From c8ea72093b1fa723dcbb8463688d7a286570470b Mon Sep 17 00:00:00 2001 From: Juston Li Date: Wed, 30 Jul 2025 16:51:13 -0700 Subject: [PATCH] anv: fix uninitialized mutex lock in anv_slab_bo_deinit() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit anv_slab_bo_deinit() eventually calls down to anv_device_release_bo() which locks a yet to be initilized device->bo_cache->mutex leading to: signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr -------- Abort message: 'FORTIFY: pthread_mutex_lock called on a destroyed mutex (0x79c25ee54bd8)' Reorder anv_slab_bo_init() to occur after anv_bo_cache_init() and anv_slab_bo_deinit() before anv_bo_cache_finish() Fixes: 3bf6d42fda0 ("anv: Add the base infrastructure to support memory pool") Signed-off-by: Juston Li Reviewed-by: Lionel Landwerlin Reviewed-by: José Roberto de Souza Part-of: --- src/intel/vulkan/anv_device.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/intel/vulkan/anv_device.c b/src/intel/vulkan/anv_device.c index 7f97af8bd49..e2246e71a16 100644 --- a/src/intel/vulkan/anv_device.c +++ b/src/intel/vulkan/anv_device.c @@ -481,12 +481,9 @@ VkResult anv_CreateDevice( list_inithead(&device->image_private_objects); list_inithead(&device->bvh_dumps); - if (!anv_slab_bo_init(device)) - goto fail_vmas; - if (pthread_mutex_init(&device->mutex, NULL) != 0) { result = vk_error(device, VK_ERROR_INITIALIZATION_FAILED); - goto fail_slab; + goto fail_vmas; } pthread_condattr_t condattr; @@ -513,6 +510,9 @@ VkResult anv_CreateDevice( if (result != VK_SUCCESS) goto fail_queue_cond; + if (!anv_slab_bo_init(device)) + goto fail_cache; + anv_bo_pool_init(&device->batch_bo_pool, device, "batch", ANV_BO_ALLOC_BATCH_BUFFER_FLAGS); if (device->vk.enabled_extensions.KHR_acceleration_structure) { @@ -1115,13 +1115,13 @@ VkResult anv_CreateDevice( if (device->vk.enabled_extensions.KHR_acceleration_structure) anv_bo_pool_finish(&device->bvh_bo_pool); anv_bo_pool_finish(&device->batch_bo_pool); + anv_slab_bo_deinit(device); + fail_cache: anv_bo_cache_finish(&device->bo_cache); fail_queue_cond: pthread_cond_destroy(&device->queue_submit); fail_mutex: pthread_mutex_destroy(&device->mutex); -fail_slab: - anv_slab_bo_deinit(device); fail_vmas: util_vma_heap_finish(&device->vma_trtt); util_vma_heap_finish(&device->vma_dynamic_visible);