From e5872f2d6a0129dfc4a564b8af8a0f45dcdce86c Mon Sep 17 00:00:00 2001
From: Damien Zammit <damien@zamaudio.com>
Date: Fri, 23 Feb 2024 08:15:11 +0000
Subject: vm_map: Add comment and assert for vm_map_delete

This will prevent calling vm_map_delete without the map locked
unless ref_count is zero.
Message-ID: <20240223081505.458240-1-damien@zamaudio.com>
---
 vm/vm_map.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'vm/vm_map.c')

diff --git a/vm/vm_map.c b/vm/vm_map.c
index c237afbe..7db76b7b 100644
--- a/vm/vm_map.c
+++ b/vm/vm_map.c
@@ -551,10 +551,12 @@ void vm_map_deallocate(vm_map_t map)
 	c = --map->ref_count;
 	simple_unlock(&map->ref_lock);
 
+	/* Check the refcount */
 	if (c > 0) {
 		return;
 	}
 
+	/* If no more references, call vm_map_delete without locking the map */
 	projected_buffer_collect(map);
 	(void) vm_map_delete(map, map->min_offset, map->max_offset);
 
@@ -2028,6 +2030,11 @@ kern_return_t vm_map_delete(
 	if (map->pmap == kernel_pmap && (start < kernel_virtual_start || end > kernel_virtual_end))
 		panic("vm_map_delete(%lx-%lx) falls in physical memory area!\n", (unsigned long) start, (unsigned long) end);
 
+	/*
+	 *	Must be called with map lock taken unless refcount is zero
+	 */
+	assert((map->ref_count > 0 && have_lock(map->lock)) || (map->ref_count == 0));
+
 	/*
 	 *	Find the start of the region, and clip it
 	 */
-- 
cgit v1.2.3