Bug 995760

Summary: [abrt] firewall-config-0.3.4-1.fc19: firewall-config:1562:onChangeZone:TypeError: 'NoneType' object has no attribute '__getitem__'
Product: [Fedora] Fedora Reporter: Tomas Dolezal <todoleza>
Component: firewalldAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 21CC: abo, alihosseini65, benjaminfogel, c.kirbach, crankymoose, eblake, fedyapupkin, formisc, frankrrichards, hafflys, hedelao, jdbarnes, jim, jim.odayinst, jpopelka, jries, kjenzz, lenumina, luke, maurizio.antillon, mflitter, mhroncok, mitr, nguyentienlong88, pal666, rick, scattol, shawnx, s.kieske, ssabcew, sumitkbhardwaj, tcfxfzoi, thiessendg, toxicmerap, tsiatouras.vasilis, twoerner, v3x, viktor.matveenko, vlad, vrutkovs, wielkipiec, Wilhelm.Buchmueller, xperimenterx
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: abrt_hash:6c06059304273d8babd1616f3379a6ef41b1609b
Fixed In Version: firewalld-0.3.14.1-1.fc22 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1049956 1049957 (view as bug list) Environment:
Last Closed: 2015-06-18 13:28:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
File: environ none

Description Tomas Dolezal 2013-08-10 21:22:25 UTC 
Version-Release number of selected component:
firewall-config-0.3.4-1.fc19

Additional info:
reporter:       libreport-2.1.6
cmdline:        /usr/bin/python /usr/bin/firewall-config
executable:     /usr/bin/firewall-config
kernel:         3.10.5-201.fc19.x86_64
runlevel:       N 5
type:           Python
uid:            1000

Truncated backtrace:
firewall-config:1562:onChangeZone:TypeError: 'NoneType' object has no attribute '__getitem__'

Traceback (most recent call last):
  File "/usr/bin/firewall-config", line 1562, in onChangeZone
    _services = services[:]
TypeError: 'NoneType' object has no attribute '__getitem__'

Local variables in innermost frame:
masquerade: False
default: False
interfaces: []
args: (<TreeSelection object at 0x23509b0 (GtkTreeSelection at 0x1ffa940)>,)
self: <__main__.FirewallConfig object at 0x1e8cf10>
sources: []
builtin: False
icmpblocks: []
rules: []
services: None
active_zone: 'public'
ports: []
forward_ports: []
Comment 1 Tomas Dolezal 2013-08-10 21:22:29 UTC 
Created attachment 785274 [details]
File: backtrace
Comment 2 Tomas Dolezal 2013-08-10 21:22:32 UTC 
Created attachment 785275 [details]
File: environ
Comment 3 Jiri Popelka 2013-08-15 16:01:53 UTC 
*** Bug 962398 has been marked as a duplicate of this bug. ***
Comment 4 Jiri Popelka 2013-08-15 16:02:05 UTC 
*** Bug 974219 has been marked as a duplicate of this bug. ***
Comment 5 Jiri Popelka 2013-08-15 16:02:32 UTC 
*** Bug 993400 has been marked as a duplicate of this bug. ***
Comment 6 Jiri Popelka 2013-08-16 15:48:38 UTC 
*** Bug 994446 has been marked as a duplicate of this bug. ***
Comment 7 Jiri Popelka 2013-10-14 10:40:56 UTC 
*** Bug 1018484 has been marked as a duplicate of this bug. ***
Comment 8 Jiri Popelka 2013-10-21 10:40:28 UTC 
*** Bug 1021073 has been marked as a duplicate of this bug. ***
Comment 9 Jiri Popelka 2013-12-02 11:43:21 UTC 
*** Bug 1036290 has been marked as a duplicate of this bug. ***
Comment 10 Jiri Popelka 2013-12-02 11:43:34 UTC 
*** Bug 1036373 has been marked as a duplicate of this bug. ***
Comment 11 Jiri Popelka 2013-12-18 18:49:26 UTC 
*** Bug 1044643 has been marked as a duplicate of this bug. ***
Comment 12 Jiri Popelka 2014-01-21 11:31:59 UTC 
This might be fixed with 0.3.9.2, let's move it to ON_QA.
Comment 13 Jiri Popelka 2014-03-18 12:58:32 UTC 
*** Bug 1076827 has been marked as a duplicate of this bug. ***
Comment 14 Jiri Popelka 2014-03-18 12:59:40 UTC 
*** Bug 1076846 has been marked as a duplicate of this bug. ***
Comment 16 Jiri Popelka 2014-04-17 07:56:26 UTC 
*** Bug 1088630 has been marked as a duplicate of this bug. ***
Comment 17 Jiri Popelka 2014-05-05 12:11:21 UTC 
*** Bug 1093313 has been marked as a duplicate of this bug. ***
Comment 18 Jiri Popelka 2014-05-14 11:58:05 UTC 
*** Bug 1097696 has been marked as a duplicate of this bug. ***
Comment 19 Jiri Popelka 2014-07-03 12:50:34 UTC 
*** Bug 1109341 has been marked as a duplicate of this bug. ***
Comment 20 Jiri Popelka 2014-07-14 10:00:56 UTC 
*** Bug 1118913 has been marked as a duplicate of this bug. ***
Comment 21 Jiri Popelka 2014-07-15 08:34:59 UTC 
*** Bug 1119541 has been marked as a duplicate of this bug. ***
Comment 22 Jiri Popelka 2014-07-22 12:43:27 UTC 
*** Bug 1120403 has been marked as a duplicate of this bug. ***
Comment 23 Jiri Popelka 2014-07-23 11:00:52 UTC 
*** Bug 1121310 has been marked as a duplicate of this bug. ***
Comment 24 Jiri Popelka 2014-07-23 11:01:08 UTC 
*** Bug 1000054 has been marked as a duplicate of this bug. ***
Comment 25 Jiri Popelka 2014-08-28 12:04:46 UTC 
*** Bug 1134838 has been marked as a duplicate of this bug. ***
Comment 26 Jiri Popelka 2014-10-09 07:35:03 UTC 
*** Bug 1150733 has been marked as a duplicate of this bug. ***
Comment 27 Jiri Popelka 2014-10-13 10:43:55 UTC 
*** Bug 1151746 has been marked as a duplicate of this bug. ***
Comment 28 Jiri Popelka 2014-10-13 10:44:10 UTC 
*** Bug 1151753 has been marked as a duplicate of this bug. ***
Comment 29 Jiri Popelka 2014-10-17 11:11:19 UTC 
*** Bug 1154034 has been marked as a duplicate of this bug. ***
Comment 30 Jiri Popelka 2014-11-24 12:54:33 UTC 
*** Bug 1167129 has been marked as a duplicate of this bug. ***
Comment 31 Jiri Popelka 2014-12-09 15:53:54 UTC 
*** Bug 1172205 has been marked as a duplicate of this bug. ***
Comment 32 Jiri Popelka 2014-12-18 17:26:38 UTC 
*** Bug 1175806 has been marked as a duplicate of this bug. ***
Comment 33 Jiri Popelka 2015-01-06 11:07:09 UTC 
*** Bug 1178140 has been marked as a duplicate of this bug. ***
Comment 34 Jiri Popelka 2015-01-06 13:05:02 UTC 
*** Bug 1177289 has been marked as a duplicate of this bug. ***
Comment 35 Jiri Popelka 2015-01-09 09:22:19 UTC 
*** Bug 1180344 has been marked as a duplicate of this bug. ***
Comment 36 Jiri Popelka 2015-01-15 08:37:29 UTC 
*** Bug 1182274 has been marked as a duplicate of this bug. ***
Comment 37 Jiri Popelka 2015-01-20 13:14:27 UTC 
*** Bug 1183311 has been marked as a duplicate of this bug. ***
Comment 38 Jiri Popelka 2015-01-20 13:14:37 UTC 
*** Bug 1183240 has been marked as a duplicate of this bug. ***
Comment 39 Jiri Popelka 2015-01-28 12:52:09 UTC 
*** Bug 1186535 has been marked as a duplicate of this bug. ***
Comment 40 Jiri Popelka 2015-03-30 08:13:24 UTC 
*** Bug 1206792 has been marked as a duplicate of this bug. ***
Comment 41 Jiri Popelka 2015-04-20 09:51:25 UTC 
*** Bug 1213129 has been marked as a duplicate of this bug. ***
Comment 42 Jiri Popelka 2015-05-04 08:36:26 UTC 
*** Bug 1218098 has been marked as a duplicate of this bug. ***
Comment 43 Jiri Popelka 2015-05-11 12:32:46 UTC 
*** Bug 1220373 has been marked as a duplicate of this bug. ***
Comment 44 Thomas Woerner 2015-05-20 17:05:55 UTC 
Finally, I was able to reproduce this.

It is a result of an issue in polkitd. polkitd is getting bigger with each dbus request and then there is this in my log when it happens:

[12429.514960] traps: polkitd[18980] general protection ip:7f9ab803dde2 sp:7fff4282fb30 error:0 in libmozjs-17.0.so[7f9ab7efe000+3ba000]
Comment 45 Thomas Woerner 2015-05-20 17:18:43 UTC 
This is the traceback of polkitd within gdb:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6be1de2 in js::ShapeTable::search(long, bool) ()
   from /lib64/libmozjs-17.0.so
(gdb) where
#0  0x00007ffff6be1de2 in js::ShapeTable::search(long, bool) ()
    at /lib64/libmozjs-17.0.so
#1  0x00007ffff6c8f688 in js::ObjectImpl::nativeLookup(JSContext*, long) ()
    at /lib64/libmozjs-17.0.so
#2  0x00007ffff6b9de2f in js::GetPropertyHelper(JSContext*, JS::Handle<JSObject*>, JS::Handle<long>, unsigned int, JS::MutableHandle<JS::Value>) ()
    at /lib64/libmozjs-17.0.so
#3  0x00007ffff6b78655 in js::Interpret(JSContext*, js::StackFrame*, js::InterpMode) () at /lib64/libmozjs-17.0.so
#4  0x00007ffff6b811bd in js::RunScript(JSContext*, JSScript*, js::StackFrame*) () at /lib64/libmozjs-17.0.so
#5  0x00007ffff6b81491 in js::InvokeKernel(JSContext*, JS::CallArgs, js::MaybeConstruct) () at /lib64/libmozjs-17.0.so
#6  0x00007ffff6b81795 in js::Invoke(JSContext*, JS::Value const&, JS::Value const&, unsigned int, JS::Value*, JS::Value*) () at /lib64/libmozjs-17.0.so
#7  0x00007ffff6aed04a in JS_CallFunctionName () at /lib64/libmozjs-17.0.so
#8  0x000055555556075d in polkit_backend_js_authority_check_authorization_sync ()
#9  0x00005555555648ae in check_authorization_sync ()
#10 0x0000555555565100 in polkit_backend_interactive_authority_check_authorization ()
#11 0x000055555555e1c6 in server_handle_method_call ()
#12 0x00007ffff7912aac in call_in_idle_cb () at /lib64/libgio-2.0.so.0
#13 0x00007ffff73067fb in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#14 0x00007ffff7306b98 in g_main_context_iterate.isra ()
    at /lib64/libglib-2.0.so.0
#15 0x00007ffff7306ec2 in g_main_loop_run () at /lib64/libglib-2.0.so.0
#16 0x000055555555d513 in main ()
Comment 46 Thomas Woerner 2015-05-21 10:40:05 UTC 
When polkit dies the reply to a dbus call is damaged and not following the signature anymore.
Comment 48 Thomas Woerner 2015-05-21 11:55:34 UTC 
There are two issues with polkit:

- It gets bigger with each dbus call
- It dies sometimes with results in a damaged dbus call reply
Comment 49 Miloslav Trmač 2015-05-21 15:57:09 UTC 
Thanks for your report.  The polkit crashes are bug #910262.

firewalld error handling also needs improvement: src/firewall/client.py:handle_exceptions can return None if the function it decorates fails, but the registered error handler doesn’t raise any exception and doesn’t quit.  This can happen e.g. through firewall-config:_exception_handler -> firewall-config:_error, when the user clicks on OK and not Quit.

So, reassigning back to firewalld to fix this error handling aspect; the polkit part will be fixed through #910262.
Comment 50 Thomas Woerner 2015-05-21 16:38:45 UTC 
Fixed upstream (https://github.com/t-woerner/firewalld/commit/bbfb2af0e4f78feda74fd3d6dc4c7f3c582aea2c)
Comment 51 Thomas Woerner 2015-06-09 16:12:47 UTC 
*** Bug 1190453 has been marked as a duplicate of this bug. ***
Comment 52 Thomas Woerner 2015-06-09 16:13:06 UTC 
*** Bug 1195307 has been marked as a duplicate of this bug. ***
Comment 53 Thomas Woerner 2015-06-09 16:13:25 UTC 
*** Bug 1190517 has been marked as a duplicate of this bug. ***
Comment 54 Thomas Woerner 2015-06-09 16:13:57 UTC 
*** Bug 1208737 has been marked as a duplicate of this bug. ***
Comment 55 Thomas Woerner 2015-06-09 16:14:29 UTC 
*** Bug 1195904 has been marked as a duplicate of this bug. ***
Comment 56 Thomas Woerner 2015-06-09 16:14:30 UTC 
*** Bug 1053874 has been marked as a duplicate of this bug. ***
Comment 57 Thomas Woerner 2015-06-09 16:15:07 UTC 
*** Bug 1194326 has been marked as a duplicate of this bug. ***
Comment 58 Thomas Woerner 2015-06-09 16:15:38 UTC 
*** Bug 1229143 has been marked as a duplicate of this bug. ***
Comment 59 Fedora Update System 2015-06-12 22:25:55 UTC 
firewalld-0.3.14.1-1.fc22 has been submitted as an update for Fedora 22.
https://admin.fedoraproject.org/updates/firewalld-0.3.14.1-1.fc22
Comment 60 Fedora Update System 2015-06-14 17:34:01 UTC 
Package firewalld-0.3.14.1-1.fc22:
* should fix your issue,
* was pushed to the Fedora 22 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing firewalld-0.3.14.1-1.fc22'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2015-10008/firewalld-0.3.14.1-1.fc22
then log in and leave karma (feedback).
Comment 61 Fedora Update System 2015-06-18 13:28:07 UTC 
firewalld-0.3.14.1-1.fc22 has been pushed to the Fedora 22 stable repository.  If problems still persist, please make note of it in this bug report.