correct locking in stdio functions that tried to be lock-free

these functions must behave as if they obtain the lock via flockfile
to satisfy POSIX requirements. since another thread can provably hold
the lock when they are called, they must wait to obtain the lock
before they can return, even if the correct return value could be
obtained without locking. in the case of fclose and freopen, failure
to do so could cause correct (albeit obscure) programs to crash or
otherwise misbehave; in the case of feof, ferror, and fwide, failure
to obtain the lock could sometimes return incorrect results. in any
case, having these functions proceed and return while another thread
held the lock was wrong.

src/stdio/fclose.c

@@ -3,9 +3,12 @@
 int fclose(FILE *f)
 {
 	int r;
-	int perm = f->flags & F_PERM;
+	int perm;
+	
+	/* This lock is not paired with any unlock. */
+	FLOCK(f);
 
-	if (!perm) {
+	if (!(perm = f->flags & F_PERM)) {
 		OFLLOCK();
 		if (f->prev) f->prev->next = f->next;
 		if (f->next) f->next->prev = f->prev;

src/stdio/feof.c

@@ -4,7 +4,10 @@
 
 int feof(FILE *f)
 {
-	return !!(f->flags & F_EOF);
+	FLOCK(f);
+	int ret = !!(f->flags & F_EOF);
+	FUNLOCK(f);
+	return ret;
 }
 
 weak_alias(feof, feof_unlocked);

src/stdio/ferror.c

@@ -4,7 +4,10 @@
 
 int ferror(FILE *f)
 {
-	return !!(f->flags & F_ERR);
+	FLOCK(f);
+	int ret = !!(f->flags & F_ERR);
+	FUNLOCK(f);
+	return ret;
 }
 
 weak_alias(ferror, ferror_unlocked);

src/stdio/fileno.c

@@ -2,6 +2,11 @@
 
 int fileno(FILE *f)
 {
+	/* f->fd never changes, but the lock must be obtained and released
+	 * anyway since this function cannot return while another thread
+	 * holds the lock. */
+	FLOCK(f);
+	FUNLOCK(f);
 	return f->fd;
 }
 

src/stdio/freopen.c

@@ -4,8 +4,9 @@
  * hack the necessary parts of the new FILE into the old one, then
  * close the new FILE. */
 
-/* Locking is not necessary because, in the event of failure, the stream
- * passed to freopen is invalid as soon as freopen is called. */
+/* Locking IS necessary because another thread may provably hold the
+ * lock, via flockfile or otherwise, when freopen is called, and in that
+ * case, freopen cannot act until the lock is released. */
 
 int __dup3(int, int, int);
 
@@ -14,6 +15,8 @@ FILE *freopen(const char *restrict filename, const char *restrict mode, FILE *re
 	int fl = __fmodeflags(mode);
 	FILE *f2;
 
+	FLOCK(f);
+
 	fflush(f);
 
 	if (!filename) {
@@ -22,21 +25,22 @@ FILE *freopen(const char *restrict filename, const char *restrict mode, FILE *re
 		fl &= ~(O_CREAT|O_EXCL|O_CLOEXEC);
 		if (syscall(SYS_fcntl, f->fd, F_SETFL, fl) < 0)
 			goto fail;
-		return f;
 	} else {
 		f2 = fopen(filename, mode);
 		if (!f2) goto fail;
 		if (f2->fd == f->fd) f2->fd = -1; /* avoid closing in fclose */
 		else if (__dup3(f2->fd, f->fd, fl&O_CLOEXEC)<0) goto fail2;
-	}
 
-	f->flags = (f->flags & F_PERM) | f2->flags;
-	f->read = f2->read;
-	f->write = f2->write;
-	f->seek = f2->seek;
-	f->close = f2->close;
+		f->flags = (f->flags & F_PERM) | f2->flags;
+		f->read = f2->read;
+		f->write = f2->write;
+		f->seek = f2->seek;
+		f->close = f2->close;
 
-	fclose(f2);
+		fclose(f2);
+	}
+
+	FUNLOCK(f);
 	return f;
 
 fail2:

src/stdio/fwide.c

@@ -5,6 +5,8 @@
 
 int fwide(FILE *f, int mode)
 {
-	if (!f->mode) f->mode = NORMALIZE(mode);
-	return f->mode;
+	FLOCK(f);
+	if (!f->mode) mode = f->mode = NORMALIZE(mode);
+	FUNLOCK(f);
+	return mode;
 }