fbnic-err: bad TWQ descriptor ordering, previous: 0 current 0
[  634.760935][ T2875] ==================================================================
[  634.761239][ T2875] BUG: KASAN: wild-memory-access in _copy_to_iter+0x1c7/0x1260
[  634.761508][ T2875] Read of size 982 at addr 0005088000000000 by task ncdevmem/2875
[  634.761760][ T2875] 
[  634.761850][ T2875] CPU: 3 UID: 0 PID: 2875 Comm: ncdevmem Not tainted 6.17.0-rc4-virtme #1 PREEMPT(full) 
[  634.761855][ T2875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014
[  634.761857][ T2875] Call Trace:
[  634.761860][ T2875]  <TASK>
[  634.761861][ T2875]  dump_stack_lvl+0x82/0xc0
[  634.761869][ T2875]  ? _copy_to_iter+0x1c7/0x1260
[  634.761871][ T2875]  kasan_report+0xca/0x100
[  634.761878][ T2875]  ? _copy_to_iter+0x1c7/0x1260
[  634.761883][ T2875]  kasan_check_range+0x39/0x1b0
[  634.761887][ T2875]  _copy_to_iter+0x1c7/0x1260
[  634.761891][ T2875]  ? find_held_lock+0x2b/0x80
[  634.761897][ T2875]  ? _copy_from_iter_flushcache+0x1470/0x1470
[  634.761901][ T2875]  ? mark_held_locks+0x49/0x70
[  634.761905][ T2875]  ? finish_task_switch.isra.0+0x245/0x960
[  634.761910][ T2875]  ? finish_task_switch.isra.0+0x2a3/0x960
[  634.761915][ T2875]  __skb_datagram_iter+0x439/0x770
[  634.761920][ T2875]  ? skb_free_datagram+0x20/0x20
[  634.761924][ T2875]  ? validate_chain+0x15e/0x4d0
[  634.761929][ T2875]  skb_copy_datagram_iter+0x40/0x50
[  634.761933][ T2875]  tcp_recvmsg_locked+0x1318/0x20d0
[  634.761941][ T2875]  ? do_raw_spin_lock+0x130/0x270
[  634.761944][ T2875]  ? tcp_update_recv_tstamps+0x1d0/0x1d0
[  634.761949][ T2875]  ? __local_bh_enable_ip+0xa9/0x120
[  634.761954][ T2875]  tcp_recvmsg+0xec/0x4f0
[  634.761956][ T2875]  ? filemap_map_pages+0x95d/0xf90
[  634.761960][ T2875]  ? tcp_recv_timestamp+0x5e0/0x5e0
[  634.761964][ T2875]  ? rcu_read_lock_any_held+0x3f/0xa0
[  634.761968][ T2875]  ? validate_chain+0x15e/0x4d0
[  634.761974][ T2875]  inet6_recvmsg+0xf7/0x4e0
[  634.761978][ T2875]  ? inet6_sk_rebuild_header+0x6f0/0x6f0
[  634.761983][ T2875]  ____sys_recvmsg+0x21c/0x650
[  634.761988][ T2875]  ? kernel_sendmsg+0x30/0x30
[  634.761990][ T2875]  ? _copy_from_user+0x53/0x90
[  634.761995][ T2875]  ? copy_msghdr_from_user+0xba/0x110
[  634.761998][ T2875]  ? __copy_msghdr+0x3c0/0x3c0
[  634.762004][ T2875]  ___sys_recvmsg+0xce/0x140
[  634.762008][ T2875]  ? ___sys_sendmsg+0x170/0x170
[  634.762011][ T2875]  ? __handle_mm_fault+0x3fc/0x5d0
[  634.762015][ T2875]  ? __pmd_alloc+0x7e0/0x7e0
[  634.762022][ T2875]  ? lock_vma_under_rcu+0x18a/0x3d0
[  634.762028][ T2875]  __sys_recvmsg+0x108/0x1a0
[  634.762031][ T2875]  ? __sys_recvmsg_sock+0x20/0x20
[  634.762034][ T2875]  ? exc_page_fault+0x5d/0xb0
[  634.762041][ T2875]  ? do_user_addr_fault+0x955/0xe00
[  634.762047][ T2875]  ? rcu_is_watching+0x12/0xb0
[  634.762052][ T2875]  do_syscall_64+0xc1/0x370
[  634.762057][ T2875]  entry_SYSCALL_64_after_hwframe+0x4b/0x53
[  634.762060][ T2875] RIP: 0033:0x7fc9254e907d
[  634.762063][ T2875] Code: eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 41 54 48 83 ec 10 64 8b 04 25 18 00 00 00 85 c0 75 22 b8 2f 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5b 4c 63 e0 48 83 c4 10 4c 89 e0 41 5c c3 66
[  634.762066][ T2875] RSP: 002b:00007ffcabbecf10 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  634.762070][ T2875] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fc9254e907d
[  634.762072][ T2875] RDX: 0000000002000000 RSI: 00007ffcabbecf40 RDI: 0000000000000008
[  634.762074][ T2875] RBP: 00007ffcabcc89f0 R08: 0000000000000000 R09: 00007ffcabbeaca3
[  634.762076][ T2875] R10: 00007fc9253e91c8 R11: 0000000000000246 R12: 00007ffcabcc8b58
[  634.762077][ T2875] R13: 0000000000405740 R14: 000000000042bdf0 R15: 00007fc925626000
[  634.762083][ T2875]  </TASK>
[  634.762085][ T2875] ==================================================================
[  634.774033][ T2875] Disabling lock debugging due to kernel taint