Crash when entering music on top of an unterminated slur by MIDI

• Jul 9, 2018 - 20:12
Priority
P1 - High
Type
Functional
Frequency
Few
Severity
S2 - Critical
Reproducibility
Always
Status
PR created
Regression
No
Workaround
No
Project

This occurs when entering notes with a MIDI keyboard.

Reproduction:
* Create a new score with a grand staff
* Select a bar
* Start entering notes by pressing 'N'
* Enter a note, e.g. press an e on the MIDI keyboard
* Attach a slur by pressing 'S'
* Move back by pressing left arrow
* Select 16th notes by pressing '3'
* Enter the same note on the MIDI keyboard again

Result: Crash

Reproduced with versions 2.2, 2.3.1 and master (nightly build 2018-07-07-0955) on Mac OS X.

Note this only occurs with MIDI note entry. Note entry by computer keyboard is not affected.


Comments

Strange … I've just reported this after I was able to reproduce the crash several times in a row. Now I'm trying it again and it no longer crashes.

Anybody else observed this issue?

Reported version 2.3  
Workaround Yes No

I came here to say that I'm still experiencing this issue and can reliably reproduce it on version 3.6.2 as well as on the latest 3.x development build (commit 415b1927), both on Linux using Jack MIDI. The behavior is very similar to the crash report posted here previously. I dug around a bit inside of the debug build with gdb and it seems the trigger for the error is that in line 258 of noteentry.cpp ("Element* ee = is.slur()->startElement();") ee is assigned a nullpointer, causing a segfault in the following type checks. I also found when startElement is set to 0 and added the backtrace at that particular point (for context: 0x55555d46c770 is the slur object in question). The segfault then occurs in the same function call of addPitch, just a few lines down.

Not knowing the code base I can't really tell what part of that backtrace is not as it should be, but I hope this already helps a bit.

Attachment Size
backtrace.txt 4.86 KB