Re: shotcut core

2020-05-25 Thread Marc Espie 
On Mon, May 25, 2020 at 04:10:49PM +0200, Marc Espie wrote:
> Here's another one...
> I went back to 19.12.31
> 
> and installed the debug-qt* packages (somehow they weren't around last
> time).
> 
> 
> It's still the exact same bug.
> 
> 
> By adding printing, that "name" parameter is complete garbage each and
> every time. Sometime, we get "lucky" and it doesn't segfault.
> 
> It always comes from within qml (qtquick?) internals, which makes me
> belive something is wrong in there.
> 
> I fail to see how it would work on other OSes otherwise.
> 

A bit of help from friends (tb/sthen) shows it is definitely a use-after-free.
Indeed, using MALLOC_OPTIONS=j   lets shotcut run.  Everything appears to be
more or less functional, including position filters, video fade-in/out.

So... no idea where the use-after-free is, but at least I got it running
(more or less...)

Re: shotcut core

2020-05-25 Thread Marc Espie 
Here's another one...
I went back to 19.12.31

and installed the debug-qt* packages (somehow they weren't around last
time).


It's still the exact same bug.


By adding printing, that "name" parameter is complete garbage each and
every time. Sometime, we get "lucky" and it doesn't segfault.

It always comes from within qml (qtquick?) internals, which makes me
belive something is wrong in there.

I fail to see how it would work on other OSes otherwise.


#0  generate_hash (name=) at mlt_properties.c:336
336 mlt_properties.c: No such file or directory.
[Current thread is 1 (process 314191)]
(gdb) where
#0  generate_hash (name=) at mlt_properties.c:336
#1  mlt_properties_find (self=0x89bce430800, 
name=0x89c3b3bdfd8 '\337' , ) at 
mlt_properties.c:517
#2  0x089cabf86a1c in mlt_properties_anim_get_rect (self=0x89bce430800, 
name=0x89c3b3bdfd8 '\337' , , position=263, 
length=50936)
at mlt_properties.c:2685
#3  0x089c8fa67d69 in Mlt::Properties::anim_get_rect (
this=, 
name=0x38a0277e , 
position=993779712, length=1487646720) at MltProperties.cpp:429
#4  0x0899cc58e1d3 in QmlFilter::getRect (this=0x89c35e94b80, name=..., 
position=263)
at 
/build/pobj/shotcut-19.12.31/shotcut-19.12.31/src/qmltypes/qmlfilter.cpp:100
#5  0x0899cc6a88d2 in QmlFilter::qt_static_metacall (_o=0x89c35e94b80, 
_c=QMetaObject::InvokeMetaMethod, _id=14, _a=0x7f7ca138)
at moc_qmlfilter.cpp:305
#6  0x0899cc6aa5d2 in QmlFilter::qt_metacall (this=0x89c35e94b80, 
_c=QMetaObject::InvokeMetaMethod, _id=14, _a=0x7f7ca138)
at moc_qmlfilter.cpp:484
#7  0x089c949bbfd4 in QMetaObject::metacall(QObject*, QMetaObject::Call, 
int, void**) () from /usr/local/lib/qt5/libQt5Core.so.3.0
#8  0x089c7ec5d87f in CallMethod (object=..., index=19, 
returnType=, argCount=, 
argTypes=0x89c31ff6b24, engine=0x89c219fa000, callArgs=0x89c6de8f638, 
callType=QMetaObject::InvokeMetaMethod)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4qobjectwrapper.cpp:1295
#9  0x089c7ec5a9c9 in CallPrecise (object=..., data=..., 
engine=0x89c219fa000, callArgs=0x89c6de8f638, 
callType=QMetaObject::InvokeMetaMethod)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4qobjectwrapper.cpp:1557
#10 0x089c7ec5a4a4 in CallOverloaded (object=..., data=..., 
engine=, callArgs=0x89c6de8f638, propertyCache=
0x89c48fd0700, callType=QMetaObject::InvokeMetaMethod)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4qobjectwrapper.cpp:1631
#11 QV4::QObjectMethod::callInternal (this=, 
thisObject=, argv=, argc=)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4qobjectwrapper.cpp:2120
#12 0x089c7ec77ee6 in QV4::FunctionObject::call (this=0x89cceae89a0, 
thisObject=, argv=0x38a0277e, argc=)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4functionobject_p.h:202
#13 QV4::Moth::VME::interpret (frame=0x7f7ca5f8, engine=0x89c219fa000, 
code=0x89c6c9ba76a )
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4vme_moth.cpp:827
#14 0x089c7ec75d1b in QV4::Moth::VME::exec (frame=0x7f7ca5f8, 
engine=0x89c219fa000)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4vme_moth.cpp:511
#15 0x089c7ec13bcf in QV4::ArrowFunction::virtualCall (fo=, 
thisObject=, argv=, argc=)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4functionobject.cpp:520
#16 0x089c7ed036f8 in QV4::FunctionObject::call (this=0x89cceacf7e0, 
thisObject=, argv=, argc=0)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/include/QtQml/5.13.2/QtQml/private/../../../../../src/qml/jsruntime/qv4functionobject_p.h:202
#17 QV4::Runtime::method_callQmlContextPropertyLookup (engine=0x89c219fa000, 
index=, argv=0x89c6de8f510, argc=0)
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4runtime.cpp:1385
#18 0x089c7ec77980 in QV4::Moth::VME::interpret (frame=0x7f7ca8a8, 
engine=0x89c219fa000, 
code=0x89c6c9bb64a )
at 
/usr/obj/ports/qtdeclarative-5.13.2-bootstrap-no_examples-no_tests/qtdeclarative-everywhere-src-5.13.2/src/qml/jsruntime/qv4vme_moth.cpp:862
#19 0x089c7ec75d1b in QV4::Moth::VME::exec (frame=0x7f7ca8a8, 
engine=0x89c219fa000)
at