[Coverage] Fix use-after free in coverage emission

Fixes regression from r320533. This fixes the undefined behavior, but I'm not sure it's really right... I think we end up with missing coverage for code in modules. Differential Revision: https://reviews.llvm.org/D41374 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@321052 91177308-0d34-0410-b5e6-96231b3b80d8
author: Eli Friedman <efriedma@codeaurora.org> 2017-12-19 01:54:09 +0000
committer: Eli Friedman <efriedma@codeaurora.org> 2017-12-19 01:54:09 +0000
commit: 40a3fcbe25ca809e9673aca31843a23cb5fc6eab (patch)
tree: 4774bec759f764497758bdd2af3fde1deac116ef /lib/CodeGen/CodeGenModule.cpp
parent: 351e0cae49c2c24aaf47aa6c00ef43b264e5b547 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/CodeGen/CodeGenModule.cpp b/lib/CodeGen/CodeGenModule.cpp
index c59dc71da5..7b2599d664 100644
--- a/lib/CodeGen/CodeGenModule.cpp
+++ b/lib/CodeGen/CodeGenModule.cpp
@@ -4289,7 +4289,11 @@ void CodeGenModule::ClearUnusedCoverageMapping(const Decl *D) {
 }
 
 void CodeGenModule::EmitDeferredUnusedCoverageMappings() {
-  for (const auto &Entry : DeferredEmptyCoverageMappingDecls) {
+  // We call takeVector() here to avoid use-after-free.
+  // FIXME: DeferredEmptyCoverageMappingDecls is getting mutated because
+  // we deserialize function bodies to emit coverage info for them, and that
+  // deserializes more declarations. How should we handle that case?
+  for (const auto &Entry : DeferredEmptyCoverageMappingDecls.takeVector()) {
     if (!Entry.second)
       continue;
     const Decl *D = Entry.first;
author	Eli Friedman <efriedma@codeaurora.org>	2017-12-19 01:54:09 +0000
committer	Eli Friedman <efriedma@codeaurora.org>	2017-12-19 01:54:09 +0000
commit	40a3fcbe25ca809e9673aca31843a23cb5fc6eab (patch)
tree	4774bec759f764497758bdd2af3fde1deac116ef /lib/CodeGen/CodeGenModule.cpp
parent	351e0cae49c2c24aaf47aa6c00ef43b264e5b547 (diff)