Skip to content

fix: inherit heap on fork and reset set_child_tid on execve #93

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
AsakuraMizu merged 4 commits into from
Dec 22, 2025
Merged

fix: inherit heap on fork and reset set_child_tid on execve #93

AsakuraMizu merged 4 commits into from
Dec 22, 2025

Conversation

@sunhaosheng
Copy link
Contributor

@sunhaosheng sunhaosheng commented Dec 18, 2025
edited
Loading

  1. execve Not Clearing clear_child_tid

File: api/src/syscall/task/execve.rs

Bug Description:
After execve, the clear_child_tid address from the old address space remained set. When the process eventually exited, it would try to write to an invalid address.

Fix:
Clear clear_child_tid after execve:

curr.as_thread().set_clear_child_tid(0);
  1. Fork Not Inheriting Heap Pointers

File: api/src/syscall/task/clone.rs

Bug Description:
After fork, the child process's heap_bottom and heap_top were initialized to USER_HEAP_BASE instead of inheriting the parent's heap state. This caused the child's brk calls to behave incorrectly.

Fix:
Added heap pointer inheritance in the fork path:

proc_data.set_heap_bottom(old_proc_data.get_heap_bottom());
proc_data.set_heap_top(old_proc_data.get_heap_top());

@sunhaosheng-kylin
fix(task): fix fork heap inheritance and child_tid handling
1ca50d7 
Bug 1 - Fork not inheriting heap pointers:
After fork, child's heap_bottom/heap_top were reset to USER_HEAP_BASE
instead of inheriting parent's heap state, causing brk() to fail.
Fix: Copy heap pointers from parent to child in fork path.

Bug 2 - set_child_tid/clear_child_tid NULL pointer issues:
When CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID flags were set but
child_tid was NULL, kernel would access invalid memory.
Fix: Check address is non-NULL before processing, pass as usize,
write using aspace.write() in child's context.

Bug 3 - execve not clearing clear_child_tid:
After execve, clear_child_tid from old address space remained set,
causing invalid memory access on process exit.
Fix: Clear clear_child_tid after execve.
@sunhaosheng-kylin
Fix clippy
a5d16fa
guoweikang
guoweikang reviewed Dec 19, 2025
View reviewed changes
guoweikang
guoweikang reviewed Dec 19, 2025
View reviewed changes
@AsakuraMizu AsakuraMizu changed the title fix(task): fix fork heap inheritance and child_tid handling fix: inherit heap on fork and reset set_child_tid on execve Dec 22, 2025
@AsakuraMizu AsakuraMizu merged commit 759a887 into Starry-OS:main Dec 22, 2025
13 checks passed
guoweikang added a commit to kylin-x-kernel/StarryOS that referenced this pull request Dec 23, 2025
@guoweikang
Merge pull request #75 from Starry-OS/main
2c7f398 
fix: inherit heap on fork and reset `set_child_tid` on execve (Starry-OS#93)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@guoweikang guoweikang guoweikang approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sunhaosheng @guoweikang @AsakuraMizu @sunhaosheng-kylin