From 317c0644ccf108aa23ef3fd8358bd66c2840bfc0 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 14 Apr 2024 15:40:54 +0200
Subject: Adding upstream version 5:7.2.4.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 deps/jemalloc/test/unit/double_free.c | 77 +++++++++++++++++++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 deps/jemalloc/test/unit/double_free.c

(limited to 'deps/jemalloc/test/unit/double_free.c')

diff --git a/deps/jemalloc/test/unit/double_free.c b/deps/jemalloc/test/unit/double_free.c
new file mode 100644
index 0000000..12122c1
--- /dev/null
+++ b/deps/jemalloc/test/unit/double_free.c
@@ -0,0 +1,77 @@
+#include "test/jemalloc_test.h"
+#include "test/san.h"
+
+#include "jemalloc/internal/safety_check.h"
+
+bool fake_abort_called;
+void fake_abort(const char *message) {
+	(void)message;
+	fake_abort_called = true;
+}
+
+void
+test_large_double_free_pre(void) {
+	safety_check_set_abort(&fake_abort);
+	fake_abort_called = false;
+}
+
+void
+test_large_double_free_post() {
+	expect_b_eq(fake_abort_called, true, "Double-free check didn't fire.");
+	safety_check_set_abort(NULL);
+}
+
+TEST_BEGIN(test_large_double_free_tcache) {
+	test_skip_if(!config_opt_safety_checks);
+	/*
+	 * Skip debug builds, since too many assertions will be triggered with
+	 * double-free before hitting the one we are interested in.
+	 */
+	test_skip_if(config_debug);
+
+	test_large_double_free_pre();
+	char *ptr = malloc(SC_LARGE_MINCLASS);
+	bool guarded = extent_is_guarded(tsdn_fetch(), ptr);
+	free(ptr);
+	if (!guarded) {
+		free(ptr);
+	} else {
+		/*
+		 * Skip because guarded extents may unguard immediately on
+		 * deallocation, in which case the second free will crash before
+		 * reaching the intended safety check.
+		 */
+		fake_abort_called = true;
+	}
+	mallctl("thread.tcache.flush", NULL, NULL, NULL, 0);
+	test_large_double_free_post();
+}
+TEST_END
+
+TEST_BEGIN(test_large_double_free_no_tcache) {
+	test_skip_if(!config_opt_safety_checks);
+	test_skip_if(config_debug);
+
+	test_large_double_free_pre();
+	char *ptr = mallocx(SC_LARGE_MINCLASS, MALLOCX_TCACHE_NONE);
+	bool guarded = extent_is_guarded(tsdn_fetch(), ptr);
+	dallocx(ptr, MALLOCX_TCACHE_NONE);
+	if (!guarded) {
+		dallocx(ptr, MALLOCX_TCACHE_NONE);
+	} else {
+		/*
+		 * Skip because guarded extents may unguard immediately on
+		 * deallocation, in which case the second free will crash before
+		 * reaching the intended safety check.
+		 */
+		fake_abort_called = true;
+	}
+	test_large_double_free_post();
+}
+TEST_END
+
+int
+main(void) {
+	return test(test_large_double_free_no_tcache,
+	    test_large_double_free_tcache);
+}
-- 
cgit v1.2.3