[binutils-gdb] bfd: alpha: Fix crash caused by double free with --no-keep-memory

[Alan Modra <amodra at sourceware dot org>]

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ae4fda663812129df67e3a70691787060242c0f9

commit ae4fda663812129df67e3a70691787060242c0f9
Author: James Clarke <jrtc27@jrtc27.com>
Date:   Tue Jan 3 16:15:15 2017 +0000

    bfd: alpha: Fix crash caused by double free with --no-keep-memory
    
    Without this, ld has been seen to crash in libc when freeing tsec_free:
    
    *** Error in `/usr/bin/ld': double free or corruption (!prev): 0x0000000120ceb6a0 ***
    
    _bfd_elf_link_read_relocs will always return the cached value if
    present, even if keep_memory is false, therefore setting tsec_free to
    NULL only when keep_memory is true is not sufficient.
    
    	* elf64-alpha.c (elf64_alpha_relax_opt_call): Don't set tsec_free
    	if relocs are cached.

Diff:
---
 bfd/ChangeLog     | 5 +++++
 bfd/elf64-alpha.c | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 41d5119..f238d86 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2017-01-04  James Clarke  <jrtc27@jrtc27.com>
+
+	* elf64-alpha.c (elf64_alpha_relax_opt_call): Don't set tsec_free
+	if relocs are cached.
+
 2017-01-03  Rich Felker  <bugdal@aerifal.cx>
 
 	PR ld/21017
diff --git a/bfd/elf64-alpha.c b/bfd/elf64-alpha.c
index 4fa4743..b4a50f4 100644
--- a/bfd/elf64-alpha.c
+++ b/bfd/elf64-alpha.c
@@ -3215,7 +3215,9 @@ elf64_alpha_relax_opt_call (struct alpha_relax_info *info, bfd_vma symval)
 	  if (tsec_relocs == NULL)
 	    return 0;
 	  tsec_relend = tsec_relocs + info->tsec->reloc_count;
-	  tsec_free = (info->link_info->keep_memory ? NULL : tsec_relocs);
+	  tsec_free = (elf_section_data (info->tsec)->relocs == tsec_relocs
+		       ? NULL
+		       : tsec_relocs);
 	}
 
       /* Recover the symbol's offset within the section.  */