Possible access violation in mstyle.cpp

• Apr 19, 2013 - 10:29
Type
Functional
Severity
S4 - Minor
Status
closed
Project
MuseScore

When trying to debug #20475 with Application Verifier + GDB to pin down memory error, I ran into an error at line 1777 of mstyle/mstyle.cpp:
switch ( tabBar->shape() ) {
The output of Application Verifier is "Access violation exception".
Indeed, when running with GDB, it seems that the value given by tabBar->shape() is not an actual QTabBar::Shape, so the switch every time goes to lines 1798-1799:
default:
break;
(Sometimes it gives 0 and thus it goes to the QTabBar::RoundedNorth case of the switch).

This situation does not lead to crash or other errors (thus not marked as critical).

Windows XP Professional SP3.
Personal build of 3dfba0a (Qt 4.8.4; MinGW gcc 4.8.0-dwarf-rev1, both 32bit and from MinGW-builds).

Comments

Apr 19, 2013 - 10:56

Could be a problem on windows XP only (which will not be supported anymore by Microsoft in one year).
In Windows 8, running GDB, I never pass inthe default case.

Could it be that widget->parent() is not a QTabBar at all?

Reply

Apr 20, 2013 - 10:14

> Could it be that widget->parent() is not a QTabBar at all?
Indeed, the issue arises only for the PaletteBoxButton of the Palette, which are treated like widgets children of QTabBars due to lines 1767-1768 of mstyle/mstyle.cpp:
if (qobject_cast(widget))
isInTabBar = true;
Before this instruction, isInTabBar, defined in line 1765 as:
bool isInTabBar(widget && qobject_cast( widget->parent()));
was false (because parent is not a QTabBar)

However, the rest of the code inside the if statement at line 1770 [ if ( isInTabBar ) ] is necessary for the correct appearance of the palette (otherwise the buttons are vertically spaced apart).

I tried with a pull request a quick fix, but this proposed fix is not actually really elegant:
https://github.com/musescore/MuseScore/pull/303

Reply