prevent longjmp / forkret from writing over tf->edi

bd228a81 · rtm · 0dd42537 · bd228a81 · bd228a81 · bd228a81
--- a/pipe.c
+++ b/pipe.c
@@ -61,6 +61,8 @@ pipe_alloc(struct fd **fd1, struct fd **fd2)
 void
 pipe_close(struct pipe *p, int writeable)
 {
+  acquire(&p->lock);
  if(writeable){
    p->writeopen = 0;
    wakeup(&p->readp);
@@ -68,6 +70,9 @@ pipe_close(struct pipe *p, int writeable)
    p->readopen = 0;
    wakeup(&p->writep);
  }
+  release(&p->lock);
  if(p->readopen == 0 && p->writeopen == 0)
    kfree((char *) p, PAGE);
 }

--- a/proc.c
+++ b/proc.c
@@ -109,7 +109,7 @@ copyproc(struct proc* p)
  // Set up new jmpbuf to start executing at forkret (see below).
  memset(&np->jmpbuf, 0, sizeof np->jmpbuf);
  np->jmpbuf.eip = (uint)forkret;
-  np->jmpbuf.esp = (uint)np->tf;
+  np->jmpbuf.esp = (uint)np->tf - 4;
  // Copy file descriptors
  for(i = 0; i < NOFILE; i++){

--- a/syscall.c
+++ b/syscall.c
@@ -13,8 +13,7 @@
 * System call number in %eax.
 * Arguments on the stack, from the user call to the C
 * library system call function. The saved user %esp points
- * to a saved frame pointer, a program counter, and then
+ * to a saved program counter, and then the first argument.
- * the first argument.
 *
 * Return value? Error indication? Errno?
 */
@@ -56,11 +55,11 @@ fetcharg(int argno, void *ip)
 }
 int
-putint(struct proc *p, uint addr, int ip)
+putint(struct proc *p, uint addr, int x)
 {
  if(addr > p->sz - 4)
    return -1;
-  memmove(p->mem + addr, &ip, 4);
+  memmove(p->mem + addr, &x, 4);
  return 0;
 }
@@ -269,7 +268,6 @@ syscall(void)
  int num = cp->tf->eax;
  int ret = -1;
-  //cprintf("%x sys %d\n", cp, num);
  switch(num){
  case SYS_fork:
    ret = sys_fork();