8<--- cut here ---
Unable to handle kernel NULL pointer dereference at virtual address 000000a0
pgd = 86c34fc0
[000000a0] *pgd=86dcc003, *pmd=fe7ac003
Internal error: Oops: 207 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 0 PID: 9259 Comm: iou-sqp-9254 Not tainted 5.12.0-rc3-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at atomic_add arch/arm/include/asm/atomic.h:223 [inline]
PC is at atomic_inc include/linux/atomic-fallback.h:372 [inline]
PC is at io_uring_cancel_sqpoll+0xac/0x1a0 fs/io_uring.c:8926
LR is at io_sq_thread+0x3d0/0x6f8 fs/io_uring.c:6772
pc : [<80561f00>]    lr : [<80566f50>]    psr: 60000113
sp : 86b6bee0  ip : 86c70000  fp : 86b6bf2c
r10: 00000000  r9 : 86b6a000  r8 : 00000000
r7 : 865ea800  r6 : 86496a00  r5 : 86496a54  r4 : 865ea800
r3 : 000000a0  r2 : 86b6a000  r1 : 000000a0  r0 : 86b6bef4
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 86c34fc0  DAC: fffffffd
Process iou-sqp-9254 (pid: 9259, stack limit = 0x86b6a210)
Stack: (0x86b6bee0 to 0x86b6c000)
bee0: 00000000 000000a0 00000000 86c70000 802a6878 86b6bef4 86b6bef4 56b92eae
bf00: 00000001 865ea800 86496a54 86496a00 00000000 00000000 86b6a000 00000000
bf20: 86b6bfac 86b6bf30 80566f50 80561e60 86496a04 81f744cc 82a06d00 00000000
bf40: 80384db8 86496a00 855ba680 86496a54 00000000 00000000 00000000 86c70000
bf60: 802a6878 86b6bf64 86b6bf64 2d756f69 2d707173 34353239 80258400 56b92eae
bf80: 00000000 86496a00 80566b80 00000000 00000000 00000000 00000000 00000000
bfa0: 00000000 86b6bfb0 80200114 80566b8c 00000000 00000000 00000000 00000000
bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000
Backtrace: 
[<80561e54>] (io_uring_cancel_sqpoll) from [<80566f50>] (io_sq_thread+0x3d0/0x6f8 fs/io_uring.c:6772)
 r10:00000000 r9:86b6a000 r8:00000000 r7:00000000 r6:86496a00 r5:86496a54
 r4:865ea800
[<80566b80>] (io_sq_thread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:158)
Exception stack(0x86b6bfb0 to 0x86b6bff8)
bfa0:                                     00000000 00000000 00000000 00000000
bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
bfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80566b80
 r4:86496a00
Code: e28830a0 e50b3048 f593f000 e1a01003 (e1913f9f) 
---[ end trace 1b21b00083885e48 ]---
----------------
Code disassembly (best guess):
   0:	e28830a0 	add	r3, r8, #160	; 0xa0
   4:	e50b3048 	str	r3, [fp, #-72]	; 0xffffffb8
   8:	f593f000 	pldw	[r3]
   c:	e1a01003 	mov	r1, r3
* 10:	e1913f9f 	ldrex	r3, [r1] <-- trapping instruction