erofs (device loop2): readahead error at folio 2 @ nid 89
erofs (device loop2): failed to decompress (lz4) unexpected end of stream @ pa 4096 size 4096 => 8192
erofs (device loop2): read error -117 @ 1 of nid 89
=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:131 [inline]
BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]
BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:30 [inline]
BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:302 [inline]
BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:330 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_iter+0xef3/0x3400 lib/iov_iter.c:197
 instrument_copy_to_user include/linux/instrumented.h:131 [inline]
 copy_to_user_iter lib/iov_iter.c:24 [inline]
 iterate_ubuf include/linux/iov_iter.h:30 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:302 [inline]
 iterate_and_advance include/linux/iov_iter.h:330 [inline]
 _copy_to_iter+0xef3/0x3400 lib/iov_iter.c:197
 copy_page_to_iter+0x482/0x900 lib/iov_iter.c:374
 copy_folio_to_iter include/linux/uio.h:204 [inline]
 filemap_read+0xd03/0x2300 mm/filemap.c:2851
 erofs_file_read_iter+0x2ef/0x360 fs/erofs/data.c:441
 new_sync_read fs/read_write.c:493 [inline]
 vfs_read+0x8ec/0xf90 fs/read_write.c:574
 ksys_read+0x1d9/0x470 fs/read_write.c:717
 __do_sys_read fs/read_write.c:726 [inline]
 __se_sys_read fs/read_write.c:724 [inline]
 __x64_sys_read+0x97/0xf0 fs/read_write.c:724
 x64_sys_call+0x311c/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:1
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

<Zero or more stacks not recorded to save memory>

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:407 [inline]
 LZ4_decompress_safe_partial+0x1f78/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_runqueue+0x33ba/0x3660 fs/erofs/zdata.c:1811
 z_erofs_read_folio+0x4c6/0x9a0 fs/erofs/zdata.c:1893
 filemap_read_folio mm/filemap.c:2496 [inline]
 filemap_update_page mm/filemap.c:2583 [inline]
 filemap_get_pages+0x30ad/0x3d30 mm/filemap.c:2713
 filemap_read+0x5d2/0x2300 mm/filemap.c:2800
 erofs_file_read_iter+0x2ef/0x360 fs/erofs/data.c:441
 __kernel_read+0x7e0/0xe20 fs/read_write.c:532
 integrity_kernel_read+0x77/0x90 security/integrity/iint.c:28
 ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:480 [inline]
 ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline]
 ima_calc_file_hash+0x1795/0x4030 security/integrity/ima/ima_crypto.c:568
 ima_collect_measurement+0x463/0xe80 security/integrity/ima/ima_api.c:294
 process_measurement+0x2d10/0x4170 security/integrity/ima/ima_main.c:407
 ima_file_check+0x91/0xd0 security/integrity/ima/ima_main.c:667
 security_file_post_open+0xbb/0x510 security/security.c:2652
 do_open fs/namei.c:4673 [inline]
 path_openat+0x587d/0x64c0 fs/namei.c:4830
 do_file_open+0x2aa/0x680 fs/namei.c:4859
 do_sys_openat2+0x163/0x380 fs/open.c:1366
 do_sys_open fs/open.c:1372 [inline]
 __do_sys_openat fs/open.c:1388 [inline]
 __se_sys_openat fs/open.c:1383 [inline]
 __x64_sys_openat+0x240/0x300 fs/open.c:1383
 x64_sys_call+0x2445/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:406 [inline]
 LZ4_decompress_safe_partial+0x1f42/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_runqueue+0x33ba/0x3660 fs/erofs/zdata.c:1811
 z_erofs_read_folio+0x4c6/0x9a0 fs/erofs/zdata.c:1893
 filemap_read_folio mm/filemap.c:2496 [inline]
 filemap_update_page mm/filemap.c:2583 [inline]
 filemap_get_pages+0x30ad/0x3d30 mm/filemap.c:2713
 filemap_read+0x5d2/0x2300 mm/filemap.c:2800
 erofs_file_read_iter+0x2ef/0x360 fs/erofs/data.c:441
 __kernel_read+0x7e0/0xe20 fs/read_write.c:532
 integrity_kernel_read+0x77/0x90 security/integrity/iint.c:28
 ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:480 [inline]
 ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline]
 ima_calc_file_hash+0x1795/0x4030 security/integrity/ima/ima_crypto.c:568
 ima_collect_measurement+0x463/0xe80 security/integrity/ima/ima_api.c:294
 process_measurement+0x2d10/0x4170 security/integrity/ima/ima_main.c:407
 ima_file_check+0x91/0xd0 security/integrity/ima/ima_main.c:667
 security_file_post_open+0xbb/0x510 security/security.c:2652
 do_open fs/namei.c:4673 [inline]
 path_openat+0x587d/0x64c0 fs/namei.c:4830
 do_file_open+0x2aa/0x680 fs/namei.c:4859
 do_sys_openat2+0x163/0x380 fs/open.c:1366
 do_sys_open fs/open.c:1372 [inline]
 __do_sys_openat fs/open.c:1388 [inline]
 __se_sys_openat fs/open.c:1383 [inline]
 __x64_sys_openat+0x240/0x300 fs/open.c:1383
 x64_sys_call+0x2445/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:405 [inline]
 LZ4_decompress_safe_partial+0x1f0a/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_runqueue+0x33ba/0x3660 fs/erofs/zdata.c:1811
 z_erofs_read_folio+0x4c6/0x9a0 fs/erofs/zdata.c:1893
 filemap_read_folio mm/filemap.c:2496 [inline]
 filemap_update_page mm/filemap.c:2583 [inline]
 filemap_get_pages+0x30ad/0x3d30 mm/filemap.c:2713
 filemap_read+0x5d2/0x2300 mm/filemap.c:2800
 erofs_file_read_iter+0x2ef/0x360 fs/erofs/data.c:441
 __kernel_read+0x7e0/0xe20 fs/read_write.c:532
 integrity_kernel_read+0x77/0x90 security/integrity/iint.c:28
 ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:480 [inline]
 ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline]
 ima_calc_file_hash+0x1795/0x4030 security/integrity/ima/ima_crypto.c:568
 ima_collect_measurement+0x463/0xe80 security/integrity/ima/ima_api.c:294
 process_measurement+0x2d10/0x4170 security/integrity/ima/ima_main.c:407
 ima_file_check+0x91/0xd0 security/integrity/ima/ima_main.c:667
 security_file_post_open+0xbb/0x510 security/security.c:2652
 do_open fs/namei.c:4673 [inline]
 path_openat+0x587d/0x64c0 fs/namei.c:4830
 do_file_open+0x2aa/0x680 fs/namei.c:4859
 do_sys_openat2+0x163/0x380 fs/open.c:1366
 do_sys_open fs/open.c:1372 [inline]
 __do_sys_openat fs/open.c:1388 [inline]
 __se_sys_openat fs/open.c:1383 [inline]
 __x64_sys_openat+0x240/0x300 fs/open.c:1383
 x64_sys_call+0x2445/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:408 [inline]
 LZ4_decompress_safe_partial+0x1fae/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_decompressqueue_work+0x67/0x90 fs/erofs/zdata.c:1422
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb21/0x1e30 kernel/workqueue.c:3358
 worker_thread+0xede/0x1580 kernel/workqueue.c:3439
 kthread+0x53f/0x600 kernel/kthread.c:467
 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:407 [inline]
 LZ4_decompress_safe_partial+0x1f78/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_decompressqueue_work+0x67/0x90 fs/erofs/zdata.c:1422
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb21/0x1e30 kernel/workqueue.c:3358
 worker_thread+0xede/0x1580 kernel/workqueue.c:3439
 kthread+0x53f/0x600 kernel/kthread.c:467
 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:406 [inline]
 LZ4_decompress_safe_partial+0x1f42/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_decompressqueue_work+0x67/0x90 fs/erofs/zdata.c:1422
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb21/0x1e30 kernel/workqueue.c:3358
 worker_thread+0xede/0x1580 kernel/workqueue.c:3439
 kthread+0x53f/0x600 kernel/kthread.c:467
 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was stored to memory at:
 LZ4_decompress_generic lib/lz4/lz4_decompress.c:405 [inline]
 LZ4_decompress_safe_partial+0x1f0a/0x2180 lib/lz4/lz4_decompress.c:472
 __z_erofs_lz4_decompress fs/erofs/decompressor.c:229 [inline]
 z_erofs_lz4_decompress+0x2434/0x2890 fs/erofs/decompressor.c:282
 z_erofs_decompress_pcluster fs/erofs/zdata.c:1297 [inline]
 z_erofs_decompress_queue+0x3183/0x6a20 fs/erofs/zdata.c:1410
 z_erofs_decompressqueue_work+0x67/0x90 fs/erofs/zdata.c:1422
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb21/0x1e30 kernel/workqueue.c:3358
 worker_thread+0xede/0x1580 kernel/workqueue.c:3439
 kthread+0x53f/0x600 kernel/kthread.c:467
 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was created at:
 __alloc_frozen_pages_noprof+0x6f7/0x1020 mm/page_alloc.c:5272
 alloc_pages_mpol+0x328/0x860 mm/mempolicy.c:2485
 alloc_frozen_pages_noprof mm/mempolicy.c:2556 [inline]
 alloc_pages_noprof mm/mempolicy.c:2576 [inline]
 folio_alloc_noprof+0x108/0x360 mm/mempolicy.c:2586
 filemap_alloc_folio_noprof+0xd9/0x480 mm/filemap.c:1013
 ractl_alloc_folio mm/readahead.c:189 [inline]
 ra_alloc_folio mm/readahead.c:449 [inline]
 page_cache_ra_order+0x897/0x16f0 mm/readahead.c:515
 page_cache_sync_ra+0xb96/0x11b0 mm/readahead.c:629
 filemap_get_pages+0xcb2/0x3d30 mm/filemap.c:2690
 filemap_read+0x5d2/0x2300 mm/filemap.c:2800
 erofs_file_read_iter+0x2ef/0x360 fs/erofs/data.c:441
 __kernel_read+0x7e0/0xe20 fs/read_write.c:532
 integrity_kernel_read+0x77/0x90 security/integrity/iint.c:28
 ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:480 [inline]
 ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline]
 ima_calc_file_hash+0x1795/0x4030 security/integrity/ima/ima_crypto.c:568
 ima_collect_measurement+0x463/0xe80 security/integrity/ima/ima_api.c:294
 process_measurement+0x2d10/0x4170 security/integrity/ima/ima_main.c:407
 ima_file_check+0x91/0xd0 security/integrity/ima/ima_main.c:667
 security_file_post_open+0xbb/0x510 security/security.c:2652
 do_open fs/namei.c:4673 [inline]
 path_openat+0x587d/0x64c0 fs/namei.c:4830
 do_file_open+0x2aa/0x680 fs/namei.c:4859
 do_sys_openat2+0x163/0x380 fs/open.c:1366
 do_sys_open fs/open.c:1372 [inline]
 __do_sys_openat fs/open.c:1388 [inline]
 __se_sys_openat fs/open.c:1383 [inline]
 __x64_sys_openat+0x240/0x300 fs/open.c:1383
 x64_sys_call+0x2445/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Bytes 3928-3946 of 4073 are uninitialized
Memory access of size 4073 starts at ffff88805f172000
Data copied to user address 0000200000000600

CPU: 1 UID: 0 PID: 6242 Comm: syz.2.96 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
=====================================================