FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
FAT-fs (loop1): Filesystem has been set read-only
------------[ cut here ]------------
kernel BUG at fs/buffer.c:605!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 0 PID: 16574 Comm: syz-executor.2 Not tainted 4.14.171-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
encrypted_key: insufficient parameters specified
task: ffff88804f084380 task.stack: ffff888048b10000
RIP: 0010:mark_buffer_dirty_inode fs/buffer.c:605 [inline]
RIP: 0010:mark_buffer_dirty_inode+0x2d8/0x3a0 fs/buffer.c:596
RSP: 0018:ffff888048b179f0 EFLAGS: 00010246
RAX: 0000000000040000 RBX: ffff88809615e1f8 RCX: ffffc90009a42000
RDX: 0000000000040000 RSI: ffffffff8196c9a8 RDI: ffff88807ee75ef8
RBP: ffff88807ee75d98 R08: 0000000000000001 R09: 0000000000000002
R10: ffff88804f084c50 R11: ffff88804f084380 R12: ffff888083850620
R13: 0000000000000000 R14: dffffc0000000000 R15: ffff88805bcbacc0
FS:  00007f2cb7b87700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000625208 CR3: 000000008ca8c000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 fat_mirror_bhs+0x279/0x420 fs/fat/fatent.c:397
 fat_ent_write+0xf8/0x190 fs/fat/fatent.c:422
 fat_chain_add+0x3da/0x550 fs/fat/misc.c:128
 fat_add_cluster+0x9d/0xc0 fs/fat/inode.c:105
 fat_fallocate+0x242/0x2e0 fs/fat/file.c:267
netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
 vfs_fallocate+0x346/0x790 fs/open.c:319
 ioctl_preallocate+0x132/0x1a0 fs/ioctl.c:481
 file_ioctl fs/ioctl.c:497 [inline]
 do_vfs_ioctl+0xd90/0xfe0 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c479
RSP: 002b:00007f2cb7b86c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f2cb7b876d4 RCX: 000000000045c479
RDX: 0000000020000000 RSI: 0000000040305828 RDI: 0000000000000004
RBP: 000000000076bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000321 R14: 00000000004c5459 R15: 000000000076bf2c
Code: fa 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 4d 48 89 6b 58 4c 89 ef e8 02 3f a9 04 e9 20 fe ff ff e8 28 7c c3 ff <0f> 0b 4c 89 ff e8 0e d1 ec ff e9 05 fe ff ff e8 04 d1 ec ff e9 
RIP: mark_buffer_dirty_inode fs/buffer.c:605 [inline] RSP: ffff888048b179f0
RIP: mark_buffer_dirty_inode+0x2d8/0x3a0 fs/buffer.c:596 RSP: ffff888048b179f0
---[ end trace fcafacae24196cdb ]---