git: bd980ca847b7 - main - sched_ule: Ensure we hold the thread lock when modifying td_flags

The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=bd980ca847b76439bd27a4144cf0dd69d48b33af

commit bd980ca847b76439bd27a4144cf0dd69d48b33af
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2022-07-18 19:50:45 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2022-07-18 19:52:27 +0000

    sched_ule: Ensure we hold the thread lock when modifying td_flags
    
    The load balancer may force a running thread to reschedule and pick a
    new CPU.  To do this it sets some flags in the thread running on a
    loaded CPU.  But the code assumed that a running thread's lock is the
    same as that of the corresponding runqueue, and there are small windows
    where this is not true.  In this case, we can end up with non-atomic
    modifications to td_flags.
    
    Since this load balancing is best-effort, simply give up if the thread's
    lock doesn't match; in this case the thread is about to enter the
    scheduler anyway.
    
    Reviewed by:    kib
    Reported by:    glebius
    Fixes:          e745d729be60 ("sched_ule(4): Improve long-term load balancer.")
    MFC after:      2 weeks
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D35821
---
 sys/kern/sched_ule.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sys/kern/sched_ule.c b/sys/kern/sched_ule.c
index 138cb13e0fbe..0f5a73767408 100644
--- a/sys/kern/sched_ule.c
+++ b/sys/kern/sched_ule.c
@@ -871,7 +871,8 @@ sched_balance_group(struct cpu_group *cg)
 			 */
 			TDQ_LOCK(tdq);
 			td = tdq->tdq_curthread;
-			if ((td->td_flags & TDF_IDLETD) == 0 &&
+			if (td->td_lock == TDQ_LOCKPTR(tdq) &&
+			    (td->td_flags & TDF_IDLETD) == 0 &&
 			    THREAD_CAN_MIGRATE(td)) {
 				td->td_flags |= TDF_NEEDRESCHED | TDF_PICKCPU;
 				if (high != curcpu)