syzbot

==================================================================
BUG: KCSAN: data-race in virtnet_poll_tx / virtqueue_add

write to 0xffff88821aad8e6c of 4 bytes by interrupt on cpu 0:
 virtqueue_add_split drivers/virtio/virtio_ring.c:528 [inline]
 virtqueue_add+0x96a/0x1ab0 drivers/virtio/virtio_ring.c:1706
 virtqueue_add_outbuf+0x47/0x60 drivers/virtio/virtio_ring.c:1763
 xmit_skb drivers/net/virtio_net.c:1548 [inline]
 start_xmit+0x5b4/0xc00 drivers/net/virtio_net.c:1571
 __netdev_start_xmit include/linux/netdevice.h:4510 [inline]
 netdev_start_xmit include/linux/netdevice.h:4524 [inline]
 xmit_one net/core/dev.c:3470 [inline]
 dev_hard_start_xmit+0xeb/0x420 net/core/dev.c:3486
 sch_direct_xmit+0x2ae/0x8a0 net/sched/sch_generic.c:313
 __dev_xmit_skb net/core/dev.c:3671 [inline]
 __dev_queue_xmit+0x13bb/0x1b80 net/core/dev.c:4032
 dev_queue_xmit+0x1e/0x30 net/core/dev.c:4096
 neigh_hh_output include/net/neighbour.h:499 [inline]
 neigh_output include/net/neighbour.h:508 [inline]
 ip_finish_output2+0x87d/0xed0 net/ipv4/ip_output.c:228
 __ip_finish_output net/ipv4/ip_output.c:306 [inline]
 __ip_finish_output+0x22f/0x460 net/ipv4/ip_output.c:288
 ip_finish_output+0x3e/0x160 net/ipv4/ip_output.c:316
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip_output+0xf2/0x240 net/ipv4/ip_output.c:430
 dst_output include/net/dst.h:436 [inline]
 ip_local_out+0x70/0x90 net/ipv4/ip_output.c:125
 __ip_queue_xmit+0x3a6/0xa40 net/ipv4/ip_output.c:530
 ip_queue_xmit+0x3e/0x50 include/net/ip.h:237
 __tcp_transmit_skb+0xe1f/0x1c90 net/ipv4/tcp_output.c:1234
 __tcp_send_ack+0x22c/0x2f0 net/ipv4/tcp_output.c:3771
 tcp_send_ack+0x2d/0x40 net/ipv4/tcp_output.c:3777
 __tcp_ack_snd_check+0xcc/0x550 net/ipv4/tcp_input.c:5263
 tcp_rcv_established+0xc95/0xee0 net/ipv4/tcp_input.c:5694
 tcp_v4_do_rcv+0x396/0x4f0 net/ipv4/tcp_ipv4.c:1619
 tcp_v4_rcv+0x1bbf/0x1d80 net/ipv4/tcp_ipv4.c:2001
 ip_protocol_deliver_rcu+0x4b/0x410 net/ipv4/ip_input.c:204
 ip_local_deliver_finish+0xf3/0x120 net/ipv4/ip_input.c:231
 NF_HOOK include/linux/netfilter.h:307 [inline]
 NF_HOOK include/linux/netfilter.h:301 [inline]
 ip_local_deliver+0x135/0x220 net/ipv4/ip_input.c:252
 dst_input include/net/dst.h:442 [inline]
 ip_sublist_rcv_finish+0xf0/0x140 net/ipv4/ip_input.c:549
 ip_list_rcv_finish net/ipv4/ip_input.c:599 [inline]
 ip_sublist_rcv+0x3f8/0x530 net/ipv4/ip_input.c:607
 ip_list_rcv+0x2f3/0x321 net/ipv4/ip_input.c:642
 __netif_receive_skb_list_ptype net/core/dev.c:5241 [inline]
 __netif_receive_skb_list_ptype net/core/dev.c:5230 [inline]
 __netif_receive_skb_list_core+0x368/0x5c0 net/core/dev.c:5289
 __netif_receive_skb_list net/core/dev.c:5341 [inline]
 netif_receive_skb_list_internal+0x5c7/0x810 net/core/dev.c:5436
 gro_normal_list.part.0+0x37/0xa0 net/core/dev.c:5547
 gro_normal_list net/core/dev.c:5560 [inline]
 gro_normal_one+0x14c/0x160 net/core/dev.c:5559
 napi_skb_finish net/core/dev.c:5887 [inline]
 napi_gro_receive+0x27d/0x2f0 net/core/dev.c:5919
 receive_buf+0x24e/0x2e20 drivers/net/virtio_net.c:1061
 virtnet_receive drivers/net/virtio_net.c:1323 [inline]
 virtnet_poll+0x343/0x790 drivers/net/virtio_net.c:1428
 napi_poll net/core/dev.c:6582 [inline]
 net_rx_action+0x3ad/0xac0 net/core/dev.c:6650
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 do_IRQ+0x7b/0x120 arch/x86/kernel/irq.c:263
 ret_from_intr+0x0/0x21
 native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:60
 arch_safe_halt arch/x86/include/asm/paravirt.h:144 [inline]
 default_idle+0x21/0x170 arch/x86/kernel/process.c:695
 cpuidle_idle_call kernel/sched/idle.c:154 [inline]
 do_idle+0x1b7/0x290 kernel/sched/idle.c:269
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:361
 rest_init+0xe4/0xeb init/main.c:632
 arch_call_rest_init+0x13/0x2b
 start_kernel+0xcc2/0xceb init/main.c:971
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242

read to 0xffff88821aad8e6c of 4 bytes by interrupt on cpu 1:
 virtnet_poll_tx+0x16a/0x1c0 drivers/net/virtio_net.c:1498
 napi_poll net/core/dev.c:6582 [inline]
 net_rx_action+0x3ad/0xac0 net/core/dev.c:6650
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:373 [inline]
 irq_exit+0xb5/0xd0 kernel/softirq.c:413
 exiting_irq arch/x86/include/asm/apic.h:546 [inline]
 do_IRQ+0x7b/0x120 arch/x86/kernel/irq.c:263
 ret_from_intr+0x0/0x21
 native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:60
 arch_safe_halt arch/x86/include/asm/paravirt.h:144 [inline]
 default_idle+0x21/0x170 arch/x86/kernel/process.c:695
 cpuidle_idle_call kernel/sched/idle.c:154 [inline]
 do_idle+0x1b7/0x290 kernel/sched/idle.c:269
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:361
 start_secondary+0x164/0x1b0 arch/x86/kernel/smpboot.c:264
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.6.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================