Crash when clearing a TimeSig in the Master Palette, and all other elements in the palettes

• Oct 5, 2014 - 07:18
S2 - Critical

Nightly, October 4 (a614472) / Windows7

1) View -> Master Palette -> Time Signatures
2) Right-click on any TimeSig
3) "Clear"

Result: crash


Maybe related to this thread:

EDIT: It seems there are two different aspects: the ability to drag and drop in the palette (dating for a few weeks apparently), and the crash when deleting a TimeSig in the Master Palette, closer in time. Investigation.

1) Regarding the inability to drag and drop a TimeSig from the Master Palette to the TimeSig Palette , it dates back to August 29.
Between the commit, correct:…

and the commit, incorrect:…

They are very close in time (11.26 a.m. for the first, and 2:06 p.m. for the second). Looking at them, I do not understand where this bug could have intervened. There were other commits that day, a dozen. This is beyond my skill to understand what happened that day (:

2) I continue my investigation regarding the crash.

Ok, I think I understood for drag and drop. It has to do with the workspace.

When I was doing my tests, I opened Nigthlies with the "special" file (revertToFactorySettings), and I forgot - it would have been really long ...- creating a new workspace at each time!

So this question (in comment # 2) is solved.

However, the crash is really present since yesterday, as mentionned in comment #3

Yes, the default workspace had been taken away and the other 2 are read only, so you need to create a customer palette first.
The crash might be caused by 'fixing' a false positive from Valgrind, at least that is what the PR you mentioned is about. And in there it is probably b339e305

Title Crash when clearing a TimeSig in the Master Palette Crash when clearing a TimeSig in the Master Palette, and all other elements in the palettes

I did not think so right! :(

The original bug report was the tip of the iceberg!

In fact, now, delete all items from any palettes (no sure there is any exception?) causes a crash. For example:

1) Open Dynamics Palette
2) Right-click on "ff"
3) Clear

Result: crash

The same commit is involved:

Attached the log from address sanitizer.
The crash happens for a heap-use-after-free when deleting the PaletteCell, function PaletteCell::~PaletteCell() at mscore/palette.cpp:46.
The element had already been deleted in function Palette::contextMenuEvent(QContextMenuEvent*) at mscore/palette.cpp:184.

Probably Valgrind was signaling a memory leak because for some cell the content element was not deleted before deleting the cell, but in some cases as the one in this report it is already taken care of. A solution could be a check whether element exists before trying to delete it.

Attachment Size
masterpaletteClear.txt 5.64 KB