From fc10081bae1648ec0fa3822a744459b64ec72aa8 Mon Sep 17 00:00:00 2001
From: alfred <alfred@FreeBSD.org>
Date: Wed, 27 Feb 2002 18:49:58 +0000
Subject: add assertions in the places where giant is required to catch when
 the pipe is locked and shouldn't be.

initialize pipe->pipe_mtxp to NULL when creating pipes in order not
to trip the above assertions.

swap pipe lock with giant around calls to pipe_destroy_write_buffer()

pipe_destroy_write_buffer issue noticed by: jhb
---
 sys/kern/sys_pipe.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'sys')

diff --git a/sys/kern/sys_pipe.c b/sys/kern/sys_pipe.c
index ce9fde7..204f1f7 100644
--- a/sys/kern/sys_pipe.c
+++ b/sys/kern/sys_pipe.c
@@ -277,6 +277,8 @@ pipespace(cpipe, size)
 	int npages, error;
 
 	GIANT_REQUIRED;
+	KASSERT(cpipe->pipe_mtxp == NULL || !mtx_owned(PIPE_MTX(cpipe)),
+	       ("pipespace: pipe mutex locked"));
 
 	npages = round_page(size)/PAGE_SIZE;
 	/*
@@ -354,6 +356,7 @@ pipe_create(cpipep)
 	/* cpipe->pipe_map.ms[] = invalid */
 #endif
 
+	cpipe->pipe_mtxp = NULL;	/* avoid pipespace assertion */
 	error = pipespace(cpipe, PIPE_SIZE);
 	if (error)
 		return (error);
@@ -590,6 +593,7 @@ pipe_build_write_buffer(wpipe, uio)
 	vm_offset_t addr, endaddr, paddr;
 
 	GIANT_REQUIRED;
+	PIPE_LOCK_ASSERT(wpipe, MA_NOTOWNED);
 
 	size = (u_int) uio->uio_iov->iov_len;
 	if (size > wpipe->pipe_buffer.size)
@@ -660,6 +664,7 @@ pipe_destroy_write_buffer(wpipe)
 	int i;
 
 	GIANT_REQUIRED;
+	PIPE_LOCK_ASSERT(wpipe, MA_NOTOWNED);
 
 	if (wpipe->pipe_map.kva) {
 		pmap_qremove(wpipe->pipe_map.kva, wpipe->pipe_map.npages);
@@ -699,7 +704,9 @@ pipe_clone_write_buffer(wpipe)
 	wpipe->pipe_buffer.cnt = size;
 	wpipe->pipe_state &= ~PIPE_DIRECTW;
 
+	PIPE_GET_GIANT(wpipe);
 	pipe_destroy_write_buffer(wpipe);
+	PIPE_DROP_GIANT(wpipe);
 }
 
 /*
@@ -791,7 +798,9 @@ retry:
 		 */
 		pipe_clone_write_buffer(wpipe);
 	} else {
+		PIPE_GET_GIANT(wpipe);
 		pipe_destroy_write_buffer(wpipe);
+		PIPE_DROP_GIANT(wpipe);
 	}
 	pipeunlock(wpipe);
 	return (error);
@@ -1231,7 +1240,10 @@ static void
 pipe_free_kmem(cpipe)
 	struct pipe *cpipe;
 {
+
 	GIANT_REQUIRED;
+	KASSERT(cpipe->pipe_mtxp == NULL || !mtx_owned(PIPE_MTX(cpipe)),
+	       ("pipespace: pipe mutex locked"));
 
 	if (cpipe->pipe_buffer.buffer != NULL) {
 		if (cpipe->pipe_buffer.size > PIPE_SIZE)
-- 
cgit v1.1