el0_svc_common.constprop.0+0x40/0xe0 arch/arm64/kernel/syscall.c:121
 do_el0_svc+0x1c/0x34 arch/arm64/kernel/syscall.c:140
 el0_svc+0x38/0x15c arch/arm64/kernel/entry-common.c:723
 el0t_64_sync_handler+0xa0/0xf0 arch/arm64/kernel/entry-common.c:742
 el0t_64_sync+0x1a4/0x1a8 arch/arm64/kernel/entry.S:594
------------[ cut here ]------------
WARNING: io_uring/io-wq.c:1396 at io_wq_cancel_pending_work io_uring/io-wq.c:1168 [inline], CPU#1: syz.1.8142/26650
WARNING: io_uring/io-wq.c:1396 at io_wq_destroy io_uring/io-wq.c:1388 [inline], CPU#1: syz.1.8142/26650
WARNING: io_uring/io-wq.c:1396 at io_wq_put_and_exit+0x2d4/0x2f0 io_uring/io-wq.c:1399, CPU#1: syz.1.8142/26650
Modules linked in:
CPU: 1 UID: 0 PID: 26650 Comm: syz.1.8142 Tainted: G             L      syzkaller #0 PREEMPT 
Tainted: [L]=SOFTLOCKUP
Hardware name: linux,dummy-virt (DT)
pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : io_wq_put_and_exit+0x2d4/0x2f0 io_uring/io-wq.c:1396
lr : __io_uring_add_tctx_node+0x150/0x1c0 io_uring/tctx.c:174
sp : ffff800084663c00
x29: ffff800084663c30 x28: f2f0000005f62180 x27: 0000000000000000
x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000
x23: fdf0000069177598 x22: 0000000000000000 x21: 00000000fffffff4
x20: f4f0000034139000 x19: fdf0000069177000 x18: 00000000fffffffd
x17: 0000000000000000 x16: 0000000000000000 x15: ffff800084663373
x14: 00000000ffffffea x13: ffff8000846636d8 x12: 0000000000084318
x11: ffff800082b9be38 x10: 00000000000240d8 x9 : ffff800082c4be38
x8 : f2f0000005f62180 x7 : ffff800084663fe8 x6 : fffffffffffff809
x5 : fff000007d8e6188 x4 : ffff800084664000 x3 : 0000000000000000
x2 : 0000000000000000 x1 : f2f0000005f62180 x0 : 0000000000000000
Call trace:
 io_wq_cancel_pending_work io_uring/io-wq.c:1168 [inline] (P)
 io_wq_destroy io_uring/io-wq.c:1388 [inline] (P)
 io_wq_put_and_exit+0x2d4/0x2f0 io_uring/io-wq.c:1399 (P)
 __io_uring_add_tctx_node+0x150/0x1c0 io_uring/tctx.c:174
 io_uring_create io_uring/io_uring.c:3063 [inline]
 io_uring_setup+0x76c/0x800 io_uring/io_uring.c:3108
 __do_sys_io_uring_setup io_uring/io_uring.c:3142 [inline]
 __se_sys_io_uring_setup io_uring/io_uring.c:3133 [inline]
 __arm64_sys_io_uring_setup+0x5c/0xc0 io_uring/io_uring.c:3133
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x54/0x10c arch/arm64/kernel/syscall.c:49
 el0_svc_common.constprop.0+0x40/0xe0 arch/arm64/kernel/syscall.c:121
 do_el0_svc+0x1c/0x34 arch/arm64/kernel/syscall.c:140
 el0_svc+0x38/0x15c arch/arm64/kernel/entry-common.c:723
 el0t_64_sync_handler+0xa0/0xf0 arch/arm64/kernel/entry-common.c:742
 el0t_64_sync+0x1a4/0x1a8 arch/arm64/kernel/entry.S:594
---[ end trace 0000000000000000 ]---