[Coverage] Fix use-after free in coverage emission

Fixes regression from r320533.

This fixes the undefined behavior, but I'm not sure it's really right...
I think we end up with missing coverage for code in modules.

Differential Revision: https://reviews.llvm.org/D41374

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@321052 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/CodeGen/CodeGenModule.cpp b/lib/CodeGen/CodeGenModule.cpp
index c59dc71da5960968a66cd1490362e8d1aff01769..7b2599d664a49277c34a62c817264f53db37bac9 100644 (file)
--- a/lib/CodeGen/CodeGenModule.cpp
+++ b/lib/CodeGen/CodeGenModule.cpp
@@ -4289,7 +4289,11 @@ void CodeGenModule::ClearUnusedCoverageMapping(const Decl *D) {
 }
 
 void CodeGenModule::EmitDeferredUnusedCoverageMappings() {
-  for (const auto &Entry : DeferredEmptyCoverageMappingDecls) {
+  // We call takeVector() here to avoid use-after-free.
+  // FIXME: DeferredEmptyCoverageMappingDecls is getting mutated because
+  // we deserialize function bodies to emit coverage info for them, and that
+  // deserializes more declarations. How should we handle that case?
+  for (const auto &Entry : DeferredEmptyCoverageMappingDecls.takeVector()) {
     if (!Entry.second)
       continue;
     const Decl *D = Entry.first;