Move the checks for td_pinned, td_critnest, TDP_NOFAULTING and

TDP_NOSLEEPING leaking from syscallret() to userret() so that also
trap handling is covered. Also, the check on td_locks is not duplicated
between the two functions.

Reported by:	avg
Reviewed by:	kib
MFC after:	1 week

1 files changed, 14 insertions, 1 deletions

diff --git a/sys/kern/subr_trap.c b/sys/kern/subr_trap.c
index 1dc0b9c09..24960fd 100644
--- a/sys/kern/subr_trap.c
+++ b/sys/kern/subr_trap.c
@@ -139,8 +139,21 @@ userret(struct thread *td, struct trapframe *frame)
 #ifdef XEN
 	PT_UPDATES_FLUSH();
 #endif
+
+	/*
+	 * Check for misbehavior.
+	 */
+	WITNESS_WARN(WARN_PANIC, NULL, "userret: returning");
+	KASSERT(td->td_critnest == 0,
+	    ("userret: Returning in a critical section"));
 	KASSERT(td->td_locks == 0,
-	    ("userret: Returning with %d locks held.", td->td_locks));
+	    ("userret: Returning with %d locks held", td->td_locks));
+	KASSERT((td->td_pflags & TDP_NOFAULTING) == 0,
+	    ("userret: Returning with pagefaults disabled"));
+	KASSERT((td->td_pflags & TDP_NOSLEEPING) == 0,
+	    ("userret: Returning with sleep disabled"));
+	KASSERT(td->td_pinned == 0,
+	    ("userret: Returning with with pinned thread"));
 #ifdef VIMAGE
 	/* Unfortunately td_vnet_lpush needs VNET_DEBUG. */
 	VNET_ASSERT(curvnet == NULL,