Musescore 3 crash when importing Music XML file made in Sibelius

• May 9, 2020 - 23:59
Reported version
3.4
Type
Functional
Frequency
Once
Severity
S2 - Critical
Reproducibility
Always
Status
closed
Regression
Yes
Workaround
No
Project

Open the attached XML file with Musescore 3 (latest version)

Attachment Size
Test Yozora's Battle Theme.xml 2.53 MB

Comments

Crash confirmed. The call to addRest() in this line is returning nullptr with the following warning:

cannot add rest at tick 181547 track 24: element already present

But the pointer is not being checked by the caller before being dereferenced immediately afterwards.

I'm not sure what the expected behavior should be in this case, so I'll leave it to someone more familiar with this part of the codebase to fix.

After adding the nullptr check, clicking in the offending measure leads to:

/Users/lvidev/dev/MuseScore/libmscore/sig.cpp:Ms::ticks_beat: Mscore: ticks_beat(): bad divisor 9216
Abort trap: 6

Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY

Application Specific Information:
abort() called

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libsystem_kernel.dylib 0x00007fff607222c2 __pthread_kill + 10
1 libsystem_pthread.dylib 0x00007fff607ddbf1 pthread_kill + 284
2 libsystem_c.dylib 0x00007fff6068c6a6 abort + 127
3 org.qt-project.QtCore 0x00000001138c2749 qt_message_fatal(QtMsgType, QMessageLogContext const&, QString const&) + 9
4 org.qt-project.QtCore 0x00000001138c40c0 QMessageLogger::fatal(char const*, ...) const + 224
5 org.musescore.MuseScore 0x0000000108746c29 Ms::ticks_beat(int) + 121 (sig.cpp:28)
6 org.musescore.MuseScore 0x0000000108747da1 Ms::TimeSigMap::tickValues(int, int*, int*, int) const + 369 (sig.cpp:309)
7 org.musescore.MuseScore 0x0000000107a4e8c5 Ms::ScoreAccessibility::barbeat(Ms::Element
) + 453 (scoreaccessibility.cpp:406)
8 org.musescore.MuseScore 0x0000000107a4de0c Ms::ScoreAccessibility::currentInfoChanged() + 7100 (scoreaccessibility.cpp:318)
9 org.musescore.MuseScore 0x0000000107a4f140 Ms::ScoreAccessibility::updateAccessibilityInfo() + 64 (scoreaccessibility.cpp:353)
10 org.musescore.MuseScore 0x000000010781cce0 Ms::MuseScore::endCmd(bool) + 1888 (musescore.cpp:6038)
11 org.musescore.MuseScore 0x000000010732b1b7 Ms::MuseScore::endCmd() + 23 (musescore.h:706)
12 org.musescore.MuseScore 0x0000000107563155 Ms::ScoreView::mousePressEventNormal(QMouseEvent*) + 1845 (events.cpp:448)

This requires further investigation, I do not expect to be able to fix this on short notice. Note that I do not consider this a showstopper for 3.5, as it is caused by an invalid MusicXML file (which I do not expect to happen frequently, at least not with this specific issue).

The minimal file that reproduces the error is attached.

In reply to by Leon Vinken

Further analysis shows:

The root cause is an (IMHO) incorrect MusicXML file, containing a tuplet where one of the notes is missing and has been replaced by a forward.

The current crash is caused by a missing nullptr check (my mistake) in the second pass of the MusicXML importer, but the real issue is that fillGapsInFirstVoices() and resetTuplets() must be done in the reverse order in MusicXMLParserPass2::measure().

Furthermore, the measure timing calculation in the first and second pass must be made consistent. After swapping fillGapsInFirstVoices() and resetTuplets(), the second pass correctly calculates a measure duration of 1/1, but the first pass calculates 9217/9216 (which is both incorrect and not supported by MuseScore).

Fixing this is certainly possible, but non-trivial. I cannot commit to a delivery date.

As I expect this issue will occur only with Sibelius files containing tuplets of small notes with gaps, I still do not consider it a showstopper.

Fix version
3.6.0