1252434 – nautilus crashes before the undo bar is shown

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1252434 - nautilus crashes before the undo bar is shown

Summary: nautilus crashes before the undo bar is shown

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	nautilus
Sub Component:
Version:	7.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	David King
QA Contact:	Desktop QE
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	1259739 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-08-11 12:09 UTC by Martin Simon
Modified:	2016-06-24 12:00 UTC (History)
CC List:	8 users (show)
Fixed In Version:	nautilus-3.14.3-5.el7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-11-19 08:35:40 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
Patch 1 (16.85 KB, patch) 2015-09-14 12:20 UTC, Carlos Soriano	no flags	Details \| Diff
patch2 (1015 bytes, patch) 2015-09-14 12:20 UTC, Carlos Soriano	no flags	Details \| Diff
patch 3 (8.17 KB, patch) 2015-09-14 12:21 UTC, Carlos Soriano	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:2236	0	normal	SHIPPED_LIVE	nautilus bug fix and enhancement update	2015-11-19 09:02:22 UTC

Description Martin Simon 2015-08-11 12:09:58 UTC

Description of problem:
Nautilus ends with segmentation fault after paste action. This is only reproducible in a secondary nautilus window (the first is ran background, but I don't know the architecture). 

Version-Release number of selected component (if applicable):
nautilus-3.14.3-3.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1. Open Home, select Templates folder (for example) and press CTRL+C
2. Open Desktop folder in the same window and press CTRL+V

Actual results:
nautilus crashes

Expected results:
no crash

Additional info:
nautilus[5870]: segfault at 200000016 ip 00007fb0e2b92f1b sp 00007ffe87d17e50 error 4 in libgobject-2.0.so.0.4200.2[7fb0e2b61000+4e000]

Comment 1 Vitezslav Humpa 2015-08-11 12:40:25 UTC

Managed to reproduce this too. Backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x00007f4af2600f1b in g_type_check_instance_cast () from /lib64/libgobject-2.0.so.0
(gdb) bt
#0  0x00007f4af2600f1b in g_type_check_instance_cast () at /lib64/libgobject-2.0.so.0
#1  0x00000000004749f6 in nautilus_window_on_undo_changed (manager=<optimized out>, window=0x29deb30) at nautilus-window.c:1512
#2  0x00007f4af25dede8 in g_closure_invoke () at /lib64/libgobject-2.0.so.0
#3  0x00007f4af25f09b1 in signal_emit_unlocked_R () at /lib64/libgobject-2.0.so.0
#4  0x00007f4af25f8471 in g_signal_emit_valist () at /lib64/libgobject-2.0.so.0
#5  0x00007f4af25f872f in g_signal_emit () at /lib64/libgobject-2.0.so.0
#6  0x00000000004d2d28 in nautilus_file_undo_manager_set_action (info=<optimized out>) at nautilus-file-undo-manager.c:245
#7  0x00000000004a8164 in finalize_common (common=0x2e65ed0) at nautilus-file-operations.c:974
#8  0x00000000004a8d2b in copy_job_done (user_data=0x2e65ed0) at nautilus-file-operations.c:4587
#9  0x00007f4af287ea2f in mainloop_proxy_func () at /lib64/libgio-2.0.so.0
#10 0x00007f4af22e179a in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#11 0x00007f4af22e1ae8 in g_main_context_iterate.isra.24 () at /lib64/libglib-2.0.so.0
#12 0x00007f4af22e1b9c in g_main_context_iteration () at /lib64/libglib-2.0.so.0
#13 0x00007f4af28c4f24 in g_application_run () at /lib64/libgio-2.0.so.0
#14 0x000000000042a0fb in main (argc=3, argv=0x7ffc197b8888) at nautilus-main.c:103

Comment 2 Martin Simon 2015-08-12 16:17:09 UTC

The very same segfault is also by renaming any file/folder. Again, the scenario is to start nautilus and close it (the process should remain in background), start nautilus again (only to redirect the new process to the background one) and paste/rename or probably some other operations -> segfault.

Backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x00007feb9ecf4f1b in g_type_check_instance_cast ()
   from /lib64/libgobject-2.0.so.0
(gdb) bt
#0  0x00007feb9ecf4f1b in g_type_check_instance_cast ()
    at /lib64/libgobject-2.0.so.0
#1  0x00000000004749f6 in nautilus_window_on_undo_changed (manager=<optimized out>, window=0x1934770) at nautilus-window.c:1512
#2  0x00007feb9ecd2de8 in g_closure_invoke () at /lib64/libgobject-2.0.so.0
#3  0x00007feb9ece49b1 in signal_emit_unlocked_R ()
    at /lib64/libgobject-2.0.so.0
#4  0x00007feb9ecec471 in g_signal_emit_valist () at /lib64/libgobject-2.0.so.0
#5  0x00007feb9ecec72f in g_signal_emit () at /lib64/libgobject-2.0.so.0
#6  0x00000000004d2d28 in nautilus_file_undo_manager_set_action (info=<optimized out>) at nautilus-file-undo-manager.c:245
#7  0x00000000004b70e7 in nautilus_file_operation_free (op=0x1e3d780)
    at nautilus-file.c:1674
#8  0x00000000004be7c9 in nautilus_file_operation_complete (op=<optimized out>, result_file=<optimized out>, error=<optimized out>) at nautilus-file.c:1700
#9  0x00000000004bf04c in rename_get_info_callback (source_object=<optimized out>, res=<optimized out>, callback_data=0x1e3d780) at nautilus-file.c:1767
#10 0x00007feb9ef95b7b in g_task_return_now () at /lib64/libgio-2.0.so.0
#11 0x00007feb9ef95b99 in complete_in_idle_cb () at /lib64/libgio-2.0.so.0
#12 0x00007feb9e9d579a in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#13 0x00007feb9e9d5ae8 in g_main_context_iterate.isra.24 ()
    at /lib64/libglib-2.0.so.0
#14 0x00007feb9e9d5b9c in g_main_context_iteration ()
    at /lib64/libglib-2.0.so.0
#15 0x00007feb9efb8f24 in g_application_run () at /lib64/libgio-2.0.so.0
#16 0x000000000042a0fb in main (argc=3, argv=0x7ffd71e7dca8)
    at nautilus-main.c:103


As the backtrace is similar to the above one, I suppose the problem is related to nautilus_file_undo_manager_set_action at nautilus-file-undo-manager.c:245

Comment 3 David King 2015-09-03 13:39:58 UTC

nautilus_window_on_undo_changed() appears in both stacktraces, and was added by the new undo feature in bug 1102849, so seems like a regression caused by the patch added in nautilus-3.14.3-3.el7.

Comment 4 Carlos Soriano 2015-09-14 12:20:24 UTC

Created attachment 1073217 [details]
Patch 1

This serie of patches are the ones present on https://bugzilla.redhat.com/show_bug.cgi?id=1102849 but with the crash reported here fixed

Comment 5 Carlos Soriano 2015-09-14 12:20:46 UTC

Created attachment 1073218 [details]
patch2

Comment 6 Carlos Soriano 2015-09-14 12:21:13 UTC

Created attachment 1073219 [details]
patch 3

Comment 7 David King 2015-09-14 13:08:02 UTC

Seems fixed for me with those patches.

Comment 11 Martin Simon 2015-09-15 08:19:31 UTC

I've retested this with the new build containing those patches nautilus-3.14.3-5.el7.x86_64 and I'm no longer able to reproduce the segfault. It seems to be fixed now.

Comment 12 Vadim Rutkovsky 2015-09-24 15:53:50 UTC

*** Bug 1259739 has been marked as a duplicate of this bug. ***

Comment 13 Vadim Rutkovsky 2015-10-08 10:50:26 UTC

Still occurs on 3.14.3-5.el7: see http://faf-report.itos.redhat.com/reports/10497/

Comment 14 errata-xmlrpc 2015-11-19 08:35:40 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2236.html

Comment 15 Jakub Filak 2016-06-24 12:00:39 UTC

There are 3 CentOS-7 bug reports against nautilus-3.14.3-7.el7 that were identified as duplicates of bug #1259739 by ABRT/FAF:
https://bugs.centos.org/view.php?id=10058
https://bugs.centos.org/view.php?id=9987
https://bugs.centos.org/view.php?id=9963

http://test-report.itos.redhat.com/problems/bthash/?bth=0b56446b0fddfcece885aea7c59512ced6adf417&bth=608e091eab857f2e030f8ba4e3bd7766292428db&bth=86ec504f3edc4668b518cbeb459f0ce2b8dfb2ed&bth=b3cad1434011b8fd2d249dca10319151db5d8f99

Note You need to log in before you can comment on or make changes to this bug.