[Patch, Fortran] PR58803 - Prevent a double-free with proc-pointer components

[Tobias Burnus <burnus at net-b dot de>]

As written in the PR:

The problem is that in free_components one frees:

2054    free_components (gfc_component *p)
...
2058      for (; p; p = q)
2059        {
2060          q = p->next;
2061
2062          gfc_free_array_spec (p->as);
2063          gfc_free_expr (p->initializer);
2064          free (p->tb);
2065
2066          free (p);
2067        }

Here:
  p->name == "f1"
  p->tb == (gfc_typebound_proc *) 0x17e0070

when one then cycles to p = q (i.e. to p->next), one has:
  p->name == "f2"
  p->tb == (gfc_typebound_proc *) 0x17e0070


The patch is rather straight forward.

Build and regtested on x86-64-gnu-linux.
OK for the trunk?

Tobias

2013-10-21  Tobias Burnus  <burnus@net-b.de>

	PR fortran/58803
	* decl.c (match_ppc_decl): Prevent later
	double free.

2013-10-21  Tobias Burnus  <burnus@net-b.de>

	PR fortran/58803
	* gfortran.dg/proc_ptr_comp_38.f90: New.

diff --git a/gcc/fortran/decl.c b/gcc/fortran/decl.c
index 3a8175f..9c9fd4f 100644
--- a/gcc/fortran/decl.c
+++ b/gcc/fortran/decl.c
@@ -5055,7 +5055,14 @@ match_ppc_decl (void)
       if (!gfc_add_proc (&c->attr, name, NULL))
 	return MATCH_ERROR;
 
-      c->tb = tb;
+      if (num == 1)
+	c->tb = tb;
+      else
+	{
+	  c->tb = XCNEW (gfc_typebound_proc);
+	  c->tb->where = gfc_current_locus;
+	  *c->tb = *tb;
+	}
 
       /* Set interface.  */
       if (proc_if != NULL)
diff --git a/gcc/testsuite/gfortran.dg/proc_ptr_comp_38.f90 b/gcc/testsuite/gfortran.dg/proc_ptr_comp_38.f90
new file mode 100644
index 0000000..2a71ca0
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/proc_ptr_comp_38.f90
@@ -0,0 +1,12 @@
+! { dg-do compile }
+!
+! PR fortran/58803
+!
+! Contributed by Vittorio Zecca
+!
+! Was before ICEing due to a double free
+!
+      type t
+       procedure(real), pointer, nopass  :: f1, f2
+      end type
+      end