prevent longjmp / forkret from writing over tf->edi

pipe.c

@@ -61,6 +61,8 @@ pipe_alloc(struct fd **fd1, struct fd **fd2)
 void
 pipe_close(struct pipe *p, int writeable)
 {
+  acquire(&p->lock);
+
   if(writeable){
     p->writeopen = 0;
     wakeup(&p->readp);
@@ -68,6 +70,9 @@ pipe_close(struct pipe *p, int writeable)
     p->readopen = 0;
     wakeup(&p->writep);
   }
+  
+  release(&p->lock);
+
   if(p->readopen == 0 && p->writeopen == 0)
     kfree((char *) p, PAGE);
 }

proc.c

@@ -109,7 +109,7 @@ copyproc(struct proc* p)
   // Set up new jmpbuf to start executing at forkret (see below).
   memset(&np->jmpbuf, 0, sizeof np->jmpbuf);
   np->jmpbuf.eip = (uint)forkret;
-  np->jmpbuf.esp = (uint)np->tf;
+  np->jmpbuf.esp = (uint)np->tf - 4;
 
   // Copy file descriptors
   for(i = 0; i < NOFILE; i++){

syscall.c

@@ -13,8 +13,7 @@
  * System call number in %eax.
  * Arguments on the stack, from the user call to the C
  * library system call function. The saved user %esp points
- * to a saved frame pointer, a program counter, and then
+ * to a saved program counter, and then the first argument.
- * the first argument.
  *
  * Return value? Error indication? Errno?
  */
@@ -56,11 +55,11 @@ fetcharg(int argno, void *ip)
 }
 
 int
-putint(struct proc *p, uint addr, int ip)
+putint(struct proc *p, uint addr, int x)
 {
   if(addr > p->sz - 4)
     return -1;
-  memmove(p->mem + addr, &ip, 4);
+  memmove(p->mem + addr, &x, 4);
   return 0;
 }
 
@@ -269,7 +268,6 @@ syscall(void)
   int num = cp->tf->eax;
   int ret = -1;
 
-  //cprintf("%x sys %d\n", cp, num);
   switch(num){
   case SYS_fork:
     ret = sys_fork();