Segmentation fault whilst opening Rubbish Bin/ trash://

Just ran again with the source directory for libio enabled in gdb and the line that's going wrong is as follows:
463 f->_IO_write_ptr = __mempcpy (f->_IO_write_ptr, s, count);

Thank you for taking the time to report this bug and helping to make Ubuntu better. Please try to obtain a backtrace following the instructions at http://wiki.ubuntu.com/DebuggingProgramCrash and upload the backtrace (as an attachment) to the bug report. This will greatly help us in tracking down your problem.

Please find attached the Valgrind log of `_SLICE=always-malloc G_DEBUG=gc-friendly valgrind -v --tool=memcheck --leak-check=full --num-callers=40 --log-file=valgrind.log $(which nautilus) trash://`

Please also find attached the backtrace obtained from GDB using the instructions at https://wiki.ubuntu.com/Backtrace

weird, it seems that it keeps getting change events ... does "gvfs-ls trash:///" works? does it work if you uninstall python-nautilus? do you get the same issue in a guest session?

Can confirm gvfs-ls trash:/// works fine producing the output of all the files in the trash:// location.

I have another account on the system with plenty of files in that trash:// works perfectly fine for. Guest mode trash:// also works perfectly fine.

The program still crashes with SIGSEGV (__GI__IO_default_xsputn (f=0x7fffff7ff600, data=<optimised out>, n=38) at genops.c:463) with python-nautilus uninstalled and pruged out (I did not restart the system, but I ensured that nautilus was completely killed before I re-attempted the test)

I'm guessing there's probably something in my trash:// that's triggering this right? Any particular file types I should look for? Interestingly opening `nautilus ~/.local/share/Trash/files` causes a sefault too!

not sure, do you have symlinks in there? maybe a looping one?

Result! XD There were indeed some (now broken after being moved to trash) symlinks in there! Moving two of them out of the trash stopped the crash! The symlinks that caused the SIGSEGV, were also relative-based ones, I've posted the result of ls -la below.

lrwxrwxrwx 1 jonathan jonathan 13 Apr 8 05:04 ToggleRGB.c -> ToggleRGB.ino
lrwxrwxrwx 1 jonathan jonathan 11 Apr 8 05:05 ToggleRGB.ino -> ToggleRGB.c

There is indeed a circular reference created here is there not as they're now referencing each other? These files weren't originally ever together at the same time until they were deleted, and then this problem occurred when they were moved into the trash together. I wasn't aware Nautilus would try to resolve the symlinks in some way, but surely crashing when this situation occurs is still undesirable behaviour?

Many thanks for helping work out what was going wrong though :)

Just discovered Nautilus will crash wherever these two files are placed together! Attached .tar.gz with a folder that upon opening should crash Nautilus. Hopefully the symlinks will be preserved in the archive!

Thanks, the issue is an upstream one, it would be nice if somebody could send the bug to the developers of the software by following the instructions at https://wiki.ubuntu.com/Bugs/Upstream/GNOME.

I've reported the bug here: https://gitlab.gnome.org/GNOME/nautilus/issues/289

Proper tracking is blocked by bug 1603679

(Btw I can confirm this bug is reproducible in Ubuntu 17.10)

* bug 1745210

Upstream says their latest stable and master works fine (see previous link), so this is an Ubuntu-specific bug

@ads20000 we are still waiting to confirm they tested this on trash:// though :)

As per the upstream bug:
The bug doesn't exist in the Files 3.24.1 Flatpak.
Also I got a newer stacktrace here: https://paste.ubuntu.com/p/R8bvFbbw77/

Upstream: 'Having nautilus-dropbox installed is a shortcut to reproducing the crash. Otherwise, you can trigger it by copying/moving the two files together somewhere.'

They've reopened the bug.

( I wouldn't be commenting this if bug 1745210 were fixed ;) )

This is fixed upstream (I'm assuming this means it'll get into GNOME 3.30 and Ubuntu 18.10)

(well, supposedly fixed by a commit, will test in the Files Nightly Flatpak soon to see if I can reproduce the bug post-commit)

The upstream commit is https://gitlab.gnome.org/GNOME/nautilus/commit/0d24b6a1

Could you confirm if the fix is working?

As far as I understand, Fix Committed is the wrong status for the Ubuntu task since the fix is not committed into Ubuntu.

I'm waiting for someone to rebuild the Files Nightly Flatpak (the last build was 2018-03-18 08:53:15 +0000) since I don't really want to build master by hand.

The new version is in Ubuntu now