=====================================================
BUG: KMSAN: uninit-value in __flush_smp_call_function_queue+0x362/0x18e0 kernel/smp.c:535
 __flush_smp_call_function_queue+0x362/0x18e0 kernel/smp.c:535
 generic_smp_call_function_single_interrupt+0x1c/0x30 kernel/smp.c:463
 __sysvec_call_function_single+0x4b/0x3e0 arch/x86/kernel/smp.c:271
 instr_sysvec_call_function_single arch/x86/kernel/smp.c:266 [inline]
 sysvec_call_function_single+0x7c/0x90 arch/x86/kernel/smp.c:266
 asm_sysvec_call_function_single+0x1f/0x30 arch/x86/include/asm/idtentry.h:704
 smap_restore arch/x86/include/asm/smap.h:90 [inline]
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:39 [inline]
 __msan_metadata_ptr_for_load_8+0x28/0x40 mm/kmsan/instrumentation.c:94
 last_frame arch/x86/kernel/unwind_frame.c:82 [inline]
 is_last_frame arch/x86/kernel/unwind_frame.c:87 [inline]
 is_last_task_frame+0x44/0x370 arch/x86/kernel/unwind_frame.c:156
 unwind_next_frame+0x60/0x350 arch/x86/kernel/unwind_frame.c:276
 arch_stack_walk+0x1b0/0x280 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xc2/0x100 kernel/stacktrace.c:122
 kmsan_save_stack_with_flags mm/kmsan/core.c:73 [inline]
 kmsan_internal_poison_memory+0x4a/0x90 mm/kmsan/core.c:57
 kmsan_slab_alloc+0xdc/0x160 mm/kmsan/hooks.c:66
 slab_post_alloc_hook mm/slub.c:4545 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 __do_kmalloc_node mm/slub.c:5259 [inline]
 __kmalloc_node_track_caller_noprof+0x4f6/0x1750 mm/slub.c:5368
 kmalloc_reserve net/core/skbuff.c:635 [inline]
 __alloc_skb+0x90d/0x1190 net/core/skbuff.c:713
 alloc_skb include/linux/skbuff.h:1383 [inline]
 nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:819 [inline]
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:876 [inline]
 nsim_dev_trap_report_work+0x3f2/0x1430 drivers/net/netdevsim/dev.c:922
 process_one_work kernel/workqueue.c:3276 [inline]
 process_scheduled_works+0xb82/0x1e80 kernel/workqueue.c:3359
 worker_thread+0xee4/0x1590 kernel/workqueue.c:3440
 kthread+0x53f/0x600 kernel/kthread.c:436
 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Local variable iter created at:
 tdp_mmu_zap_leafs+0x52/0x6e0 arch/x86/kvm/mmu/tdp_mmu.c:983
 kvm_tdp_mmu_unmap_gfn_range+0x910/0xb50 arch/x86/kvm/mmu/tdp_mmu.c:1362

CPU: 0 UID: 0 PID: 1072 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Workqueue: events_unbound nsim_dev_trap_report_work
=====================================================