I've been experiencing some segfaults when using Surface.fill(), and I think I've tracked it down to occur when you use blend modes (so one of the surface_fill_blend_*-functions in surface_fill.c is probably to blame?) and you fill an area of a surface that's out of bounds on the surface. (E.g. fill a 50x50 area of a 10x10 surface)

Example code to reproduce is attached. I'm using pygame from the Ubuntu python-pygame package in intrepid (version: 1.8.1release-0ubuntu1).

Let me know if something is unclear, or this isn't reproducible on your system. :)

Kindest regards, Jørgen P. Tjernø

# Code that reproduces problems with Surface.fill() & blend-modes, when
# fill-rect is out-of-bounds for the destination surface.
# (c) Jørgen P. Tjernø, 2008. ([EMAIL PROTECTED])
# Start it with python reproduce.py, first scene should be "ok" (show a faded
# red square in the upper left), press space to go to next scene, this is broken.
# Application might crash, or it'll crash when you press space (and pygame.quit
# is called).

import pygame

screen = pygame.display.set_mode((100, 100), pygame.DOUBLEBUF | pygame.HWSURFACE)

surf = pygame.surface.Surface((50, 50)).convert_alpha()

c = (255, 80, 80, 64)
bg = pygame.Color('black')

def nextScene():
    for event in pygame.event.get():
        if hasattr(event, 'key') and event.type == pygame.KEYDOWN:
            if event.key == pygame.K_SPACE:
                return True
    return False

clock = pygame.time.Clock()

while not nextScene():

    # Invalid fill; rect > surf.
    # Works fine, clamps to the surf size.
    surf.fill(c, (0, 0, 100, 100))
    screen.blit(surf, (0, 0))


while not nextScene():

    # Invalid fill; rect > surf.
    # Totally borks. In my app - segfaults at fill,
    # in this test, when you press space and quit I get a double free error.
    # Something funky is going on with memory, an overflow?
    surf.fill(c, (0, 0, 100, 100), pygame.BLEND_RGBA_ADD)
    screen.blit(surf, (0, 0))



Reply via email to