修复 x86_64 fork 和 VMA 内存泄漏问题

xiaoyi1212 · xiaoyi1212 · commit 1a5dd973d90b · 2026-01-22T04:46:37.000+08:00
diff --git a/src/arch/x86_64/mem/page_x64.c b/src/arch/x86_64/mem/page_x64.c
@@ -20,11 +20,11 @@ page_table_t *page_table_create(page_table_entry_t *entry) {
     if (entry->value == 0) {
         uint64_t frame      = alloc_frames(1);
         entry->value        = frame | PTE_PRESENT | PTE_WRITEABLE | PTE_USER;
-        page_table_t *table = (page_table_t *)phys_to_virt(entry->value & PTE_FRAME_MASK);
+        page_table_t *table = phys_to_virt(entry->value & PTE_FRAME_MASK);
         page_table_clear(table);
         return table;
     }
-    page_table_t *table = (page_table_t *)phys_to_virt(entry->value & PTE_FRAME_MASK);
+    page_table_t *table = phys_to_virt(entry->value & PTE_FRAME_MASK);
     return table;
 }
 
@@ -45,10 +45,10 @@ void page_map_to(page_directory_t *directory, uint64_t addr, uint64_t frame, uin
 }
 
 void unmap_page(page_directory_t *directory, uint64_t vaddr) {
-    uint64_t l4_index = (((vaddr >> 39)) & 0x1FF);
-    uint64_t l3_index = (((vaddr >> 30)) & 0x1FF);
-    uint64_t l2_index = (((vaddr >> 21)) & 0x1FF);
-    uint64_t l1_index = (((vaddr >> 12)) & 0x1FF);
+    uint64_t l4_index = (vaddr >> 39) & 0x1FF;
+    uint64_t l3_index = (vaddr >> 30) & 0x1FF;
+    uint64_t l2_index = (vaddr >> 21) & 0x1FF;
+    uint64_t l1_index = (vaddr >> 12) & 0x1FF;
 
     page_table_t *l4_table = directory->table;
     page_table_t *l3_table = phys_to_virt((&(l4_table->entries[l4_index]))->value & PTE_FRAME_MASK);
@@ -100,7 +100,7 @@ static page_table_t *copy_page_table_recursive(page_table_t *source_table, int l
 
 uint64_t arch_virt_to_phys(uint64_t va) {
     uint64_t  pml4_phys = get_cr3();
-    uint64_t *pml4      = (uint64_t *)phys_to_virt(pml4_phys);
+    uint64_t *pml4      = phys_to_virt(pml4_phys);
 
     size_t pml4_idx = (va >> 39) & ENTRY_MASK;
     size_t pdpt_idx = (va >> 30) & ENTRY_MASK;
@@ -110,12 +110,12 @@ uint64_t arch_virt_to_phys(uint64_t va) {
 
     uint64_t pml4e = pml4[pml4_idx];
     if (!(pml4e & PTE_PRESENT)) return 0; // not mapped
-    uint64_t *pdpt = (uint64_t *)phys_to_virt(pml4e & PAGE_MASK);
+    uint64_t *pdpt = phys_to_virt(pml4e & PAGE_MASK);
 
     uint64_t pdpte = pdpt[pdpt_idx];
     if (!(pdpte & PTE_PRESENT)) return 0;
     if (pdpte & PTE_HUGE) { return (pdpte & ~((1ULL << 30) - 1)) + (va & ((1ULL << 30) - 1)); }
-    uint64_t *pd = (uint64_t *)phys_to_virt(pdpte & PAGE_MASK);
+    uint64_t *pd = phys_to_virt(pdpte & PAGE_MASK);
 
     uint64_t pde = pd[pd_idx];
     if (!(pde & PTE_PRESENT)) return 0;
@@ -212,7 +212,7 @@ void arch_page_setup_l2() {
 }
 
 void arch_page_setup() {
-    page_table_t *kernel_page_table = (page_table_t *)phys_to_virt(get_cr3());
+    page_table_t *kernel_page_table = phys_to_virt(get_cr3());
     kernel_page_dir                 = (page_directory_t){.table = kernel_page_table};
     double_fault_page               = get_cr3();
 }
diff --git a/src/arch/x86_64/task/prsys_x64.c b/src/arch/x86_64/task/prsys_x64.c
@@ -31,8 +31,9 @@ static uint64_t process_fork(struct syscall_regs *reg, bool is_vfork, uint64_t u
         return -ENOMEM;
     }
     tcb_t parent_task = get_current_task();
-    tcb_t new_task    = (tcb_t)malloc(STACK_SIZE);
+    tcb_t new_task    = malloc(STACK_SIZE);
     if (new_task == NULL) {
+        vma_manager_exit_cleanup(&new_pcb->vma_manager);
         free(new_pcb->name);
         free(new_pcb);
         return SYSCALL_FAULT_(ENOMEM);
diff --git a/src/arch/x86_64/task/sched_x64.c b/src/arch/x86_64/task/sched_x64.c
@@ -329,9 +329,7 @@ _Noreturn void arch_switch_to_user_mode() {
     vma_t *region =
         vma_find_intersection(&process->vma_manager, get_current_task()->context.user_stack,
                               get_current_task()->context.user_stack_top);
-    if (!region) {
-        vma_insert(&process->vma_manager, stack_vma);
-    }
+    if (!region) { vma_insert(&process->vma_manager, stack_vma); }
 
     if (is_dynamic((Elf64_Ehdr *)data)) {
         uint64_t linker_start = UINT64_MAX;
@@ -375,7 +373,7 @@ _Noreturn void arch_switch_to_user_mode() {
     } else
         rsp = build_user_stack(get_current_task(), rsp, (uint64_t)entry, 0, NULL, 0, data,
                                load_start);
-
+    free(data);
     arch_close_interrupt();
     __asm__ volatile("mov %0, %%es\n"
                      "mov %0, %%ds\n"
diff --git a/src/mem/page.c b/src/mem/page.c
@@ -1,11 +1,11 @@
 #include "mem/page.h"
-#include "mem/frame.h"
+#include "kasan.h"
 #include "lock.h"
+#include "mem/frame.h"
 #include "task/smp.h"
 #include "task/task.h"
-#include "kasan.h"
 
-page_directory_t  kernel_page_dir;
+page_directory_t kernel_page_dir;
 
 page_directory_t *get_kernel_pagedir() {
     return &kernel_page_dir;
@@ -25,11 +25,15 @@ void page_map_range(page_directory_t *directory, uint64_t addr, uint64_t frame,
         uint64_t var = addr + i;
         page_map_to(directory, var, frame + i, flags);
     }
+#if KASAN_CHECK
     kasan_unpoison((void *)addr, length);
+#endif
 }
 
 void unmap_page_range(page_directory_t *directory, uint64_t vaddr, uint64_t size) {
+#if KASAN_CHECK
     kasan_poison((void *)vaddr, size);
+#endif
     for (uint64_t va = vaddr; va < vaddr + size; va += PAGE_SIZE) {
         unmap_page(directory, va);
     }
@@ -40,17 +44,19 @@ uint64_t page_alloc_random(page_directory_t *directory, uint64_t length, uint64_
     size_t   p    = length / PAGE_SIZE;
     uint64_t addr = alloc_frames(p == 0 ? 1 : p);
     for (uint64_t i = 0; i < length; i += 0x1000) {
-        uint64_t var = (uint64_t)addr + i;
+        uint64_t var = addr + i;
         page_map_to(directory, var, var, flags);
     }
+#if KASAN_CHECK
     kasan_unpoison((void *)addr, length);
+#endif
     return addr;
 }
 
 void page_map_range_to_random(page_directory_t *directory, uint64_t addr, uint64_t length,
                               uint64_t flags) {
     for (uint64_t i = 0; i < length; i += 0x1000) {
-        uint64_t var = (uint64_t)addr + i;
+        uint64_t var = addr + i;
         page_map_to(directory, var, alloc_frames(1), flags);
     }
 }
@@ -65,17 +71,15 @@ uint64_t map_change_attribute_range(page_directory_t *directory, uint64_t vaddr,
 }
 
 void switch_page_directory(page_directory_t *dir) {
-    if (arch_current_cpu()) {
-        arch_current_cpu()->directory = dir;
-    }
+    if (arch_current_cpu()) { arch_current_cpu()->directory = dir; }
     switch_page_directory0(dir);
 }
 
-page_directory_t *switch_context_directory(page_directory_t *directory){
+page_directory_t *switch_context_directory(page_directory_t *directory) {
     tcb_t thread = get_current_task();
-    if(thread == NULL) return NULL;
+    if (thread == NULL) return NULL;
     arch_close_interrupt();
-    page_directory_t *ret = thread->process->directory;
+    page_directory_t *ret      = thread->process->directory;
     thread->process->directory = directory;
     switch_page_directory(directory);
     arch_open_interrupt();
@@ -84,10 +88,10 @@ page_directory_t *switch_context_directory(page_directory_t *directory){
 
 page_directory_t *get_current_directory() {
     cpu_local_t *local = arch_current_cpu();
-    if(local == NULL) return get_kernel_pagedir();
+    if (local == NULL) return get_kernel_pagedir();
     return local->directory;
 }
 
-void init_page(){
+void init_page() {
     arch_page_setup();
 }
