongs to the page:
page:ffffea00072841c0 count:1 mapcount:0 mapping:          (null) index:0x0
flags: 0x4000000000000200(slab)
raw: 4000000000000200 0000000000000000 0000000000000000 00000001800c000c
raw: dead000000000100 dead000000000200 ffff8881dab70200 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff8881ca107600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff8881ca107680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff8881ca107700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
                         ^
 ffff8881ca107780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff8881ca107800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================