From 6cdb66cbb3031f5b27266f5a11bb13d9da296a50 Mon Sep 17 00:00:00 2001 From: Aiken Harris Date: Sun, 15 Mar 2026 00:33:09 +0100 Subject: [PATCH 1/4] Ensure SS and ESP are saved in trap frame --- xtoskrnl/ar/i686/archsup.S | 11 ++++++++++- xtoskrnl/includes/ar/i686/asmsup.h | 4 +++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/xtoskrnl/ar/i686/archsup.S b/xtoskrnl/ar/i686/archsup.S index f1af307..4e73bc1 100644 --- a/xtoskrnl/ar/i686/archsup.S +++ b/xtoskrnl/ar/i686/archsup.S @@ -75,12 +75,20 @@ _ArTrap\Vector: /* Test previous mode and swap GS if needed */ movl $0, TrapPreviousMode(%ebp) mov %cs, %ax - and $1, %al + and $3, %al mov %al, TrapPreviousMode(%ebp) jz KernelMode$\Vector swapgs + jmp UserMode$\Vector KernelMode$\Vector: + /* Save kernel stack pointer (SS:ESP) as CPU did not push them */ + movl %ss, %eax + mov %eax, TrapSegSs(%ebp) + lea TrapEsp(%ebp), %eax + mov %eax, TrapEsp(%ebp) + +UserMode$\Vector: /* Push Frame Pointer, clear direction flag and pass to trap dispatcher */ push %esp cld @@ -100,6 +108,7 @@ KernelModeReturn$\Vector: mov TrapSegDs(%ebp), %ds mov TrapSegEs(%ebp), %es mov TrapSegFs(%ebp), %fs + mov TrapSegGs(%ebp), %gs /* Free stack space */ add $(TRAP_FRAME_SIZE - TRAP_REGISTERS_SIZE), %esp diff --git a/xtoskrnl/includes/ar/i686/asmsup.h b/xtoskrnl/includes/ar/i686/asmsup.h index 7eab0f5..5150fb9 100644 --- a/xtoskrnl/includes/ar/i686/asmsup.h +++ b/xtoskrnl/includes/ar/i686/asmsup.h @@ -24,9 +24,11 @@ #define TrapSegEs 38 #define TrapSegFs 40 #define TrapSegGs 42 +#define TrapEsp 92 +#define TrapSegSs 96 /* KTRAP_FRAME length related definitions */ #define TRAP_FRAME_SIZE 100 #define TRAP_REGISTERS_SIZE 56 -#endif /* __XTOSKRNL_AMD64_ASMSUP_H */ +#endif /* __XTOSKRNL_I686_ASMSUP_H */ From 0fed59314751ee4b597205d7449accd70a412c83 Mon Sep 17 00:00:00 2001 From: Aiken Harris Date: Sun, 15 Mar 2026 17:32:01 +0100 Subject: [PATCH 2/4] Ensure SS and RSP are saved in trap frame --- xtoskrnl/ar/amd64/archsup.S | 10 +++++++++- xtoskrnl/includes/ar/amd64/asmsup.h | 2 ++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/xtoskrnl/ar/amd64/archsup.S b/xtoskrnl/ar/amd64/archsup.S index d91f8ea..481cd53 100644 --- a/xtoskrnl/ar/amd64/archsup.S +++ b/xtoskrnl/ar/amd64/archsup.S @@ -104,12 +104,20 @@ ArTrap\Vector: /* Test previous mode and swap GS if needed */ movl $0, TrapPreviousMode(%rbp) mov %cs, %ax - and $1, %al + and $3, %al mov %al, TrapPreviousMode(%rbp) jz KernelMode$\Vector swapgs + jmp UserMode$\Vector KernelMode$\Vector: + /* Save kernel stack pointer (SS:RSP) */ + movl %ss, %eax + mov %eax, TrapSegSs(%rbp) + lea TRAP_FRAME_SIZE(%rbp), %rax + mov %rax, TrapRsp(%rbp) + +UserMode$\Vector: /* Push Frame Pointer, clear direction flag and pass to trap dispatcher */ mov %rsp, %rcx cld diff --git a/xtoskrnl/includes/ar/amd64/asmsup.h b/xtoskrnl/includes/ar/amd64/asmsup.h index 7e04ab6..6127077 100644 --- a/xtoskrnl/includes/ar/amd64/asmsup.h +++ b/xtoskrnl/includes/ar/amd64/asmsup.h @@ -56,6 +56,8 @@ #define TrapSegEs 330 #define TrapSegFs 332 #define TrapSegGs 334 +#define TrapRsp 496 +#define TrapSegSs 504 /* KTRAP_FRAME length related definitions */ #define TRAP_FRAME_SIZE 512 From d401ac45406c09cb3686d7a0bef36e8a313bd575 Mon Sep 17 00:00:00 2001 From: Aiken Harris Date: Mon, 16 Mar 2026 09:55:26 +0100 Subject: [PATCH 3/4] Remove redundant comments from panic calls --- xtoskrnl/rtl/amd64/exsup.cc | 4 ++-- xtoskrnl/rtl/i686/exsup.cc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/xtoskrnl/rtl/amd64/exsup.cc b/xtoskrnl/rtl/amd64/exsup.cc index 39aff65..50bed5c 100644 --- a/xtoskrnl/rtl/amd64/exsup.cc +++ b/xtoskrnl/rtl/amd64/exsup.cc @@ -74,7 +74,7 @@ __CxxFrameHandler3(IN PEXCEPTION_RECORD ExceptionRecord, /* Disable interrupts and hang */ AR::CpuFunc::ClearInterruptFlag(); - KE::Crash::Panic(0); // CXX_FRAME_HANDLER_CALLED + KE::Crash::Panic(0); /* Continue search */ return ExceptionContinueSearch; @@ -129,5 +129,5 @@ _purecall(VOID) /* Disable interrupts and hang */ AR::CpuFunc::ClearInterruptFlag(); - KE::Crash::Panic(0); // PURE_VIRTUAL_FUNCTION_CALL + KE::Crash::Panic(0); } diff --git a/xtoskrnl/rtl/i686/exsup.cc b/xtoskrnl/rtl/i686/exsup.cc index 03019d6..9ea3b65 100644 --- a/xtoskrnl/rtl/i686/exsup.cc +++ b/xtoskrnl/rtl/i686/exsup.cc @@ -74,7 +74,7 @@ __CxxFrameHandler3(IN PEXCEPTION_RECORD ExceptionRecord, /* Disable interrupts and hang */ AR::CpuFunc::ClearInterruptFlag(); - KE::Crash::Panic(0); // CXX_FRAME_HANDLER_CALLED + KE::Crash::Panic(0); /* Continue search */ return ExceptionContinueSearch; @@ -129,5 +129,5 @@ _purecall(VOID) /* Disable interrupts and hang */ AR::CpuFunc::ClearInterruptFlag(); - KE::Crash::Panic(0); // PURE_VIRTUAL_FUNCTION_CALL + KE::Crash::Panic(0); } From 140af4278ebee2eff529b1c119af1ea54dc44315 Mon Sep 17 00:00:00 2001 From: Aiken Harris Date: Sat, 21 Mar 2026 18:29:19 +0100 Subject: [PATCH 4/4] Fix uninitialized member in SpinLockGuard --- xtoskrnl/includes/ke/spinlock.hh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/xtoskrnl/includes/ke/spinlock.hh b/xtoskrnl/includes/ke/spinlock.hh index a7528f1..f2e0259 100644 --- a/xtoskrnl/includes/ke/spinlock.hh +++ b/xtoskrnl/includes/ke/spinlock.hh @@ -69,17 +69,18 @@ namespace KE class SpinLockGuard { private: - PKSPIN_LOCK SpinLock; + PKSPIN_LOCK Lock; public: SpinLockGuard(IN OUT PKSPIN_LOCK SpinLock) { - KE::SpinLock::AcquireSpinLock(SpinLock); + Lock = SpinLock; + KE::SpinLock::AcquireSpinLock(Lock); } ~SpinLockGuard() { - KE::SpinLock::ReleaseSpinLock(SpinLock); + KE::SpinLock::ReleaseSpinLock(Lock); } SpinLockGuard(const SpinLockGuard&) = delete;