Don't relocate file descriptor memory

This change fixes #496 where ASAN spotted a race condition that could
happen in multithreaded programs, with more than OPEN_MAX descriptors
when using ZipOS or Windows NT, which require tracking open file info
and this change fixes that table so it never relocates, thus allowing
us to continue to enjoy the benefits of avoiding locks while reading.

Author: jart

Makefile

@@ -211,6 +211,7 @@ include test/libc/fmt/test.mk
 include test/libc/dns/test.mk
 include test/libc/time/test.mk
 include test/libc/stdio/test.mk
+include test/libc/zipos/test.mk
 include test/libc/release/test.mk
 include test/libc/test.mk
 include test/net/http/test.mk

examples/walk.c

@@ -7,16 +7,12 @@
 │   • http://creativecommons.org/publicdomain/zero/1.0/            │
 ╚─────────────────────────────────────────────────────────────────*/
 #endif
-#include "libc/calls/calls.h"
-#include "libc/calls/struct/stat.h"
 #include "libc/errno.h"
-#include "libc/runtime/gc.h"
 #include "libc/runtime/runtime.h"
 #include "libc/stdio/stdio.h"
 #include "libc/str/str.h"
 #include "libc/sysv/consts/exit.h"
 #include "libc/sysv/consts/s.h"
-#include "libc/x/x.h"
 #include "third_party/musl/ftw.h"
 
 /**

libc/calls/calls.mk

@@ -79,14 +79,6 @@ o/$(MODE)/libc/calls/vdsofunc.greg.o: private		\
 			-ffreestanding			\
 			-fno-sanitize=address
 
-# we can't use asan because:
-#   asan guard pages haven't been allocated yet
-o/$(MODE)/libc/calls/directmap.o			\
-o/$(MODE)/libc/calls/directmap-nt.o: private		\
-		OVERRIDE_COPTS +=			\
-			-ffreestanding			\
-			-fno-sanitize=address
-
 # we can't use asan because:
 #   ntspawn allocates 128kb of heap memory via win32
 o/$(MODE)/libc/calls/ntspawn.o				\
@@ -144,12 +136,6 @@ o/$(MODE)/libc/calls/ioctl-siocgifconf-nt.o: private	\
 			-ffunction-sections		\
 			-fdata-sections
 
-# we want small code size because:
-#   to keep .text.head under 4096 bytes
-o/$(MODE)/libc/calls/mman.greg.o: private		\
-		OVERRIDE_COPTS +=			\
-			-Os
-
 # we always want -Os because:
 #   va_arg codegen is very bloated in default mode
 o//libc/calls/open.o					\

libc/calls/extend.internal.h

@@ -0,0 +1,10 @@
+#ifndef COSMOPOLITAN_LIBC_CALLS_EXTEND_INTERNAL_H_
+#define COSMOPOLITAN_LIBC_CALLS_EXTEND_INTERNAL_H_
+#if !(__ASSEMBLER__ + __LINKER__ + 0)
+COSMOPOLITAN_C_START_
+
+void *_extend(void *, size_t, void *, intptr_t);
+
+COSMOPOLITAN_C_END_
+#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
+#endif /* COSMOPOLITAN_LIBC_CALLS_EXTEND_INTERNAL_H_ */

libc/calls/reservefd.c

@@ -18,6 +18,7 @@
 ╚─────────────────────────────────────────────────────────────────────────────*/
 #include "libc/assert.h"
 #include "libc/calls/calls.h"
+#include "libc/calls/extend.internal.h"
 #include "libc/calls/internal.h"
 #include "libc/calls/state.internal.h"
 #include "libc/calls/strace.internal.h"
@@ -46,33 +47,11 @@ static volatile size_t mapsize;
  * @asyncsignalsafe
  */
 int __ensurefds_unlocked(int fd) {
-  uint64_t addr;
-  int prot, flags;
-  size_t size, chunk;
-  struct DirectMap dm;
+  bool relocate;
   if (fd < g_fds.n) return fd;
-  STRACE("__ensurefds(%d) extending", fd);
-  size = mapsize;
-  chunk = FRAMESIZE;
-  if (IsAsan()) chunk *= 8;
-  addr = kMemtrackFdsStart + size;
-  prot = PROT_READ | PROT_WRITE;
-  flags = MAP_PRIVATE | MAP_ANONYMOUS | MAP_FIXED;
-  dm = sys_mmap((char *)addr, chunk, prot, flags, -1, 0);
-  TrackMemoryInterval(&_mmi, addr >> 16, (addr + chunk - 1) >> 16, dm.maphandle,
-                      prot, flags, false, false, 0, chunk);
-  if (IsAsan()) {
-    addr = (addr >> 3) + 0x7fff8000;
-    dm = sys_mmap((char *)addr, FRAMESIZE, prot, flags, -1, 0);
-    TrackMemoryInterval(&_mmi, addr >> 16, addr >> 16, dm.maphandle, prot,
-                        flags, false, false, 0, FRAMESIZE);
-  }
-  if (!size) {
-    g_fds.p = memcpy((char *)kMemtrackFdsStart, g_fds.__init_p,
-                     sizeof(g_fds.__init_p));
-  }
-  g_fds.n = (size + chunk) / sizeof(*g_fds.p);
-  mapsize = size + chunk;
+  g_fds.n = fd + 1;
+  g_fds.e =
+      _extend(g_fds.p, g_fds.n * sizeof(*g_fds.p), g_fds.e, 0x6ff000000000);
   return fd;
 }
 

libc/calls/sig2.c

@@ -16,6 +16,7 @@
 │ TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR             │
 │ PERFORMANCE OF THIS SOFTWARE.                                                │
 ╚─────────────────────────────────────────────────────────────────────────────*/
+#include "libc/calls/calls.h"
 #include "libc/calls/sig.internal.h"
 #include "libc/calls/state.internal.h"
 #include "libc/calls/strace.internal.h"

libc/calls/struct/fd.internal.h

@@ -25,10 +25,9 @@ struct Fd {
 };
 
 struct Fds {
-  int f;    /* lowest free slot */
-  size_t n; /* monotonic capacity */
-  struct Fd *p;
-  struct Fd __init_p[OPEN_MAX];
+  int f; /* lowest free slot */
+  size_t n;
+  struct Fd *p, *e;
 };
 
 COSMOPOLITAN_C_END_

libc/integral/normalize.inc

@@ -67,8 +67,8 @@
 #endif
 
 /* TODO(jart): Remove this in favor of GetStackSize() */
-#if defined(COSMO) && defined(MODE_DBG)
-#define STACKSIZE 131072 /* 128kb stack */
+#if defined(COSMO) && (defined(MODE_DBG) || defined(__SANITIZE_ADDRESS__))
+#define STACKSIZE 262144 /* 256kb stack */
 #elif defined(COSMO)
 #define STACKSIZE 65536 /* 64kb stack */
 #else