file-view: Always unset pending_selection after freeing it (!277) · Merge requests · GNOME / Files

Marco Trevisan requested to merge 3v1n0/nautilus:pending-selection-nullify into master Jul 26, 2018

When a file view was loaded with a pending selection, and not all the files were seen yet, the private pending_selection list was properly free'd, but the pointer was not cleared, causing a crash when nautilus_files_view_set_selection was called again, as it was trying to deeply copy a list pointed by this invalid reference.

So, removing the unneeded pending_selection temporary pointer from the main function scope, as it only confuses, while use it (with an autolist) when we need to pass the previous priv->pending_selection to set_selection again.

Eventually use a g_clear_pointer to free the list and nullify its priv reference

Fixes #295 (closed)

An hackish way to trigger this crash repeatedly (1st in Ubuntu so far), was to just apply something like this:

diff --git a/src/nautilus-files-view.c b/src/nautilus-files-view.c
index ad6af62fa..cb0d67e19 100644
--- a/src/nautilus-files-view.c
+++ b/src/nautilus-files-view.c
@@ -3655,6 +3655,7 @@ done_loading (NautilusFilesView *view,
 
         pending_selection = priv->pending_selection;
         selection = nautilus_view_get_selection (NAUTILUS_VIEW (view));
+        all_files_seen = FALSE;
 
         if (nautilus_view_is_searching (NAUTILUS_VIEW (view)) &&
             all_files_seen && !selection && !pending_selection)

And then running, first nautilus /path/to/file-to-select.ext and then from another terminal nautilus /path/to/file-to-select2.ext. At 2nd call, it will crash.

Which was leading to the crash.

file-view: Always unset pending_selection after freeing it

Merge request reports