syz.3.3224: attempt to access beyond end of device
loop3: rw=0, sector=102, nr_sectors = 2 limit=7
ntfs3(loop3): failed to read volume at offset 0xcc00
ntfs3(loop3): failed to read volume at offset 0x2000
=====================================================
BUG: KMSAN: uninit-value in ntfs_fix_post_read fs/ntfs3/fsntfs.c:180 [inline]
BUG: KMSAN: uninit-value in ntfs_read_bh+0x238/0xc00 fs/ntfs3/fsntfs.c:1297
 ntfs_fix_post_read fs/ntfs3/fsntfs.c:180 [inline]
 ntfs_read_bh+0x238/0xc00 fs/ntfs3/fsntfs.c:1297
 mi_read+0x393/0xe10 fs/ntfs3/record.c:133
 mi_format_new+0x21f/0x910 fs/ntfs3/record.c:434
 ni_add_subrecord+0x15e/0x770 fs/ntfs3/frecord.c:321
 ntfs_look_free_mft+0xca0/0x1850 fs/ntfs3/fsntfs.c:715
 ni_ins_attr_ext+0xf7b/0x1480 fs/ntfs3/frecord.c:988
 ni_insert_attr+0x299/0xfb0 fs/ntfs3/frecord.c:1091
 ni_insert_nonresident+0x3bd/0x8d0 fs/ntfs3/frecord.c:1426
 attr_set_size+0x4319/0x6740 fs/ntfs3/attrib.c:653
 ntfs_set_size+0x222/0x330 fs/ntfs3/inode.c:862
 ntfs_fallocate+0x1a9a/0x2720 fs/ntfs3/file.c:700
 vfs_fallocate+0x949/0xaa0 fs/open.c:342
 ksys_fallocate fs/open.c:366 [inline]
 __do_sys_fallocate fs/open.c:371 [inline]
 __se_sys_fallocate fs/open.c:369 [inline]
 __x64_sys_fallocate+0x14f/0x290 fs/open.c:369
 x64_sys_call+0x2cff/0x3e30 arch/x86/include/generated/asm/syscalls_64.h:286
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 ntfs_read_run_nb+0x7cf/0x1810 fs/ntfs3/fsntfs.c:1232
 ntfs_read_bh+0x6a/0xc00 fs/ntfs3/fsntfs.c:1293
 mi_read+0x393/0xe10 fs/ntfs3/record.c:133
 mi_format_new+0x21f/0x910 fs/ntfs3/record.c:434
 ni_add_subrecord+0x15e/0x770 fs/ntfs3/frecord.c:321
 ntfs_look_free_mft+0xca0/0x1850 fs/ntfs3/fsntfs.c:715
 ni_ins_attr_ext+0xf7b/0x1480 fs/ntfs3/frecord.c:988
 ni_insert_attr+0x299/0xfb0 fs/ntfs3/frecord.c:1091
 ni_insert_nonresident+0x3bd/0x8d0 fs/ntfs3/frecord.c:1426
 attr_set_size+0x4319/0x6740 fs/ntfs3/attrib.c:653
 ntfs_set_size+0x222/0x330 fs/ntfs3/inode.c:862
 ntfs_fallocate+0x1a9a/0x2720 fs/ntfs3/file.c:700
 vfs_fallocate+0x949/0xaa0 fs/open.c:342
 ksys_fallocate fs/open.c:366 [inline]
 __do_sys_fallocate fs/open.c:371 [inline]
 __se_sys_fallocate fs/open.c:369 [inline]
 __x64_sys_fallocate+0x14f/0x290 fs/open.c:369
 x64_sys_call+0x2cff/0x3e30 arch/x86/include/generated/asm/syscalls_64.h:286
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x689/0xf00 mm/page_alloc.c:5206
 alloc_pages_mpol+0x328/0x860 mm/mempolicy.c:2416
 alloc_frozen_pages_noprof mm/mempolicy.c:2487 [inline]
 alloc_pages_noprof mm/mempolicy.c:2507 [inline]
 folio_alloc_noprof+0x109/0x360 mm/mempolicy.c:2517
 filemap_alloc_folio_noprof+0x9d/0x420 mm/filemap.c:1020
 __filemap_get_folio+0xb45/0x1930 mm/filemap.c:2012
 grow_dev_folio fs/buffer.c:1050 [inline]
 grow_buffers fs/buffer.c:1116 [inline]
 __getblk_slow fs/buffer.c:1134 [inline]
 bdev_getblk+0x25a/0xad0 fs/buffer.c:1461
 __bread_gfp+0x99/0x690 fs/buffer.c:1515
 sb_bread_unmovable include/linux/buffer_head.h:352 [inline]
 ntfs_bread fs/ntfs3/fsntfs.c:1033 [inline]
 ntfs_read_run_nb+0x6d5/0x1810 fs/ntfs3/fsntfs.c:1225
 ntfs_read_bh+0x6a/0xc00 fs/ntfs3/fsntfs.c:1293
 mi_read+0x393/0xe10 fs/ntfs3/record.c:133
 mi_format_new+0x21f/0x910 fs/ntfs3/record.c:434
 ntfs_new_inode+0xba/0x2a0 fs/ntfs3/fsntfs.c:1676
 ntfs_create_inode+0x9b9/0x56e0 fs/ntfs3/inode.c:1306
 ntfs_create+0x56/0x70 fs/ntfs3/namei.c:110
 lookup_open fs/namei.c:3796 [inline]
 open_last_lookups fs/namei.c:3895 [inline]
 path_openat+0x2d47/0x6760 fs/namei.c:4131
 do_filp_open+0x280/0x660 fs/namei.c:4161
 do_sys_openat2+0x1bb/0x2f0 fs/open.c:1437
 do_sys_open fs/open.c:1452 [inline]
 __do_sys_open fs/open.c:1460 [inline]
 __se_sys_open fs/open.c:1456 [inline]
 __x64_sys_open+0x219/0x2c0 fs/open.c:1456
 x64_sys_call+0x1843/0x3e30 arch/x86/include/generated/asm/syscalls_64.h:3
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0xfa0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 17913 Comm: syz.3.3224 Tainted: G        W           syzkaller #0 PREEMPT(none) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
=====================================================