==================================================================
BUG: KASAN: slab-out-of-bounds in class_equal+0x40/0x50 kernel/locking/lockdep.c:1527
Read of size 8 at addr ffff888086c64570 by task syz-executor.0/10011

CPU: 1 PID: 10011 Comm: syz-executor.0 Not tainted 5.2.0-rc4+ #26
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:

Allocated by task 9964:
 save_stack+0x23/0x90 mm/kasan/common.c:71
 set_track mm/kasan/common.c:79 [inline]
 __kasan_kmalloc mm/kasan/common.c:489 [inline]
 __kasan_kmalloc.constprop.0+0xcf/0xe0 mm/kasan/common.c:462
 kasan_kmalloc+0x9/0x10 mm/kasan/common.c:503
 __do_kmalloc mm/slab.c:3660 [inline]
 __kmalloc+0x15c/0x740 mm/slab.c:3669
 kmalloc include/linux/slab.h:552 [inline]
 kzalloc include/linux/slab.h:742 [inline]
 tomoyo_encode2.part.0+0xf5/0x400 security/tomoyo/realpath.c:44
 tomoyo_encode2 security/tomoyo/realpath.c:30 [inline]
 tomoyo_encode+0x2b/0x50 security/tomoyo/realpath.c:79
 tomoyo_realpath_from_path+0x1d3/0x7a0 security/tomoyo/realpath.c:316
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_perm+0x230/0x430 security/tomoyo/file.c:822
 tomoyo_path_symlink+0xaa/0xf0 security/tomoyo/tomoyo.c:206
 security_path_symlink+0x10a/0x170 security/security.c:1010
 do_symlinkat+0x137/0x290 fs/namei.c:4150
 __do_sys_symlink fs/namei.c:4171 [inline]
 __se_sys_symlink fs/namei.c:4169 [inline]
 __x64_sys_symlink+0x59/0x80 fs/namei.c:4169
 do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x49/0xbe

Freed by task 9964:
 save_stack+0x23/0x90 mm/kasan/common.c:71
 set_track mm/kasan/common.c:79 [inline]
 __kasan_slab_free+0x102/0x150 mm/kasan/common.c:451
 kasan_slab_free+0xe/0x10 mm/kasan/common.c:459
 __cache_free mm/slab.c:3432 [inline]
 kfree+0xcf/0x220 mm/slab.c:3755
 tomoyo_path_perm+0x24e/0x430 security/tomoyo/file.c:842
 tomoyo_path_symlink+0xaa/0xf0 security/tomoyo/tomoyo.c:206
 security_path_symlink+0x10a/0x170 security/security.c:1010
 do_symlinkat+0x137/0x290 fs/namei.c:4150
 __do_sys_symlink fs/namei.c:4171 [inline]
 __se_sys_symlink fs/namei.c:4169 [inline]
 __x64_sys_symlink+0x59/0x80 fs/namei.c:4169
 do_syscall_64+0xfd/0x680 arch/x86/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x49/0xbe

The buggy address belongs to the object at ffff888086c64500
 which belongs to the cache kmalloc-96 of size 96
The buggy address is located 16 bytes to the right of
 96-byte region [ffff888086c64500, ffff888086c64560)
The buggy address belongs to the page:
page:ffffea00021b1900 refcount:1 mapcount:0 mapping:ffff8880aa4004c0 index:0x0
flags: 0x1fffc0000000200(slab)
raw: 01fffc0000000200 ffffea00027e2d08 ffffea000292e908 ffff8880aa4004c0
raw: 0000000000000000 ffff888086c64000 0000000100000020 0000000000000000
page dumped because: kasan: bad access detected

Memory state around the buggy address:
 ffff888086c64400: 00 00 00 00 fb fb fb fb fb fb fb fb fc fc fc fc
 ffff888086c64480: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
>ffff888086c64500: f1 f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 fc fc fc fc
                                                             ^
 ffff888086c64580: 00 00 00 f3 f3 f3 f3 f3 fb fb fb fb fc fc fc fc
 ffff888086c64600: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc 00
==================================================================