KCSAN: data-race in io_cancel_task_cb / io_wq_submit

==================================================================
BUG: KCSAN: data-race in io_cancel_task_cb / io_wq_submit_work

write to 0xffff8881386c7c44 of 4 bytes by task 14836 on cpu 0:
 __io_req_set_refcount fs/io_uring.c:1208 [inline]
 io_wq_submit_work+0x4e/0x370 fs/io_uring.c:6815
 io_worker_handle_work+0x4ca/0xbd0 fs/io-wq.c:576
 io_wqe_worker+0x1bc/0x4f0 fs/io-wq.c:632
 ret_from_fork+0x1f/0x30

read to 0xffff8881386c7c44 of 4 bytes by task 14827 on cpu 1:
 io_match_task_safe fs/io_uring.c:1322 [inline]
 io_cancel_task_cb+0x8c/0x1bd fs/io_uring.c:9612
 io_wq_worker_cancel fs/io-wq.c:986 [inline]
 io_wq_for_each_worker fs/io-wq.c:853 [inline]
 io_wqe_cancel_running_work fs/io-wq.c:1059 [inline]
 io_wq_cancel_cb+0x394/0x6b0 fs/io-wq.c:1095
 io_uring_try_cancel_requests+0x108/0x308 fs/io_uring.c:9684
 io_uring_cancel_generic+0x1fa/0x3dd fs/io_uring.c:9864
 __io_uring_cancel+0x11/0x13 fs/io_uring.c:9897
 io_uring_files_cancel include/linux/io_uring.h:16 [inline]
 do_exit+0x397/0x17a0 kernel/exit.c:787
 do_group_exit+0xce/0x180 kernel/exit.c:929
 get_signal+0xfc3/0x1550 kernel/signal.c:2852
 arch_do_signal_or_restart+0x8c/0x2e0 arch/x86/kernel/signal.c:868
 handle_signal_work kernel/entry/common.c:148 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:172 [inline]
 exit_to_user_mode_prepare+0x113/0x190 kernel/entry/common.c:207
 __syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:300
 do_syscall_64+0x50/0xd0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00042204 -> 0x000c0204

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 14827 Comm: syz-executor.2 Not tainted 5.16.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================