loop4: rw=1, want=132, limit=112
Buffer I/O error on dev loop4, logical block 131, lost async page write
attempt to access beyond end of device
loop4: rw=1, want=133, limit=112
Buffer I/O error on dev loop4, logical block 132, lost async page write
BUG: unable to handle kernel paging request at ffffebe000000008
attempt to access beyond end of device
PGD 0 P4D 0 
Oops: 0000 [#1] SMP KASAN
CPU: 0 PID: 9033 Comm: syz-executor7 Not tainted 4.18.0-rc8+ #185
loop4: rw=1, want=142, limit=112
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:virt_to_head_page include/linux/mm.h:657 [inline]
RIP: 0010:virt_to_cache mm/slab.c:399 [inline]
RIP: 0010:kfree+0xa0/0x260 mm/slab.c:3809
Code: 82 
Buffer I/O error on dev loop4, logical block 141, lost async page write
cb 01 00 00 48 ba 00 00 
attempt to access beyond end of device
00 80 ff 77 00 00 48 01 c2 48 89 df 48 b8 
loop4: rw=1, want=143, limit=112
00 00 00 00 00 ea ff ff 48 c1 
Buffer I/O error on dev loop4, logical block 142, lost async page write
ea 0c 48 c1 e2 06 
attempt to access beyond end of device
48 01 c2 <48> 8b 42 08 a8 01 48 8d 48 ff 48 0f 
loop4: rw=1, want=144, limit=112
45 d1 4c 8b 6a 18 49 63 75 
Buffer I/O error on dev loop4, logical block 143, lost async page write
74 
RSP: 0018:ffff88018fa9f520 EFLAGS: 00010086
RAX: ffffea0000000000 RBX: 0000000000000282 RCX: 0000000000000000
attempt to access beyond end of device
RDX: ffffebe000000000 RSI: 0000000000000000 RDI: 0000000000000282
RBP: ffff88018fa9f540 R08: ffffed003b6046d7 R09: ffffed003b6046d6
R10: ffffed003b6046d6 R11: ffff8801db0236b3 R12: 0000000000000282
R13: ffffffff867ded2a R14: ffff88018fa9f690 R15: ffff8801b35d0480
FS:  00007f9752b59700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
loop4: rw=1, want=145, limit=112
CR2: ffffebe000000008 CR3: 00000001b1ad1000 CR4: 00000000001406f0
DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
Buffer I/O error on dev loop4, logical block 144, lost async page write
 p9_client_version net/9p/client.c:1010 [inline]
 p9_client_create+0xfea/0x1770 net/9p/client.c:1070
FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
FAT-fs (loop4): Filesystem has been set read-only
 v9fs_session_init+0x21a/0x1a80 fs/9p/v9fs.c:400
 v9fs_mount+0x7c/0x900 fs/9p/vfs_super.c:135
 mount_fs+0xae/0x328 fs/super.c:1277
 vfs_kern_mount.part.34+0xdc/0x4e0 fs/namespace.c:1046
 vfs_kern_mount fs/namespace.c:1036 [inline]
 do_new_mount fs/namespace.c:2542 [inline]
 do_mount+0x581/0x30e0 fs/namespace.c:2872
 ksys_mount+0x12d/0x140 fs/namespace.c:3088
 __do_sys_mount fs/namespace.c:3102 [inline]
 __se_sys_mount fs/namespace.c:3099 [inline]
 __x64_sys_mount+0xbe/0x150 fs/namespace.c:3099
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457089
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 
RSP: 002b:00007f9752b58c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007f9752b596d4 RCX: 0000000000457089
RDX: 0000000020000340 RSI: 0000000020000600 RDI: 0000000000000000
RBP: 00000000009300a0 R08: 00000000200004c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d2310 R14: 00000000004c7a36 R15: 0000000000000000
Modules linked in:
Dumping ftrace buffer:
   (ftrace buffer empty)
CR2: ffffebe000000008
---[ end trace ed84765035deda04 ]---
RIP: 0010:virt_to_head_page include/linux/mm.h:657 [inline]
RIP: 0010:virt_to_cache mm/slab.c:399 [inline]
RIP: 0010:kfree+0xa0/0x260 mm/slab.c:3809
Code: 82 cb 01 00 00 48 ba 00 00 00 80 ff 77 00 00 48 01 c2 48 89 df 48 b8 00 00 00 00 00 ea ff ff 48 c1 ea 0c 48 c1 e2 06 48 01 c2 <48> 8b 42 08 a8 01 48 8d 48 ff 48 0f 45 d1 4c 8b 6a 18 49 63 75 74 
RSP: 0018:ffff88018fa9f520 EFLAGS: 00010086
RAX: ffffea0000000000 RBX: 0000000000000282 RCX: 0000000000000000
RDX: ffffebe000000000 RSI: 0000000000000000 RDI: 0000000000000282
RBP: ffff88018fa9f540 R08: ffffed003b6046d7 R09: ffffed003b6046d6
R10: ffffed003b6046d6 R11: ffff8801db0236b3 R12: 0000000000000282
R13: ffffffff867ded2a R14: ffff88018fa9f690 R15: ffff8801b35d0480
FS:  00007f9752b59700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffebe000000008 CR3: 00000001b1ad1000 CR4: 00000000001406f0
DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600