fix(locking): prevent lock fd inheritance and add read-only C open (#2)

## Summary
- set close-on-exec for file open/create paths to prevent lock FD
inheritance across exec
- add `zvec_open_read_only(const char* path, zvec_collection_t* out)` C
API and open collection with `read_only_=true`
- add regression tests for CLOEXEC behavior and lock FD inheritance
across fork+exec
- fix the lock-inheritance regression test to move ownership from the
create result and avoid shared ownership false negatives

## Testing
- `./build-1349/bin/file_test
--gtest_filter=File.CreateAndOpen_SetsCloseOnExecFlag`
- `./build-1349/bin/collection_test
--gtest_filter=CollectionTest.Feature_LockFdIsNotInheritedAcrossExec`

Author: kdy1

src/ailego/io/file.cc

@@ -39,6 +39,50 @@ static inline int OpenSafely(const char *path, int flags) {
   return fd;
 }
 
+static inline bool SetCloseOnExec(int fd) {
+  int current_flags = fcntl(fd, F_GETFD);
+  while (current_flags == -1 && errno == EINTR) {
+    current_flags = fcntl(fd, F_GETFD);
+  }
+  if (current_flags == -1) {
+    return false;
+  }
+  if ((current_flags & FD_CLOEXEC) != 0) {
+    return true;
+  }
+
+  int ret = fcntl(fd, F_SETFD, current_flags | FD_CLOEXEC);
+  while (ret == -1 && errno == EINTR) {
+    ret = fcntl(fd, F_SETFD, current_flags | FD_CLOEXEC);
+  }
+  return ret == 0;
+}
+
+static inline int OpenWithCloseOnExec(const char *path, int flags) {
+#ifdef O_CLOEXEC
+  int cloexec_fd = OpenSafely(path, flags | O_CLOEXEC);
+  if (cloexec_fd != -1) {
+    return cloexec_fd;
+  }
+  if (errno != EINVAL) {
+    return -1;
+  }
+#endif
+
+  int fd = OpenSafely(path, flags);
+  if (fd == -1) {
+    return -1;
+  }
+  if (!SetCloseOnExec(fd)) {
+    int ret = close(fd);
+    while (ret == -1 && errno == EINTR) {
+      ret = close(fd);
+    }
+    return -1;
+  }
+  return fd;
+}
+
 static inline void CloseSafely(int fd) {
   int ret = close(fd);
   while (ret == -1 && errno == EINTR) {
@@ -144,7 +188,7 @@ bool File::create(const char *path, size_t len, bool direct) {
   (void)direct;
 #endif
 
-  int fd = OpenSafely(path, flags);
+  int fd = OpenWithCloseOnExec(path, flags);
   ailego_false_if_lt_zero(fd);
 
 #ifdef F_NOCACHE
@@ -178,7 +222,7 @@ bool File::open(const char *path, bool rdonly, bool direct) {
   (void)direct;
 #endif
 
-  int fd = OpenSafely(path, flags);
+  int fd = OpenWithCloseOnExec(path, flags);
   ailego_false_if_lt_zero(fd);
 
 #ifdef F_NOCACHE
@@ -724,4 +768,4 @@ void File::MemoryWarmup(void *addr, size_t len) {
 }
 
 }  // namespace ailego
-}  // namespace zvec
+}  // namespace zvec