test for [Bug #12670]

heap corruption by deferred free.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59116 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ext/-test-/typeddata/typeddata.c

@@ -2,8 +2,18 @@
 
 static const rb_data_type_t test_data = {
     "typed_data",
+    {NULL, ruby_xfree, NULL},
+    NULL, NULL,
+    0/* deferred free */,
 };
 
+static VALUE
+test_alloc(VALUE klass)
+{
+    char *p;
+    return TypedData_Make_Struct(klass, char, &test_data, p);
+}
+
 static VALUE
 test_check(VALUE self, VALUE obj)
 {
@@ -11,10 +21,24 @@ test_check(VALUE self, VALUE obj)
     return obj;
 }
 
+static VALUE
+test_make(VALUE klass, VALUE num)
+{
+    unsigned long i, n = NUM2UINT(num);
+
+    for (i = 0; i < n; i++) {
+	test_alloc(klass);
+    }
+
+    return Qnil;
+}
+
 void
 Init_typeddata(void)
 {
     VALUE mBug = rb_define_module("Bug");
     VALUE klass = rb_define_class_under(mBug, "TypedData", rb_cData);
+    rb_define_alloc_func(klass, test_alloc);
     rb_define_singleton_method(klass, "check", test_check, 1);
+    rb_define_singleton_method(klass, "make", test_make, 1);
 }

test/-ext-/typeddata/test_typeddata.rb

@@ -17,4 +17,15 @@ class Test_TypedData < Test::Unit::TestCase
     obj = eval("class C\u{1f5ff}; self; end").new
     assert_raise_with_message(TypeError, /C\u{1f5ff}/) {Bug::TypedData.check(obj)}
   end
+
+  def test_deferred_free
+    assert_ruby_status([], "#{<<-"begin;"}\n#{<<-"end;"}")
+    require "-test-/typeddata"
+    begin;
+      n = 1 << 20
+      Bug::TypedData.make(n)
+    end;
+  rescue MiniTest::Assertion => e
+    skip e.message
+  end
 end