Fix dlmalloc horror bug - mman_map overwrites application code

kernel/proc/proc.c

@@ -90,8 +90,10 @@ Proc *proc_spawnkern(void (*ent)(void), char *name) {
   proc->kern = true;
 
   uint8_t *sp = (uint8_t *)pmm_alloc(PROC_STACKBLOCKS) + PROC_STACKSIZE;
+  uint8_t *kstackp = (uint8_t *)pmm_alloc(PROC_STACKBLOCKS) + PROC_STACKSIZE;
+  proc->platformdata.kstack = kstackp;
+  proc->platformdata.pstack = sp;
 
-  proc->platformdata.kstack = sp;
   hal_memset(&proc->platformdata.trapframe, 0, sizeof(proc->platformdata.trapframe));
 
   proc->platformdata.trapframe.ss = 0x10;
@@ -99,7 +101,7 @@ Proc *proc_spawnkern(void (*ent)(void), char *name) {
   proc->platformdata.trapframe.rflags = 0x202;
   proc->platformdata.trapframe.cs = 0x08;
   proc->platformdata.trapframe.rip = (uint64_t)ent;
-  proc->platformdata.cr3 = hal_vmm_current_cr3();
+  proc->platformdata.cr3 = KERNEL_CR3;
   proc->state = PROC_EMBRYO;
   proc->pid = pids++;
   spinlock_init(&proc->bcast_pipes.spinlock);
@@ -145,21 +147,24 @@ Proc *proc_spawnuser(char *mountpoint, char *path) {
 
   uint8_t *sp = (uint8_t *)pmm_alloc(PROC_STACKBLOCKS) + PROC_STACKSIZE;
   uint8_t *spbase = sp - PROC_STACKSIZE;
+  uint8_t *kstackp = (uint8_t *)pmm_alloc(PROC_STACKBLOCKS) + PROC_STACKSIZE;
+  proc->platformdata.kstack = kstackp;
+  proc->platformdata.pstack = sp;
 
-  proc->platformdata.kstack = sp;
   hal_memset(&proc->platformdata.trapframe, 0, sizeof(proc->platformdata.trapframe));
     
   proc->platformdata.cr3 = hal_vmm_userproc_pml4(proc);
+
   uint32_t flags = HAL_PG_RW | HAL_PG_USER | HAL_PG_PRESENT;
+
   hal_vmm_map_range(VIRT(proc->platformdata.cr3), spbase, spbase, PROC_STACKSIZE, flags);
   VasRange *range = dlmalloc(sizeof(*range));
   range->virtstart = spbase;
   range->physstart = spbase;
   range->size = PROC_STACKSIZE;
   range->pgflags = flags;
-
   LL_APPEND(proc->vas, range);
-  
+
   ElfAuxval aux = proc_load_elf_segs(proc, data);
 
   proc->platformdata.trapframe.ss = 0x20 | 0x3;
@@ -216,15 +221,16 @@ void proc_reaper(void) {
         }
       }
 
-      for (size_t i = 0; i < PROC_PIPEHANDLES_MAX; i++) {
-        if (zombie->pipes[i] != NULL && zombie->pipes[i]->ownerpid == zombie->pid) {
-          dlfree(zombie->pipes[i]);
-          ipc_pipefree(zombie->pipes[i]);
-          zombie->pipes[i] = NULL;
-        }
-      }
+      /* for (size_t i = 0; i < PROC_PIPEHANDLES_MAX; i++) { */
+      /*   if (zombie->pipes[i] != NULL && zombie->pipes[i]->ownerpid == zombie->pid) { */
+      /*     dlfree(zombie->pipes[i]); */
+      /*     ipc_pipefree(zombie->pipes[i]); */
+      /*     zombie->pipes[i] = NULL; */
+      /*   } */
+      /* } */
 
       pmm_free((uintptr_t)(zombie->platformdata.kstack - PROC_STACKSIZE), PROC_STACKBLOCKS);
+      pmm_free((uintptr_t)(zombie->platformdata.pstack - PROC_STACKSIZE), PROC_STACKBLOCKS);
       
       if (!zombie->kern) {
         VasRange *vashead = zombie->vas;
@@ -258,8 +264,6 @@ void proc_reaper(void) {
   }
 }
 
-extern void hal_zombiespin(void);
-
 void proc_sched(void *cpustate) {
   hal_intr_disable();
   sched_ticks++;
@@ -274,6 +278,7 @@ void proc_sched(void *cpustate) {
     proc_reaper();
   }
 
+  tss.rsp0 = (uint64_t)VIRT(PROCS.current->platformdata.kstack);
   hal_switchproc(&PROCS.current->platformdata.trapframe, (void *)PROCS.current->platformdata.cr3);
 }
 
@@ -331,5 +336,6 @@ void proc_init(void) {
   proc_register(init);
   init->state = PROC_READY;
 
+  tss.rsp0 = (uint64_t)VIRT(PROCS.current->platformdata.kstack);
   hal_switchproc(&PROCS.current->platformdata.trapframe, (void *)PROCS.current->platformdata.cr3);
 }

kernel/proc/proc.h

@@ -24,6 +24,7 @@
 typedef struct {
   IntrStackFrame trapframe;
   uint8_t *kstack;
+  uint8_t *pstack;
   PgTable *cr3;
 } ProcPlatformData;