Trying to add text to a vertical/horizontal frame after double click causes crash
Reported version
3.4
Priority
P1 - High
Type
Functional
Frequency
Few
Severity
S2 - Critical
Reproducibility
Always
Status
closed
Regression
Yes
Workaround
Yes
Project
Double-click a vertical frame (insert or append one first if needed)
Ricght-click into it to try adding any text
-> crash
Workaround is of course not to double-click that frame...
Fix version
3.5.0
Comments
Stack trace:
1 Ms::TextBase::endEdit textedit.cpp 75 0x98f0ba
2 Ms::ScoreView::endEdit editelement.cpp 162 0x51beb8
3 Ms::ScoreView::changeState events.cpp 1127 0x6512d7
4 Ms::ScoreView::mousePressEvent events.cpp 556 0x64f345
5 ZN7QWidget5eventEP6QEvent 0x27e3717f
6 ?? 0x364ed320
7 ?? 0x89000000
8 ?? 0xb0458dc3
9 ?? 0xcca1c189
10 ?? 0xff0215d5
11 ?? 0xebd889d0
12 ?? 0x24048900
Doesn't happen in 3.2.3, I guess this is a regression in 3.4, due to those single click enhancements?
When running with undefined behavior sanitizer, I see the following error (just before the crash):
/media/antonio/Mint0/MuseScore_addresssanitizer/libmscore/textedit.cpp:75:39: runtime error: member access within null pointer of type 'struct TextEditData'I don't know if the problem is maybe related to the cause of #300635: Crash when using palette item upon a staff-text , since that bug involves also TextEditData
I too had the suspicion those might be related.
Tying now whether that PR fixes this issue too...
Edit: not, it does not
Here I guess (December, 24): this commit/nightly crashes: 86347d5
Not this one - three commits between them: bc3e62b
Well, yes, the single click improvement is indeed very likely the cause, but thanks for the checking and confirmation
I'll try to take a look at this.
Text frame is not affected, just vertical frame and horizontal frame
https://github.com/musescore/MuseScore/pull/5690
Fixed in branch master, commit 9c017b7c0c
_fix #300855: Trying to add text to a vertical/horizontal frame after double click causes crash
The crash is caused by ed.getData(t) failing and returning nullptr, where t is the newly added text element and ed is the score edit data. The interesting thing is that this didn't return nullptr when not in edit mode already before adding the text - it was only a problem when adding text when already in edit mode. The line of relevance that is the root of this whole problem is, in ScoreView::changeState:
if (s == state)
return;
where s is the new state and state is the current one. This is right at the start, so if we're already in edit mode, then the crucial startEdit() call further down the function won't happen. Of course, startEdit is the bit that's responsible for clearing the edit data and adding the new edit data for the new text element. So, when it doesn't run, there's no edit data for the new text. And when there's no edit data, getData fails. And when getData fails, text->cursor(ed) crashes on a Q_ASSERT._
Fixed in branch master, commit dcb744ca20
_Merge pull request #5690 from jthistle/300855-crash-text-frame-edit-mode
fix #300855: Trying to add text to a vertical/horizontal frame after double click causes crash_
Automatically closed -- issue fixed for 2 weeks with no activity.