=====================================================
BUG: KMSAN: uninit-value in __flush_smp_call_function_queue+0x343/0x1810 kernel/smp.c:549
 __flush_smp_call_function_queue+0x343/0x1810 kernel/smp.c:549
 generic_smp_call_function_single_interrupt+0x1c/0x30 kernel/smp.c:477
 __sysvec_call_function_single+0x48/0x350 arch/x86/kernel/smp.c:272
 instr_sysvec_call_function_single arch/x86/kernel/smp.c:267 [inline]
 sysvec_call_function_single+0x7c/0x90 arch/x86/kernel/smp.c:267
 asm_sysvec_call_function_single+0x1f/0x30 arch/x86/include/asm/idtentry.h:704
 __preempt_count_dec_and_test arch/x86/include/asm/preempt.h:95 [inline]
 rcu_read_unlock_sched include/linux/rcupdate.h:963 [inline]
 pfn_valid include/linux/mmzone.h:2291 [inline]
 kmsan_virt_addr_valid arch/x86/include/asm/kmsan.h:94 [inline]
 virt_to_page_or_null+0x14c/0x170 mm/kmsan/shadow.c:75
 kmsan_get_metadata+0xf1/0x160 mm/kmsan/shadow.c:141
 kmsan_get_shadow_origin_ptr+0x4a/0xb0 mm/kmsan/shadow.c:102
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:38 [inline]
 __msan_metadata_ptr_for_load_8+0x24/0x40 mm/kmsan/instrumentation.c:94
 __unwind_start+0x385/0x530 arch/x86/kernel/unwind_frame.c:416
 unwind_start arch/x86/include/asm/unwind.h:64 [inline]
 arch_stack_walk+0xfc/0x280 arch/x86/kernel/stacktrace.c:24
 stack_trace_save+0xc2/0x100 kernel/stacktrace.c:122
 kmsan_save_stack_with_flags mm/kmsan/core.c:73 [inline]
 kmsan_internal_poison_memory+0x4a/0x90 mm/kmsan/core.c:57
 kmsan_slab_free+0xce/0x140 mm/kmsan/hooks.c:87
 slab_free_hook mm/slub.c:2615 [inline]
 slab_free mm/slub.c:6251 [inline]
 kfree+0x315/0x1100 mm/slub.c:6566
 skb_kfree_head net/core/skbuff.c:1075 [inline]
 skb_free_head+0xaf/0x610 net/core/skbuff.c:1087
 skb_release_data+0x106b/0x1140 net/core/skbuff.c:1114
 skb_release_all net/core/skbuff.c:1189 [inline]
 __kfree_skb+0x6b/0x260 net/core/skbuff.c:1203
 consume_skb+0x86/0x260 net/core/skbuff.c:1436
 nsim_dev_trap_report drivers/net/netdevsim/dev.c:892 [inline]
 nsim_dev_trap_report_work+0x1055/0x1420 drivers/net/netdevsim/dev.c:922
 process_one_work kernel/workqueue.c:3314 [inline]
 process_scheduled_works+0xb65/0x1e40 kernel/workqueue.c:3397
 worker_thread+0xee4/0x1590 kernel/workqueue.c:3478
 kthread+0x53a/0x5f0 kernel/kthread.c:436
 ret_from_fork+0x20f/0x8d0 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Local variable cycles.i created at:
 clockevent_set_next_coupled kernel/time/clockevents.c:309 [inline]
 clockevents_program_event+0x178/0x830 kernel/time/clockevents.c:360
 tick_program_event+0xfb/0x190 kernel/time/tick-oneshot.c:48

CPU: 0 UID: 0 PID: 1085 Comm: kworker/u8:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Workqueue: events_unbound nsim_dev_trap_report_work
=====================================================