==================================================================
BUG: KASAN: use-after-free in ext4_xattr_set_entry+0x172/0x1ed6 fs/ext4/xattr.c:1593
Read of size 4 at addr ffffffe009f08004 by task syz-executor.1/6508

CPU: 1 PID: 6508 Comm: syz-executor.1 Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0
Hardware name: riscv-virtio,qemu (DT)
Call Trace:
[<ffffffff8000957e>] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:112

Allocated by task 5910:
(stack is not available)

Freed by task 5910:
(stack is not available)

The buggy address belongs to the object at ffffffe009f08000
 which belongs to the cache kmalloc-cg-1k of size 1024
The buggy address is located 4 bytes inside of
 1024-byte region [ffffffe009f08000, ffffffe009f08400)
The buggy address belongs to the page:
page:ffffffcf02284200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8a108
head:ffffffcf02284200 order:3 compound_mapcount:0 compound_pincount:0
memcg:ffffffe00e9c5101
flags: 0xffe000000010200(slab|head|node=0|zone=0|lastcpupid=0x7ff)
raw: 0ffe000000010200 0000000000000100 0000000000000122 ffffffe005604000
raw: 0000000000000000 0000000000100010 00000001ffffffff ffffffe00e9c5101
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 2010, ts 2689586128200, free_ts 2688690136500
page_owner allocation stack trace missing
page_owner free stack trace missing

Memory state around the buggy address:
 ffffffe009f07f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffffffe009f07f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffffffe009f08000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                   ^
 ffffffe009f08080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffffffe009f08100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #656: comm syz-executor.1: corrupted xattr entries
EXT4-fs error (device vda): ext4_xattr_set_entry:1596: inode #656: comm syz-executor.1: corrupted xattr entries