g_input_stream_skip on http1 chunked response leads to crash
I can not mount WebDAV shares provided by my NextCloud instance anymore using Fedora 36 (gvfs 1.50.2).
After a few seconds Nautilus always says "Unable to access location / Remote peer disconnected".
The full output of coredumpctl is available in Red Hat Bugzilla issue 2093400. The most relevant part is likely:
Stack trace of thread 62128:
#0 0x00007f662a15ced1 __strncmp_avx2 (libc.so.6 + 0x15ced1)
#1 0x00007f662a4c317c read_internal (libsoup-3.0.so.0 + 0x3817c)
#2 0x00007f662a73bdfa g_input_stream_skip (libgio-2.0.so.0 + 0x7edfa)
#3 0x00007f662a4d8d1a soup_filter_input_stream_skip (libsoup-3.0.so.0 + 0x4dd1a)
#4 0x00007f662a4d8887 soup_client_input_stream_skip (libsoup-3.0.so.0 + 0x4d887)
#5 0x00007f662a73bdfa g_input_stream_skip (libgio-2.0.so.0 + 0x7edfa)
#6 0x0000558d76dea4ec try_mount_stat_cb (gvfsd-dav + 0x154ec)
#7 0x00007f662a76d8aa g_task_return_now (libgio-2.0.so.0 + 0xb08aa)
#8 0x00007f662a76dad3 g_task_return (libgio-2.0.so.0 + 0xb0ad3)
#9 0x0000558d76de8e3c dav_send_async_with_redir_cb (gvfsd-dav + 0x13e3c)
#10 0x00007f662a76d8aa g_task_return_now (libgio-2.0.so.0 + 0xb08aa)
#11 0x00007f662a76dad3 g_task_return (libgio-2.0.so.0 + 0xb0ad3)
#12 0x00007f662a4ea232 async_send_request_return_result (libsoup-3.0.so.0 + 0x5f232)
#13 0x00007f662a4f1f9d run_until_read_done (libsoup-3.0.so.0 + 0x66f9d)
#14 0x00007f662a76d8aa g_task_return_now (libgio-2.0.so.0 + 0xb08aa)
#15 0x00007f662a76dad3 g_task_return (libgio-2.0.so.0 + 0xb0ad3)
#16 0x00007f662a4c99ed io_run_until_read_async (libsoup-3.0.so.0 + 0x3e9ed)
#17 0x00007f662a4c9a38 io_run_until_read_ready (libsoup-3.0.so.0 + 0x3ea38)
#18 0x00007f662a576faf g_main_context_dispatch (libglib-2.0.so.0 + 0x54faf)
#19 0x00007f662a5cc2c8 g_main_context_iterate.constprop.0 (libglib-2.0.so.0 + 0xaa2c8)
#20 0x00007f662a5766cf g_main_loop_run (libglib-2.0.so.0 + 0x546cf)
#21 0x0000558d76de359a daemon_main (gvfsd-dav + 0xe59a)
#22 0x0000558d76ddfd59 main (gvfsd-dav + 0xad59)
#23 0x00007f662a029550 __libc_start_call_main (libc.so.6 + 0x29550)
#24 0x00007f662a029609 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x29609)
#25 0x0000558d76ddfd95 _start (gvfsd-dav + 0xad95)
I tried to gather additional debug data following https://wiki.gnome.org/Projects/gvfs/debugging#Getting_debug_logs
$ GVFS_DEBUG=1 $(find /usr/lib* -name gvfsd 2>/dev/null) --replace 2>&1 | tee gvfsd.log
fuse: failed to access mountpoint /run/user/1004/gvfs: Transport endpoint is not connected
trash: Added new job source 0x5605bb911880 (GVfsBackendTrash)
trash: Queued new job 0x5605bb912820 (GVfsJobMount)
trash: send_reply(0x5605bb912820), failed=0 ()
trash: backend_dbus_handler org.gtk.vfs.Mount:CreateFileMonitor (pid=64556)
trash: Queued new job 0x5605bb912b80 (GVfsJobCreateMonitor)
trash: send_reply(0x5605bb912b80), failed=0 ()
trash: backend_dbus_handler org.gtk.vfs.Mount:CreateFileMonitor (pid=64556)
trash: Queued new job 0x5605bb912b80 (GVfsJobCreateMonitor)
trash: send_reply(0x5605bb912b80), failed=0 ()
trash: backend_dbus_handler org.gtk.vfs.Mount:QueryInfo (pid=64556)
trash: Queued new job 0x5605bb8fab50 (GVfsJobQueryInfo)
trash: send_reply(0x5605bb8fab50), failed=0 ()
trash: backend_dbus_handler org.gtk.vfs.Mount:QueryInfo (pid=64556)
trash: Queued new job 0x5605bb8fabf0 (GVfsJobQueryInfo)
trash: send_reply(0x5605bb8fabf0), failed=0 ()
dav: Added new job source 0x561106bad0c0 (GVfsBackendDav)
dav: Queued new job 0x561106ba5ab0 (GVfsJobMount)
dav: + mount
dav: + soup_authenticate (interactive, first auth)
dav: [/remote.php/dav/files/fs] webdav: 1, collection 1 [res: 1]
^C
Before I terminated gvfsd, the error message appeared in nautilus.
Interestingly I can connect to my NextCloud instance when starting gvfs with "GVFS_HTTP_DEBUG=all". The logs contain some cookie values which I'm hesitant to share publicly but I noticed one additional assertion where previously the process would crash:
(process:65023): GVFS-CRITICAL **: 12:31:47.663: g_mount_spec_set_with_len_internal: assertion 'value != NULL' failed
dav: send_reply(0x55f21a0e4a70), failed=0 ()
...
If you like I can also create a test user on my NextCloud instance so you can debug the issue yourself (remote machine is a Fedora 36 server with nginx).