Fix ZipOS deadlock/segfault (#1011)

This change adds a new stress test for ZipOS which helped
us improve the locking semantics in open() and close().

libc/calls/close.c

@@ -21,6 +21,7 @@
 #include "libc/calls/internal.h"
 #include "libc/calls/state.internal.h"
 #include "libc/calls/struct/fd.internal.h"
+#include "libc/calls/struct/sigset.internal.h"
 #include "libc/calls/syscall-nt.internal.h"
 #include "libc/calls/syscall-sysv.internal.h"
 #include "libc/dce.h"
@@ -91,8 +92,18 @@ static int close_impl(int fd) {
  * @vforksafe
  */
 int close(int fd) {
-  int rc = close_impl(fd);
-  if (!__vforked) __releasefd(fd);
+  int rc;
+  if (__isfdkind(fd, kFdZip)) {   // XXX IsWindows()?
+    BLOCK_SIGNALS;
+    __fds_lock();
+    rc = close_impl(fd);
+    if (!__vforked) __releasefd(fd);
+    __fds_unlock();
+    ALLOW_SIGNALS;
+  } else {
+    rc = close_impl(fd);
+    if (!__vforked) __releasefd(fd);
+  }
   STRACE("close(%d) → %d% m", fd, rc);
   return rc;
 }

libc/runtime/zipos-open.c

@@ -235,21 +235,21 @@ void __zipos_postdup(int oldfd, int newfd) {
   if (oldfd == newfd) {
     return;
   }
+  BLOCK_SIGNALS;
+  __fds_lock();
   if (__isfdkind(newfd, kFdZip)) {
     __zipos_free((struct ZiposHandle *)(intptr_t)g_fds.p[newfd].handle);
     if (!__isfdkind(oldfd, kFdZip)) {
-      __fds_lock();
       bzero(g_fds.p + newfd, sizeof(*g_fds.p));
-      __fds_unlock();
     }
   }
   if (__isfdkind(oldfd, kFdZip)) {
     __zipos_keep((struct ZiposHandle *)(intptr_t)g_fds.p[oldfd].handle);
-    __fds_lock();
     __ensurefds_unlocked(newfd);
     g_fds.p[newfd] = g_fds.p[oldfd];
-    __fds_unlock();
   }
+  __fds_unlock();
+  ALLOW_SIGNALS;
 }
 
 /**

libc/runtime/zipos-read.c

@@ -58,6 +58,7 @@ static ssize_t __zipos_read_impl(struct ZiposHandle *h, const struct iovec *iov,
     if (b) memcpy(iov[i].iov_base, h->mem + y, b);
   }
   if (opt_offset == -1) {
+    unassert(y != SIZE_MAX);
     atomic_store_explicit(&h->pos, y, memory_order_release);
   }
   return y - x;

test/libc/runtime/zipos_test.c

@@ -124,3 +124,61 @@ TEST(zipos, closeAfterVfork) {
   ASSERT_SYS(0, 0, close(3));
   ASSERT_SYS(EBADF, -1, close(3));
 }
+
+struct State {
+  int id;
+  int fd;
+  pthread_t thread;
+};
+
+#define READS()                         \
+  for (int i = 0; i < 4; ++i) {         \
+    char buf[8];                        \
+    ASSERT_SYS(0, 8, read(fd, buf, 8)); \
+  }
+#define SEEKS()                         \
+  for (int i = 0; i < 4; ++i) {         \
+    rc = lseek(fd, 8, SEEK_CUR);        \
+    ASSERT_NE(rc, -1);                  \
+  }
+
+static void *pthread_main(void *ptr) {
+  struct State *s = ptr;
+  struct State children[2];
+  int fd, rc;
+
+  fd = s->fd;
+  if (s->id < 8) {
+    for (int i = 0; i < 2; ++i) {
+      rc = dup(fd);
+      ASSERT_NE(-1, rc);
+      children[i].fd = rc;
+      children[i].id = 2 * s->id + i;
+      ASSERT_SYS(0, 0, pthread_create(&children[i].thread, NULL, pthread_main,
+                                      children + i));
+    }
+  }
+  if (s->id & 1) {
+    SEEKS();
+    READS();
+  } else {
+    READS();
+    SEEKS();
+  }
+  ASSERT_SYS(0, 0, close(fd));
+  if (s->id < 8) {
+    for (int i = 0; i < 2; ++i) {
+      ASSERT_SYS(0, 0, pthread_join(children[i].thread, NULL));
+    }
+  }
+  return NULL;
+}
+
+TEST(zipos, ultraPosixAtomicSeekRead) {
+  struct State s = { 1, 4 };
+  ASSERT_SYS(0, 3, open("/zip/libc/testlib/hyperion.txt", O_RDONLY));
+  ASSERT_SYS(0, 4, dup(3));
+  pthread_main((void *)&s);
+  EXPECT_EQ(960, lseek(3, 0, SEEK_CUR));
+  ASSERT_SYS(0, 0, close(3));
+}