Description: io_uring: hold 'ctx' reference around task_work queue + execute
References:
 https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-io_async_task_func
 https://syzkaller.appspot.com/bug?id=ce5f07d6ec3b5050b8f0728a3b389aa510f2591b
Notes:
Bugs:
upstream: released (5.9-rc1) [6d816e088c359866f9867057e04f244c608c42fe]
5.10-upstream-stable: N/A "Fixed before branching point"
4.19-upstream-stable: N/A "Vulnerable code not present"
4.9-upstream-stable: N/A "Vulnerable code not present"
sid: released (5.7.17-1)
4.19-buster-security: N/A "Vulnerable code not present"
4.9-stretch-security: N/A "Vulnerable code not present"