Fix ASAN violation when a heap outlives the ResidencyManager

It's possible for a heap in the residency LRU to outlive the
ResidencyManager. When this happens, some heap in the LRU will be
referencing the LRU head node. On destruction, the outstanding heap
will attempt to access the LRU head node after the memory has been
freed. This commit removes the LinkedList head node from the list
within the LinkedList destructor to fix the bug.

Bug: dawn:387
Change-Id: I13617d1b4e464e1541f989f31caecd4305037019
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/19581
Reviewed-by: Rafael Cintron <rafael.cintron@microsoft.com>
Reviewed-by: Austin Eng <enga@chromium.org>
Commit-Queue: Brandon Jones <brandon1.jones@intel.com>
This commit is contained in:
Brandon Jones 2020-04-16 23:59:03 +00:00 committed by Commit Bot service account
parent 82ae680ccc
commit 53f694b34a

View File

@ -166,6 +166,13 @@ class LinkedList {
LinkedList() : root_(&root_, &root_) {
}
~LinkedList() {
// If any LinkNodes still exist in the LinkedList, there will be outstanding references to
// root_ even after it has been freed. We should remove root_ from the list to prevent any
// future access.
root_.RemoveFromList();
}
// Appends |e| to the end of the linked list.
void Append(LinkNode<T>* e) {
e->InsertBefore(&root_);