Bug 101652

Summary: segfault in i965 brw_upload_cache when calling glLinkProgram
Product: Mesa Reporter: Erika <rrika9>
Component: Drivers/DRI/i965Assignee: Intel 3D Bugs Mailing List <intel-3d-bugs>
Status: RESOLVED NOTOURBUG QA Contact: Intel 3D Bugs Mailing List <intel-3d-bugs>
Severity: normal    
Priority: medium    
Version: 17.1   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments: Code to reproduce the crash

Description Erika 2017-06-29 21:51:11 UTC 
Created attachment 132362 [details]
Code to reproduce the crash

I get a segfault when calling glLinkProgram because of a memcpy with dst=0 at

brw_program_cache.c:370: memcpy((char *)cache->bo->virtual + item->offset, data, data_size);

I attached a sample to trigger this which needs -lgbm -lGL -lEGL.

(My CPU is a Intel i5-3320M, which comes with HD Graphics 4000 according to wikipedia)
Comment 1 Kenneth Graunke 2017-09-01 18:09:09 UTC 
We talked about this on IRC today, and vsyrjala noticed that the example program fopens the rendernode with "w" mode - for writing, but not reading.  The fix is to use "r+" (reading and writing).

Apparently if you can't read from the rendernode device, then GTT mappings fail, which gives us a NULL pointer for the program cache map.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.