==================================================================
BUG: KASAN: use-after-free in ifname_compare_aligned include/linux/netfilter/x_tables.h:369 [inline]
BUG: KASAN: use-after-free in ip6_packet_match net/ipv6/netfilter/ip6_tables.c:89 [inline]
BUG: KASAN: use-after-free in ip6t_do_table+0x1545/0x1860 net/ipv6/netfilter/ip6_tables.c:333
Read of size 8 at addr ffff8801d5328000 by task syz-executor.4/14938

CPU: 0 PID: 14938 Comm: syz-executor.4 Not tainted 4.9.194+ #0
 ffff88019b3ef058 ffffffff81b67001 0000000000000000 ffffea000754ca00
 ffff8801d5328000 0000000000000008 ffffffff82795bb5 ffff88019b3ef090
 ffffffff8150c4f1 0000000000000000 ffff8801d5328000 ffff8801d5328000
Call Trace:
 [<000000004fecb3ce>] __dump_stack lib/dump_stack.c:15 [inline]
 [<000000004fecb3ce>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<000000003f64f71d>] print_address_description+0x6f/0x23a mm/kasan/report.c:256
 [<0000000098a260e4>] kasan_report_error mm/kasan/report.c:355 [inline]
 [<0000000098a260e4>] kasan_report mm/kasan/report.c:413 [inline]
 [<0000000098a260e4>] kasan_report.cold+0x8c/0x2ba mm/kasan/report.c:397
 [<000000008542b446>] __asan_report_load8_noabort+0x14/0x20 mm/kasan/report.c:434
 [<0000000078385348>] ifname_compare_aligned include/linux/netfilter/x_tables.h:369 [inline]
 [<0000000078385348>] ip6_packet_match net/ipv6/netfilter/ip6_tables.c:89 [inline]
 [<0000000078385348>] ip6t_do_table+0x1545/0x1860 net/ipv6/netfilter/ip6_tables.c:333
 [<0000000079a99f18>] ip6t_mangle_out net/ipv6/netfilter/ip6table_mangle.c:63 [inline]
 [<0000000079a99f18>] ip6table_mangle_hook+0x2dc/0x6d0 net/ipv6/netfilter/ip6table_mangle.c:85
 [<0000000043dd8ccc>] nf_iterate+0x12e/0x310 net/netfilter/core.c:324
 [<00000000655fa55b>] nf_hook_slow+0x114/0x1f0 net/netfilter/core.c:355
 [<000000001a9927a0>] nf_hook_thresh include/linux/netfilter.h:191 [inline]
 [<000000001a9927a0>] nf_hook include/linux/netfilter.h:203 [inline]
 [<000000001a9927a0>] __ip6_local_out+0x498/0x630 net/ipv6/output_core.c:166
 [<000000001e9ba26d>] ip6_local_out+0x29/0x180 net/ipv6/output_core.c:176
 [<00000000be3028ad>] ip6_send_skb+0xa2/0x340 net/ipv6/ip6_output.c:1753
 [<0000000038024a8c>] udp_v6_send_skb+0x438/0xe90 net/ipv6/udp.c:974
 [<0000000058a35785>] udp_v6_push_pending_frames+0x245/0x360 net/ipv6/udp.c:1007
 [<000000005c900eea>] udpv6_sendmsg+0x19b0/0x2430 net/ipv6/udp.c:1273
 [<000000006abcef0e>] inet_sendmsg+0x202/0x4d0 net/ipv4/af_inet.c:766
 [<000000000824756f>] sock_sendmsg_nosec net/socket.c:649 [inline]
 [<000000000824756f>] sock_sendmsg+0xbe/0x110 net/socket.c:659
 [<0000000019a2e05b>] ___sys_sendmsg+0x387/0x8b0 net/socket.c:1983
 [<00000000fd77a270>] __sys_sendmmsg+0x164/0x3d0 net/socket.c:2073
 [<00000000694cdc85>] SYSC_sendmmsg net/socket.c:2104 [inline]
 [<00000000694cdc85>] SyS_sendmmsg+0x35/0x60 net/socket.c:2099
 [<000000004e07d924>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288
 [<00000000a5caf9a6>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

The buggy address belongs to the page:
page:ffffea000754ca00 count:0 mapcount:-127 mapping:          (null) index:0x0
flags: 0x4000000000000000()
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff8801d5327f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff8801d5327f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff8801d5328000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                   ^
 ffff8801d5328080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff8801d5328100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================