GNOME Bugzilla – Bug 607974
Nautilus crashing on broken cycling links
Last modified: 2013-03-02 00:25:58 UTC
Test case: ln -s 1 2 ln -s 2 1 nautilus .
hmm... ¿? Thanks for taking the time to report this bug. This bug report isn't very useful because it doesn't describe the bug well. If you have time and can still reproduce the bug, please read http://bugzilla.gnome.org/bug-HOWTO.html and add a more useful description to this bug.
Created attachment 152182 [details] Last lines of strace output when opening directory with symlinks
Just try create two symlinks in same directory which will be linking to each other e.g.: link1 -> link2 link2 -> link1 Then try to open this directory in nautilus, here nautilus segfaulting.
Created attachment 152860 [details] [review] nautilus-2.29.3-limit-symlink-resolving-depth.patch This is my first try, stupid patch, limiting the resolving depth to 20 tries.
*** Bug 615914 has been marked as a duplicate of this bug. ***
*** Bug 445456 has been marked as a duplicate of this bug. ***
As Linux raises an ELOOP error in this condition, I assume Nautilus is not opening the symlink using a standard 'open', but instead manually following symlinks, with no limit on the number of times it will follow them. To reproduce: $ mkdir looptest; cd looptest $ touch foo $ ln -s foo bar $ rm foo $ ln -s bar foo $ ls -l total 8 lrwxrwxrwx 1 matt matt 84 2010-04-16 11:07 bar -> foo lrwxrwxrwx 1 matt matt 84 2010-04-16 11:07 foo -> bar $ cat foo cat: foo: Too many levels of symbolic links $ nautilus . This crashes Nautilus as it loads. I examined the crash in GDB. The stack trace is about 178575 frames long and then it SIGSEGVs. The majority of the stack trace is a cycle between three functions (which I can't see because I don't have source on). This implies that it's simply following the symlinks manually forever until a stack overflow.
Yes, Nautilus resolves symlinks manually on icon ("object/file") load and queues stat requests into the idle mainloop. It's actually difficult to distinguish between loading and idle state of the NautilusFile instance. We can't get ELOOP in our case because of the internal design.
*** Bug 638104 has been marked as a duplicate of this bug. ***
this seems to be resolved at least as of version 3.0.
I tried to reproduce again, I can confirm this bug has been fixed, altough I could not see a git log entry referncing this report. anyways, it is fixed in GNOME 3.2 for sure. Thank you all for your work on this. CLOSING.
*** Bug 694972 has been marked as a duplicate of this bug. ***