=====================================================
BUG: KMSAN: uninit-value in __flush_smp_call_function_queue+0x343/0x1810 kernel/smp.c:549
 __flush_smp_call_function_queue+0x343/0x1810 kernel/smp.c:549
 generic_smp_call_function_single_interrupt+0x1c/0x30 kernel/smp.c:477
 __sysvec_call_function_single+0x48/0x350 arch/x86/kernel/smp.c:272
 instr_sysvec_call_function_single arch/x86/kernel/smp.c:267 [inline]
 sysvec_call_function_single+0x7c/0x90 arch/x86/kernel/smp.c:267
 asm_sysvec_call_function_single+0x1f/0x30 arch/x86/include/asm/idtentry.h:704
 kmsan_virt_addr_valid arch/x86/include/asm/kmsan.h:-1 [inline]
 virt_to_page_or_null+0x47/0x170 mm/kmsan/shadow.c:75
 kmsan_get_shadow_origin_ptr+0x35/0xb0 mm/kmsan/shadow.c:97
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:38 [inline]
 __msan_metadata_ptr_for_load_8+0x24/0x40 mm/kmsan/instrumentation.c:94
 unwind_get_return_address+0x45/0xe0 arch/x86/kernel/unwind_frame.c:19
 arch_stack_walk+0x14a/0x280 arch/x86/kernel/stacktrace.c:26
 stack_trace_save+0xc2/0x100 kernel/stacktrace.c:122
 ref_tracker_free+0xd5/0xe60 lib/ref_tracker.c:306
 __netns_tracker_free include/net/net_namespace.h:384 [inline]
 put_net_track include/net/net_namespace.h:399 [inline]
 __sk_destruct+0x5e1/0xa00 net/core/sock.c:2381
 sk_destruct net/core/sock.c:2414 [inline]
 __sk_free+0x519/0x580 net/core/sock.c:2425
 sk_free+0x71/0xc0 net/core/sock.c:2436
 sock_put include/net/sock.h:2010 [inline]
 tcp_close+0xfc/0x150 net/ipv4/tcp.c:3320
 inet_release+0x1ee/0x2a0 net/ipv4/af_inet.c:442
 inet6_release+0x75/0xe0 net/ipv6/af_inet6.c:472
 __sock_release net/socket.c:722 [inline]
 sock_close+0xd6/0x2f0 net/socket.c:1514
 __fput+0x60e/0x1010 fs/file_table.c:510
 fput_close_sync+0xbc/0x210 fs/file_table.c:615
 __do_sys_close fs/open.c:1507 [inline]
 __se_sys_close fs/open.c:1492 [inline]
 __ia32_sys_close+0xef/0x2c0 fs/open.c:1492
 ia32_sys_call+0x37cf/0x4360 arch/x86/include/generated/asm/syscalls_32.h:7
 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline]
 do_int80_emulation+0x15a/0x360 arch/x86/entry/syscall_32.c:172
 asm_int80_emulation+0x1f/0x30 arch/x86/include/asm/idtentry.h:621

Local variable iter created at:
 tdp_mmu_zap_leafs+0x52/0x6e0 arch/x86/kvm/mmu/tdp_mmu.c:983
 kvm_tdp_mmu_unmap_gfn_range+0x910/0xb50 arch/x86/kvm/mmu/tdp_mmu.c:1362

CPU: 1 UID: 0 PID: 5573 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
=====================================================