dup will clone all info from `fhandler_pty_master` except pty master
control thread and pty master forwarding thread, when close that fd
the `fhandler_pty_master` heap will be reclaimed, but  the thread run
on  `fhandler_pty_master` object will not stop. when close duped fd,
those threads will access the reclaimed space and cause this issue.

here is a simple poc to reproduce this issue
#define _GNU_SOURCE 1
#include <stdlib.h>
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>

int main() {
  static char *name;
  static int mfd, sfd;
  if ((mfd = posix_openpt(O_RDWR|O_NOCTTY)) < 0) {
    printf("posix_openpt failed %d\n", mfd);
    return 1;
  }

  if (!(name = ptsname(mfd))) {
    printf("some failed\n");
    close(mfd);
    return 1;
  }
  int fd;
  if((fd = dup(mfd)) < 0) {
    printf("dup failed %d\n", fd);
    return 1;
  }
  close(mfd);
  mfd = fd;
  if ((sfd = open(name, O_RDWR)) < 0) {
    printf("open %s failed\n", name);
    return 1;
  }

  printf("before close mfd %d\n", mfd);
  close(mfd);
  printf("after close mfd %d\n", mfd);
  close(sfd);
  printf("before close sfd %d\n", sfd);

  return 0;
}