Created attachment 64375 [details] patch to fix Version: 2.4-GIT (using Devel) OS: OS X MP4TagHelper::embeddedCover() stores a pointer to a TagLib::MP4::CoverArt item in a TagLib::MP4::CoverArtList which goes out of scope. Reproducible: Always Steps to Reproduce: Populated dynamic playlist including M4A files with embedded cover art. Expected Results: No crash.
Could you maybe also report the crash with a proper backtrace first? Also please submit patches to http://reviewboard.kde.org
Created attachment 64415 [details] backtrace Backtrace attached.
Backtrace from comment #2: (please always paste backtraces inline, else the database is not searchable) The backtrace shows similarities to bugs #265590 and #265591 (duplicates of #265577, fixed in taglib) as well as #282157 )duplicate of #262955 a MySQL related bug). Thread 1 (process 6133): #0 0x00007fffffe001a0 in __atomic_add32 () #1 0x00007fff82d4e17e in OSAtomicAdd32Barrier () #2 0x00000001008af056 in Meta::Tag::MP4TagHelper::embeddedCover (this=<value temporarily unavailable, due to optimizations>) at /Users/charles/software/amarok/shared/tag_helpers/MP4TagHelper.cpp:182 #3 0x0000000100860593 in Meta::Tag::embeddedCover (path=<value temporarily unavailable, due to optimizations>) at /Users/charles/software/amarok/shared/MetaTagLib.cpp:309 #4 0x000000011e936a19 in Meta::SqlAlbum::image (this=0x125187040, size=90) at /Users/charles/software/amarok/src/core-impl/collections/db/sql/SqlMeta.cpp:1554 #5 0x000000011e936806 in Meta::SqlAlbum::imageLocation (this=0x125187040, size=90) at /Users/charles/software/amarok/src/core-impl/collections/db/sql/SqlMeta.cpp:1593 #6 0x000000010078c157 in Meta::ProxyAlbum::imageLocation (this=<value temporarily unavailable, due to optimizations>, size=90) at /Users/charles/software/amarok/src/core-impl/collections/proxycollection/ProxyCollectionMeta.cpp:845 #7 0x0000000100a6a4d3 in SvgHandler::imageWithBorder (this=0x1226a5ed0, album=@0x7fff5fbf4330, size=<value temporarily unavailable, due to optimizations>, borderWidth=5) at /Users/charles/software/amarok/src/SvgHandler.cpp:249 #8 0x0000000100723ad9 in Playlist::Model::data (this=0x108a950a0, index=@0x7fff5fbf44b0, role=<value temporarily unavailable, due to optimizations>) at /Users/charles/software/amarok/src/playlist/PlaylistModel.cpp:376 #9 0x000000010375f1bb in QSortFilterProxyModel::data () #10 0x000000010375f1bb in QSortFilterProxyModel::data () #11 0x000000010375f1bb in QSortFilterProxyModel::data () #12 0x000000010077a04b in Playlist::GroupingProxy::data (this=<value temporarily unavailable, due to optimizations>, index=<value temporarily unavailable, due to optimizations>, role=<value temporarily unavailable, due to optimizations>) at /Users/charles/software/amarok/src/playlist/proxymodels/GroupingProxy.cpp:194 #13 0x000000010076b999 in qvariant_cast<QPixmap> [inlined] () at /Users/charles/software/amarok/src/playlist/view/listview/PrettyItemDelegate.cpp:318 #14 qVariantValue<QPixmap> [inlined] () at qvariant.h:599 #15 value<QPixmap> [inlined] () at /opt/local/include/QtCore/qvariant.h:336 #16 0x000000010076b999 in Playlist::PrettyItemDelegate::paintItem (this=0x1248756d0, config=@0x7fff5fbf52c0, painter=0x7fff5fbf5720, option=@0x7fff5fbf5100, index=@0x126490ca0, headerRow=false) at qvariant.h:318 #17 0x000000010076df04 in Playlist::PrettyItemDelegate::paint (this=0x1248756d0, painter=0x7fff5fbf5720, option=@0x7fff5fbf5490, index=@0x126490ca0) at /Users/charles/software/amarok/src/playlist/view/listview/PrettyItemDelegate.cpp:136 #18 0x00000001036feb18 in QListView::paintEvent () #19 0x000000010076f9fa in Playlist::PrettyListView::paintEvent (this=0x124873420, event=0x7fff5fbf6350) at /Users/charles/software/amarok/src/playlist/view/listview/PrettyListView.cpp:669 #20 0x0000000103261776 in QWidget::event () #21 0x00000001035bef5c in QFrame::event () #22 0x000000010364a687 in QAbstractScrollArea::viewportEvent () #23 0x00000001036dbaab in QAbstractItemView::viewportEvent () #24 0x000000010364cb60 in QAbstractScrollAreaFilter::eventFilter () #25 0x00000001023c6b87 in QCoreApplicationPrivate::sendThroughObjectEventFilters () #26 0x00000001032079fe in QApplicationPrivate::notify_helper () #27 0x000000010320d88d in QApplication::notify () #28 0x00000001026f220e in KApplication::notify () #29 0x00000001022d9e7c in QCoreApplication::notifyInternal () #30 0x0000000103207bec in qt_sendSpontaneousEvent () #31 0x00000001031b143d in -[QCocoaView drawRect:] () #32 0x00007fff834a1cc5 in -[NSView _drawRect:clip:] () #33 0x00007fff834a0938 in -[NSView _recursiveDisplayAllDirtyWithLockFocus:visRect:] () #34 0x00007fff8349f00a in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #35 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #36 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #37 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #38 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #39 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #40 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #41 0x00007fff8349fed6 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #42 0x00007fff8349eb2c in -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] () #43 0x00007fff8349b3de in -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] () #44 0x00007fff83414c0e in -[NSView displayIfNeeded] () #45 0x00000001031b5907 in -[QCocoaWindow displayIfNeeded] () #46 0x00007fff8340faba in _handleWindowNeedsDisplay () #47 0x00007fff826dfb37 in __CFRunLoopDoObservers () #48 0x00007fff826bb464 in __CFRunLoopRun () #49 0x00007fff826badbf in CFRunLoopRunSpecific () #50 0x00007fff8a2e2c64 in -[NSRunLoop(NSRunLoop) runMode:beforeDate:] () #51 0x00007fff8a32e21e in -[NSRunLoop(NSRunLoop) runUntilDate:] () #52 0x00007fff8372788b in NSCoreDragReceiveProc () #53 0x00007fff8a20eeef in DoDropMessage () #54 0x00007fff8a20f384 in SendDropMessage () #55 0x00007fff8a210ce1 in DragInApplication () #56 0x00007fff8a211749 in CoreDragStartDragging () #57 0x00007fff83726938 in -[NSCoreDragManager _dragUntilMouseUp:accepted:] () #58 0x00007fff8372637e in -[NSCoreDragManager dragImage:fromWindow:at:offset:event:pasteboard:source:slideBack:] () #59 0x00007fff839e151e in -[NSWindow(NSDrag) dragImage:at:offset:event:pasteboard:source:slideBack:] () #60 0x00000001031b297d in QDragManager::drag () #61 0x000000010321cdcb in QDrag::exec () #62 0x00000001036dcc38 in QAbstractItemView::startDrag () #63 0x00000001006caa90 in dbgstreamwrapper [inlined] () at /Users/charles/software/amarok/src/browsers/CollectionTreeView.cpp:552 #64 Debug::debug () at /Users/charles/software/amarok/src/core/support/Debug.h:149 #65 0x00000001006caa90 in CollectionTreeView::startDrag (this=0x1228c0d90, supportedActions=@0x7fff5fbfaae0) at Debug.h:553 #66 0x00000001036d8f91 in QAbstractItemView::mouseMoveEvent () #67 0x00000001006c447b in CollectionTreeView::mouseMoveEvent (this=0x1228c0d90, event=0x7fff5fbfb7d0) at /Users/charles/software/amarok/src/browsers/CollectionTreeView.cpp:396 #68 0x00000001006f864f in CollectionBrowserTreeView::mouseMoveEvent (this=0x1228c0d90, event=0x7fff5fbfb7d0) at /Users/charles/software/amarok/src/browsers/collectionbrowser/CollectionBrowserTreeView.cpp:44 #69 0x00000001032617f3 in QWidget::event () #70 0x00000001035bef5c in QFrame::event () #71 0x000000010364a687 in QAbstractScrollArea::viewportEvent () #72 0x00000001036dbaab in QAbstractItemView::viewportEvent () #73 0x00000001006f871c in CollectionBrowserTreeView::viewportEvent (this=0x1228c0d90, event=0x7fff5fbfb7d0) at /Users/charles/software/amarok/src/browsers/collectionbrowser/CollectionBrowserTreeView.cpp:112 #74 0x000000010364cb60 in QAbstractScrollAreaFilter::eventFilter () #75 0x00000001023c6b87 in QCoreApplicationPrivate::sendThroughObjectEventFilters () #76 0x00000001032079fe in QApplicationPrivate::notify_helper () #77 0x000000010320f590 in QApplication::notify () #78 0x00000001026f220e in KApplication::notify () #79 0x00000001022d9e7c in QCoreApplication::notifyInternal () #80 0x0000000103207bec in qt_sendSpontaneousEvent () #81 0x00000001031be0b8 in qt_mac_handleMouseEvent () #82 0x00007fff834df0c7 in -[NSWindow sendEvent:] () #83 0x00000001031b5cdb in -[QCocoaWindow sendEvent:] () #84 0x00007fff83413afa in -[NSApplication sendEvent:] () #85 0x00000001031b92e8 in -[QNSApplication sendEvent:] () #86 0x00007fff833aa6de in -[NSApplication run] () #87 0x00000001031c2e65 in QEventDispatcherMac::processEvents () #88 0x00000001023c6244 in QEventLoop::processEvents () #89 0x00000001023c6564 in QEventLoop::exec () #90 0x00000001023c7b6c in QCoreApplication::exec () #91 0x0000000100013912 in main (argc=3, argv=0x7fff5fbfe7c0) at /Users/charles/software/amarok/src/main.cpp:294
I've reproduced this bug while linking against taglib at commit 6ea859 (HEAD as of 2011-10-08), so I'm pretty sure the crashes I saw weren't the fixed taglib problem.
*** Bug 285072 has been marked as a duplicate of this bug. ***
Same bug in Linux, changing OS
Git commit 9fc3a1884e4524fbb2064903b3ef1f4b2c55f44a by Sergey Ivanov. Committed on 29/10/2011 at 07:57. Pushed by ivanov into branch 'master'. Prevent crash on getting cover from MP4 files. Thanks to Charles Reiss <woggling@gmail.com> for this patch. BUG: 283675 FIXED-IN: 2.5 REVIEW: 102828 M +2 -0 ChangeLog M +8 -6 shared/tag_helpers/MP4TagHelper.cpp http://commits.kde.org/amarok/9fc3a1884e4524fbb2064903b3ef1f4b2c55f44a
*** Bug 286972 has been marked as a duplicate of this bug. ***
*** Bug 286897 has been marked as a duplicate of this bug. ***
*** Bug 287043 has been marked as a duplicate of this bug. ***
*** Bug 287373 has been marked as a duplicate of this bug. ***
*** Bug 287701 has been marked as a duplicate of this bug. ***
*** Bug 287705 has been marked as a duplicate of this bug. ***
*** Bug 287715 has been marked as a duplicate of this bug. ***
*** Bug 288016 has been marked as a duplicate of this bug. ***
*** Bug 301187 has been marked as a duplicate of this bug. ***