BUG: KASAN: use-after-free in memset include/linux/string.h:337 [inline]
BUG: KASAN: use-after-free in __ext4_expand_extra_isize+0x16f/0x240 fs/ext4/inode.c:5922
Write of size 13434 at addr ffff88804a680ba0 by task syz-executor0/26013

CPU: 0 PID: 26013 Comm: syz-executor0 Not tainted 4.20.0+ #176
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113
 print_address_description.cold.5+0x9/0x1ff mm/kasan/report.c:187
EXT4-fs error (device sda1): ext4_xattr_set_entry:1602: inode #16487: comm syz-executor1: corrupted xattr entries
 kasan_report.cold.6+0x1b/0x39 mm/kasan/report.c:317
 check_memory_region_inline mm/kasan/generic.c:185 [inline]
 check_memory_region+0x13e/0x1b0 mm/kasan/generic.c:191
 memset+0x23/0x40 mm/kasan/common.c:113
 memset include/linux/string.h:337 [inline]
 __ext4_expand_extra_isize+0x16f/0x240 fs/ext4/inode.c:5922
 ext4_try_to_expand_extra_isize fs/ext4/inode.c:5974 [inline]
 ext4_mark_inode_dirty+0x8f9/0xb20 fs/ext4/inode.c:6050
EXT4-fs error (device sda1): ext4_xattr_set_entry:1602: inode #16487: comm syz-executor1: corrupted xattr entries
 ext4_unlink+0x820/0x1220 fs/ext4/namei.c:3045
EXT4-fs error (device sda1): ext4_xattr_set_entry:1602: inode #16487: comm syz-executor1: corrupted xattr entries
 vfs_unlink+0x2db/0x510 fs/namei.c:3999
 do_unlinkat+0x6cc/0xa30 fs/namei.c:4062
 __do_sys_unlink fs/namei.c:4109 [inline]
 __se_sys_unlink fs/namei.c:4107 [inline]
 __x64_sys_unlink+0x42/0x50 fs/namei.c:4107
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457c17
Code: 00 66 90 b8 58 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ed b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc922ae428 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457c17
RDX: 00007ffc922ae440 RSI: 00007ffc922ae440 RDI: 00007ffc922ae4d0
RBP: 00000000000009e0 R08: 0000000000000000 R09: 0000000000000010
R10: 000000000000000a R11: 0000000000000246 R12: 00007ffc922af560
R13: 000000000231f940 R14: 0000000000000000 R15: 0000000000000000

The buggy address belongs to the page:
page:ffffea000129a000 count:2 mapcount:0 mapping:ffff888219e13ad8 index:0x461
def_blk_aops 
flags: 0x1fffc000000203a(referenced|dirty|lru|active|private)
raw: 01fffc000000203a ffffea0001297188 ffffea0001fbcb08 ffff888219e13ad8
raw: 0000000000000461 ffff888092f2d5e8 00000002ffffffff ffff888057c1adc0
page dumped because: kasan: bad access detected
page->mem_cgroup:ffff888057c1adc0

Memory state around the buggy address:
 ffff88804a681f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff88804a681f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff88804a682000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
                   ^
 ffff88804a682080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
 ffff88804a682100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
==================================================================