[1.0] Crash when saving score with displaced parethesized accidentals

• Jan 16, 2011 - 16:40
Type
Functional
Severity
S2 - Critical
Status
closed
Project

Setup: branch rev. 3898, Qt Creator 1.3.1 (Qt Lib 4.6.2) under Windows XP SP3

Steps:
1) Load the attached test score
2) Double click the parenthesized sharp in measure 2 to enter edit mode
3) With the arrows keys, move it around (in principle in the same relative position of the first sharp)
4) Click an empty spot to exit edit mode
5) Save or save as

Result:
The program works a while then crashes.

Note: a (new) file is created, but it stops at the <Accidental> tag for the second, parenthesized, accidental.

M.


Comments

I tried again with latest rev. (3908) and a full re-build: it still crashes.

In step 5) above, it generates a SIGSEGV in a Qt library function (QString); the last call from MuseScore code is in function const QString Accidental::subtypeName() const (file accidental.cpp, line 86).

As with that accidental, Element::_subtype == 32769, it is surprising that that statement (return accList[subtype()].tag;) had ever worked, not that it crashes sometime...

For diagnostic purposes, I am attaching the screen shot of the call stack (for some reason, Qt Creator refuses to copy it to the clipboard).

M.

Status (old) needs info fixed

1.: 1.0 Prerelease 1 is OK.

2.: A mingw-make TYPE=release build (rev. 3908) is OK. So, I marked the issue as fixed.

3.: A mingw-make TYPE=debug build or a Qt Creator debug build (rev. 3908, actually from the same source code as 2.) crash both when run 'standalone' and when run from inside Qt Creator.

It sounds like a problem with the (debug version of?) Qt libraries. Shall we alert Nokia?

Thanks,

M.

An alert to Nokia would be good if you can give a very simple program to reproduce the crash and with more recent version of Qt I guess.

Status (old) fixed active

There is a bug in the representation of accidentals with parentheses. The parenteheses are coded as bit 0x8000 in subtype and subtype is used as index in table accList which should crash or produce garbage names on save.

On the spot, I would say it is enough to change lines 86 and 95 of file accidental.cpp from

return accList[subtype()].tag;

to

return accList[subtype() & 0x7fff].tag;

as in line 138.

M.