Crash on slur drag-and-drop from panel
Steps to reproduce:
1. Create a new score.
2. Add one or two notes to it (see the attached screenshot).
3. Drag a slur from the left panel and drop it to the first note.
4. MuseScore crashes. If it doesn't (it happens to be lucky sometimes) try again, it will probably crash.
Backtrace is attached to this bug report. In general, the crash occurs because editData.element from editData field in ScoreView has invalid value that is still being used. Approximate events sequence leading to this crash:
1. After slur is dropped to the score Note::drop is called and receives a copy of editData from ScoreView.
2. As we have dropped slur, editData.element gets deleted.
3. ScoreView::cmdAddSlur is called, then stack trace eventually comes to ScoreView::inputMethodQuery.
4. ScoreView::InputMethodQuery tries to access editData.element but it contains non-null but invalid pointer to a deleted Slur. Calling isTextBase() for it leads to a crash — probably not always though.
Tested in MuseScore revision d95727bfcffd48d2f0b579d2773bc2ab2d4b6d13
| Attachment | Size |
|---|---|
| Screenshot_20180709_194131.png | 203.9 KB |
| backtrace.txt | 10.62 KB |
Comments
See https://github.com/musescore/MuseScore/pull/4030
Fixed in branch master, commit e634e72467
fix #274121: Crash on slur drag-and-drop from panel
Fixed in branch master, commit 37b84c05a2
Merge pull request #4030 from dmitrio95/274121-fix-slur-drag-drop-crash
fix #274121: Crash on slur drag-and-drop from panel
Automatically closed -- issue fixed for 2 weeks with no activity.