https://bugs.kde.org/show_bug.cgi?id=400660
Bug ID: 400660
Summary: Timeline::getTracksInfo() tries to dereference null
pointer
Product: kdenlive
Version: 18.04.3
Platform: Other
OS: Linux
Status: REPORTED
Severity: crash
Priority: NOR
Component: User Interface
Assignee: j...@kdenlive.org
Reporter: kde-b...@adamspiers.org
Target Milestone: ---
In timeline.cpp, Timeline::getTracksInfo() calls Timeline::track() and then
calls Timeline::info() on the result:
QList<TrackInfo> Timeline::getTracksInfo()
{
QList<TrackInfo> tracks;
for (int i = 0; i < tracksCount(); i++) {
tracks << track(i)->info();
}
return tracks;
}
However Timeline::track() can return nullptr:
Track *Timeline::track(int i)
{
if (i < 0 || i >= m_tracks.count()) {
return nullptr;
}
return m_tracks.at(i);
}
Of course one would hope that this never happens, but Murphy's Law dictated
that it happened to me:
Thread 1 "kdenlive" received signal SIGSEGV, Segmentation fault.
Mlt::Properties::get (this=this@entry=0x40, name=name@entry=0x555555a606e5
"kdenlive:track_name") at MltProperties.cpp:122
122 return mlt_properties_get( get_properties( ), name );
(gdb) bt
#0 0x00007ffff6fcc800 in Mlt::Properties::get(char const*)
(this=this@entry=0x40, name=name@entry=0x555555a606e5 "kdenlive:track_name")
at MltProperties.cpp:122
#1 0x0000555555749f7a in Track::info() (this=0x0) at
/usr/src/debug/kdenlive-18.04.3-lp150.2.1.x86_64/src/timeline/track.cpp:604
#2 0x000055555573a900 in Timeline::getTracksInfo() (this=0x55555c427960)
at
/usr/src/debug/kdenlive-18.04.3-lp150.2.1.x86_64/src/timeline/timeline.cpp:710
#3 0x00005555556afcfe in TransitionSettings::updateProjectFormat()
(this=0x5555573c7210)
at
/usr/src/debug/kdenlive-18.04.3-lp150.2.1.x86_64/src/project/transitionsettings.cpp:131
#4 0x00005555559c2282 in MainWindow::connectDocument() (this=0x55555654ce20)
at /usr/src/debug/kdenlive-18.04.3-lp150.2.1.x86_64/src/mainwindow.cpp:1953
#5 0x00005555556a7b57 in ProjectManager::doOpenFile(QUrl const&,
KAutoSaveFile*) (this=this@entry=0x5555568f5a80, url=
"/home/adam/music/harmony2/negative-sc/video/intro/intro.kdenlive",
stale=<optimized out>, stale@entry=0x0)
at
/usr/src/debug/kdenlive-18.04.3-lp150.2.1.x86_64/src/project/projectmanager.cpp:573
#6 0x00005555556ac0d6 in ProjectManager::openFile(QUrl const&)
(this=0x5555568f5a80,
url="/home/adam/music/harmony2/negative-sc/video/intro/intro.kdenlive") at
/usr/src/debug/kdenlive-18.04.3-lp150.2.1.x86_64/src/project/projectmanager.cpp:509
#7 0x0000555555a0ed89 in ProjectManager::qt_static_metacall(QObject*,
QMetaObject::Call, int, void**) (_o=0x5555568f5a80, _id=<optimized out>,
_a=0x7fffffffaa70, _c=<optimized out>)
Notice the (this=0x0) in stack frame #1 which shows that Timeline::track(0)
returned nullptr.
This is almost certainly due to a .kdenlive project file which got corrupted
(I'm seeing warnings from
https://thediveo.github.io/kdenlive-project-analyzer/kdenlive-project-analyzer.html),
but right now it means that that entire project (which I have spent months
working on) is completely unusable because it immediately crashes kdenlive on
load. I don't want to move to 18.08.x yet because IIRC it's still in beta and
I need something relatively stable.
The naive fix would be to make Timeline::getTracksInfo() check for this
situation and handle it gracefully, e.g. simply by skipping any value of i for
which Timeline::track(i) returns nullptr. However grepping for "track(i)->" in
timeline.cpp shows very many other code paths susceptible to this same bug. So
rather than having to fix every single one of these, perhaps it would be safer
to change Timeline::track() so that rather than returning nullptr, it emits a
warning explaining which track index number was missing, and also what
m_tracks.count() and tracksCount() evaluate to, to make it easier to spot
discrepancies between the two.
And that gives rise to the question: why are two different values being used
for iterating this list of tracks? That seems to be the root of this problem.
SOFTWARE VERSIONS
kdenlive version: 18.04.3
KDE Plasma version: 5.12.5
Qt version: 5.9.4
--
You are receiving this mail because:
You are watching all bug changes.
