==================================================================
BUG: KASAN: use-after-free in ext4_xattr_set_entry+0x172/0x1ed6 fs/ext4/xattr.c:1593
Read of size 4 at addr ffffffe00d77dffe by task syz-executor.0/8946

CPU: 0 PID: 8946 Comm: syz-executor.0 Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0
Hardware name: riscv-virtio,qemu (DT)
Call Trace:
[<ffffffff8000957e>] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:112

The buggy address belongs to the page:
page:ffffffcf02365f40 refcount:2 mapcount:0 mapping:ffffffe005b61380 index:0xb8 pfn:0x8d97d
memcg:ffffffe005754000
aops:def_blk_aops ino:fd00000
flags: 0xffe00000000203a(referenced|dirty|lru|active|private|node=0|zone=0|lastcpupid=0x7ff)
raw: 0ffe00000000203a ffffffcf02365f08 ffffffcf02365fc8 ffffffe005b61380
raw: 00000000000000b8 ffffffe005bf51d0 00000002ffffffff ffffffe005754000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x108c40(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL), pid 1, ts 65907486700, free_ts 0
page_owner allocation stack trace missing
page_owner free stack trace missing

Memory state around the buggy address:
 ffffffe00d77df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffffffe00d77df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffffffe00d77e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                   ^
 ffffffe00d77e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
 ffffffe00d77e100: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
==================================================================
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #640: comm syz-executor.0: corrupted xattr entries