| Summary: | SDL_SetVideoMode crashes with large height/width | ||
|---|---|---|---|
| Product: | SDL | Reporter: | Remko Bijker <rubidium> |
| Component: | video | Assignee: | Sam Lantinga <slouken> |
| Status: | RESOLVED FIXED | QA Contact: | Sam Lantinga <slouken> |
| Severity: | normal | ||
| Priority: | P2 | Keywords: | target-1.2.14 |
| Version: | 1.2.13 | ||
| Hardware: | x86 | ||
| OS: | Linux | ||
| Attachments: | simple test case for the crashes | ||
Tagging this bug with "target-1.2.14" so we can try to resolve it for SDL 1.2.14. Please note that we may choose to resolve it as WONTFIX. This tag is largely so we have a comprehensive wishlist of bugs to examine for 1.2.14 (and so we can close bugs that we'll never fix, rather than have them live forever in Bugzilla). --ryan. I fixed the crash in SDL 1.2 with the width and height of 1000000 This is a really good torture test, thanks! |
Created attachment 335 [details] simple test case for the crashes SDL_SetVideoMode with large height/width causes different kinds of crashes on different versions of SDL. I know that these numbers might very well vary on your system due to different amount of memory etc. I'm using an Core 2 Duo computer (64 bits) with Debian SID. I've got 4 GB of memory and 2 GB of swap, of which about 5 GB is free. I've got an ATI Mobility Radeon HD 3400 with ATI's drivers (9.5) and 256 MB of memory. This 'powers' a 1920x1200 LCD display. I've attached a simple test case which makes all cases easily reproducable for me. If width and height are 1.000.000: * SDL 1.2.13 segfaults in SDL_FillRect: #0 0x00007ff6bb2a1dfb in SDL_FillRect () from /usr/lib/libSDL-1.2.so.0 #1 0x00007ff6bb2a4cdd in SDL_SetVideoMode () from /usr/lib/libSDL-1.2.so.0 #2 0x00000000004007b0 in main () * SDL 1.3 r4584 behaves correctly by returning an 'Out of memory' error. (nil) [Out of memory] If width and height are 100.000: * SDL 1.2.13 seemingly hangs (without using any CPU); after a few minutes I killed it. * SDL 1.2.13 running in GDB segfaults somewhere in X or SDL_UpdateRect is passing wrong information #0 0x00007fcf79efd123 in memcpy () from /lib/libc.so.6 #1 0x00007fcf770e23bd in ?? () from /usr/lib/libX11.so.6 #2 0x00007fcf770e31a2 in ?? () from /usr/lib/libX11.so.6 #3 0x00007fcf770e25bd in ?? () from /usr/lib/libX11.so.6 #4 0x00007fcf770e35d0 in XPutImage () from /usr/lib/libX11.so.6 #5 0x00007fcf7a212d0c in ?? () from /usr/lib/libSDL-1.2.so.0 #6 0x00007fcf7a2052f1 in SDL_UpdateRect () from /usr/lib/libSDL-1.2.so.0 #7 0x00007fcf7a20574c in SDL_Flip () from /usr/lib/libSDL-1.2.so.0 #8 0x00007fcf7a205cf8 in SDL_SetVideoMode () from /usr/lib/libSDL-1.2.so.0 #9 0x00000000004007b0 in main () * SDL 1.3 r4584 frees an invalid pointer *** glibc detected *** ./a.out: free(): invalid pointer: 0x00007fbc9a34f010 *** ======= Backtrace: ========= /lib/libc.so.6[0x7fbcebcec118] /lib/libc.so.6(cfree+0x76)[0x7fbcebcedc56] /usr/local/lib/libSDL-1.3.so.0[0x7fbcec27206d] /usr/local/lib/libSDL-1.3.so.0(SDL_DestroyRenderer+0xa0)[0x7fbcec262400] /usr/local/lib/libSDL-1.3.so.0(SDL_DestroyWindow+0xd5)[0x7fbcec263e45] /usr/local/lib/libSDL-1.3.so.0(SDL_VideoQuit+0x90)[0x7fbcec263f70] /usr/local/lib/libSDL-1.3.so.0(SDL_QuitSubSystem+0x5d)[0x7fbcec1f858d] /usr/local/lib/libSDL-1.3.so.0(SDL_Quit+0xe)[0x7fbcec1f863e] /usr/local/lib/libSDL-1.3.so.0[0x7fbcec1fab51] /lib/libpthread.so.0[0x7fbcebfdb7b0] /usr/local/lib/libSDL-1.3.so.0(SDL_FillRect+0x3c0)[0x7fbcec259240] /usr/local/lib/libSDL-1.3.so.0[0x7fbcec1f948a] /usr/local/lib/libSDL-1.3.so.0(SDL_SetVideoMode+0x6e9)[0x7fbcec1fa0b9] ./a.out[0x4007d0] /lib/libc.so.6(__libc_start_main+0xe6)[0x7fbcebc985a6] ./a.out[0x4006d9] I would like that all cases where a too large surface is requested are handled gracefully, i.e. return NULL and set e.g. 'Out of memory' as error message. Alternatively a method for checking whether a given surface would be possible to make, especially when SDL_ListModes returns "all modes are good"!