Page MenuHomePhabricator
Create Task
Maniphest T167465

"Key contains invalid characters" when using MultiWriteBagOStuff
Closed, ResolvedPublicPRODUCTION ERROR
Actions

Description

This may not be related to the parent task (wmf.4 rollout), but I spotted it then so I'm filing it as such. On Commons (so far, could be elsewhere), something is generating links of the following sort:

https://commons.wikimedia.org/wiki/File:Map_of_USA_OR.svg?uselang=⧼Lang⧽

The actual error appears in logstash as:

Key contains invalid characters: commonswiki:pcache:idhash:7398609-0!userlang=⧼lang⧽

#0 /srv/mediawiki/php-1.30.0-wmf.4/includes/libs/objectcache/MemcachedPeclBagOStuff.php(145): MemcachedBagOStuff->validateKeyEncoding(string)
#1 /srv/mediawiki/php-1.30.0-wmf.4/includes/libs/objectcache/MemcachedBagOStuff.php(56): MemcachedPeclBagOStuff->getWithToken(string, NULL, integer)
#2 /srv/mediawiki/php-1.30.0-wmf.4/includes/libs/objectcache/BagOStuff.php(185): MemcachedBagOStuff->doGet(string, integer)
#3 /srv/mediawiki/php-1.30.0-wmf.4/includes/libs/objectcache/MultiWriteBagOStuff.php(112): BagOStuff->get(string, integer)
#4 /srv/mediawiki/php-1.30.0-wmf.4/includes/libs/objectcache/BagOStuff.php(185): MultiWriteBagOStuff->doGet(string, integer)
#5 /srv/mediawiki/php-1.30.0-wmf.4/includes/parser/ParserCache.php(230): BagOStuff->get(string, integer, integer)
#6 /srv/mediawiki/php-1.30.0-wmf.4/includes/page/Article.php(528): ParserCache->get(WikiFilePage, ParserOptions)
#7 /srv/mediawiki/php-1.30.0-wmf.4/includes/page/ImagePage.php(162): Article->view()
#8 /srv/mediawiki/php-1.30.0-wmf.4/includes/actions/ViewAction.php(68): ImagePage->view()
#9 /srv/mediawiki/php-1.30.0-wmf.4/includes/MediaWiki.php(499): ViewAction->show()
#10 /srv/mediawiki/php-1.30.0-wmf.4/includes/MediaWiki.php(293): MediaWiki->performAction(ImagePage, Title)
#11 /srv/mediawiki/php-1.30.0-wmf.4/includes/MediaWiki.php(862): MediaWiki->performRequest()
#12 /srv/mediawiki/php-1.30.0-wmf.4/includes/MediaWiki.php(523): MediaWiki->main()
#13 /srv/mediawiki/php-1.30.0-wmf.4/index.php(43): MediaWiki->run()
#14 /srv/mediawiki/w/index.php(3): include(string)
#15 {main}

The image varies depending on request--and there's not a ton of these requests to begin with. I'm curious about two things:

  1. Can we stop this from throwing an exception? I imagine we could fail much nicer on bogus uselang values--and we definitely shouldn't be letting it get so far down the stack into the parser cache code...
  2. What's generating these bogus links? My guess is some on-wiki template or whatever, but I dunno.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
objectcache: Forward MultiWriteBagOStuff::makeKey to primary backendmediawiki/corewmf/1.30.0-wmf.5+79 -0
objectcache: Forward MultiWriteBagOStuff::makeKey to primary backendmediawiki/coremaster+79 -0
Customize query in gerrit

Related Objects

Event Timeline

demon created this task.Jun 8 2017, 8:10 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 8 2017, 8:10 PM
Paladox subscribed.Jun 8 2017, 10:38 PM
brooke subscribed.Jun 8 2017, 11:21 PM

Note this doesn't look image-specific; I get exception thrown if I try on a regular page that exists too, such as https://commons.wikimedia.org/wiki/Main_Page?uselang=%E2%A7%BCLang%E2%A7%BD BUT - I don't see the equivalent error on enwiki. https://en.wikipedia.org/wiki/Main_Page?uselang=%E2%A7%BCLang%E2%A7%BD does not error out.

The 'uselang' on ResourceContext and later goes through into $wgUserLang etc & should be pre-sanitized, so I'm not sure where the unsanitized one is coming from exactly... Some other extension maybe? (/me looks askance at ULS but doesn't see an obvious bug yet)

demon removed a parent task: T166829: MW-1.30.0-wmf.4 deployment blockers.Jun 8 2017, 11:32 PM

Per IRC, it's looking like these queries are coming from a malformed Bingbot request. So removed as blocker, although this is still pretty nasty and needs fixing.

brooke added a comment.Jun 9 2017, 12:00 AM

Per irc, note that Wikibase's splitting everything on user lang is why the userlang appears in pcache and thus the bug is visible on any page on Commons, given the URL param, but on meta or enwiki it needs to be a page that uses user-lang stuff specifically.

I can force a similar scenario on a one-off page in MediaWiki-Vagrant:

  1. On Main Page, add {{int:mainpage}} or something else that uses a user-language UI message.
  2. go to http://dev.wiki.local.wmftest.net:8080/wiki/Main_Page?uselang=%E2%A7%BCLang%E2%A7%BD
  3. be surprised that the cache key is: "wiki:pcache:idhash:1-0!userlang=%E2%A7%BClang%E2%A7%BD"

Because something's URL-encoding here it doesn't trip the error that was seen in production, but it's still mostly-unsanitized data going into the key that shouldn't be.

brooke added a comment.Jun 9 2017, 12:15 AM

Turns out Language::isValidCode() lets a lot through that I didn't expect for compatibility with weird hacks. It should prevent actual < and > and path-traversals etc, but is letting the non-ASCIIs through directly.

If that's expected behavior (hah!), then the main question is why is it coming up in the pcache key URL-encoded on my vagrant setup but not URL-encoded in production? URL-encoding should "solve" it insofar as making the cache keys work.

brooke added a comment.Jun 9 2017, 12:36 AM

Ok, my vagrant install is using MemcachedBagOStuff which has a makeKeyInternal() which uses rawurlencode() on input strings, but in production we're using MultiWriteBagOStuff which does not override the naive base implementation from BagOStuff.

As a result, the keys created via MultiWriteBagOStuff->makeKey() are not encoded, and MemcachedBagOStuff sees non-ASCII chars and rejects them.

Recommended fix: move the sanitization in MemcacheBagOStuff->makeKeyInternal up to BagOStuff->makeKeyInternal and just apply it evenly everywhere so no surprises.

Legoktm added subscribers: Krinkle, Legoktm.Jun 9 2017, 3:54 AM

Ooh, that's interesting. +cc @Krinkle . This is probably caused by rMWff8a0c788bc8: parser: Avoid deprecated wfMemcKey() then. wfMemcKey() calls $wgMemc->makeKey so it would use the MemcachedBagOStuff implementation, but switching to the actual MultiWriteBagOStuff->makeKey() leaves it without the special memcache handling.

Tgr subscribed.Jun 9 2017, 11:01 AM

MultiWriteBagOStuff should probably unmake keys into arrays and passing them to the makeKey method of the bag it is proxying to, before calling that bag's get/set method.

Krinkle renamed this task from "Key contains invalid characters" on bogus uselang input to "Key contains invalid characters" when using MultiWriteBagOStuff.Jun 9 2017, 11:08 PM
Krinkle added a project: Performance-Team.
Krinkle moved this task from General to libs/objectcache on the MediaWiki-libs-BagOStuff board.
Krinkle added a subscriber: aaron.
Anomie merged a task: T167639: Some parsercache keys yield error when tried to save into memcache.Jun 12 2017, 11:44 AM
Anomie added subscribers: fgiunchedi, hashar, elukey and 5 others.
Anomie merged a task: T167894: "Key contains invalid characters" for parser cache.Jun 14 2017, 3:10 PM
Krinkle added a comment.EditedJun 14 2017, 3:15 PM
In T167465#3334449, @brion wrote:

Recommended fix: move the sanitization in MemcacheBagOStuff->makeKeyInternal up to BagOStuff->makeKeyInternal and just apply it evenly everywhere so no surprises.

I'm not sure we can assume a single encoding will (or should) work on every backend. I'd rather keep this generic.

I'd recommend we apply the same logic in MultiWriteBackOStuff as we do already in WANObjectCache and CachedBagOStuff - which is to simply create stub methods that call the backend's method for makeKey and makeGlobalKey.

Krinkle moved this task from Untriaged to Dec2019/1.35.wmf.10+ on the Wikimedia-production-error board.Jun 14 2017, 4:33 PM
Krinkle claimed this task.Jun 14 2017, 5:01 PM
Krinkle moved this task from Inbox, needs triage to Doing (old) on the Performance-Team board.
gerritbot added a comment.Jun 14 2017, 5:12 PM

Change 358999 had a related patch set uploaded (by Krinkle; owner: Krinkle):
[mediawiki/core@master] objectcache: Forward MultiWriteBagOStuff::makeKey to primary backend

https://gerrit.wikimedia.org/r/358999

gerritbot added a project: Patch-For-Review.Jun 14 2017, 5:12 PM
demon added a comment.Jun 14 2017, 7:11 PM

This is totally related: T143188: WikiArticleFeeds caching throws "Key contains invalid characters" exception on pages with a "ä" in the title

brooke mentioned this in T143188: WikiArticleFeeds caching throws "Key contains invalid characters" exception on pages with a "ä" in the title.Jun 15 2017, 2:24 AM
gerritbot added a comment.Jun 15 2017, 2:45 AM

Change 358999 merged by jenkins-bot:
[mediawiki/core@master] objectcache: Forward MultiWriteBagOStuff::makeKey to primary backend

https://gerrit.wikimedia.org/r/358999

brooke added a comment.Jun 15 2017, 2:46 AM
In T167465#3348454, @Krinkle wrote:
In T167465#3334449, @brion wrote:

Recommended fix: move the sanitization in MemcacheBagOStuff->makeKeyInternal up to BagOStuff->makeKeyInternal and just apply it evenly everywhere so no surprises.

I'm not sure we can assume a single encoding will (or should) work on every backend. I'd rather keep this generic.

Note that MemcachedBagOStuff seems to be the only subclass enforcing any validation or non-default key encoding at present... SqlBagOStuff probably should because it has a length limit on objectcache.keyname column, but doesn't seem to check for it.

I'd recommend we apply the same logic in MultiWriteBackOStuff as we do already in WANObjectCache and CachedBagOStuff - which is to simply create stub methods that call the backend's method for makeKey and makeGlobalKey.

Sounds good for now, I've +2'd the patch.

ReleaseTaggerBot added a project: MW-1.30-release-notes.Jun 15 2017, 3:00 AM
gerritbot added a comment.Jun 15 2017, 2:34 PM

Change 359144 had a related patch set uploaded (by Krinkle; owner: Krinkle):
[mediawiki/core@wmf/1.30.0-wmf.5] objectcache: Forward MultiWriteBagOStuff::makeKey to primary backend

https://gerrit.wikimedia.org/r/359144

gerritbot added a comment.Jun 15 2017, 6:14 PM

Change 359144 merged by jenkins-bot:
[mediawiki/core@wmf/1.30.0-wmf.5] objectcache: Forward MultiWriteBagOStuff::makeKey to primary backend

https://gerrit.wikimedia.org/r/359144

Stashbot subscribed.Jun 15 2017, 6:16 PM

Mentioned in SAL (#wikimedia-operations) [2017-06-15T18:16:50Z] <demon@tin> Synchronized php-1.30.0-wmf.5/includes/libs/objectcache/MultiWriteBagOStuff.php: T167465 (duration: 00m 44s)

ReleaseTaggerBot edited projects, added MW-1.30-release-notes (WMF-deploy-2017-06-13_(1.30.0-wmf.5)); removed MW-1.30-release-notes.Jun 15 2017, 7:00 PM
Krinkle closed this task as Resolved.Jun 21 2017, 6:54 PM

Fixed. Error count for this dropped to 0 on 2017-06-15 when wmf.5 rolled out to all wikis:

Screen Shot 2017-06-21 at 19.53.33.png (550×2 px, 104 KB)

demon added a comment.Jun 21 2017, 6:56 PM

Thanks everyone for your help on this! Was quite a rabbit hole from the initial bug report :)

Krinkle merged a task: T167954: Fatal exception for specific user when trying to view enwiki page due to "Key contains invalid characters".Jul 6 2017, 4:01 AM
Krinkle added a subscriber: matej_suchanek.
matej_suchanek unsubscribed.Sep 14 2018, 10:02 AM
Reedy removed a project: Patch-For-Review.May 17 2019, 9:46 PM
Krinkle moved this task from Dec2019/1.35.wmf.10+ to Resolved on the Wikimedia-production-error board.May 29 2019, 4:01 PM
mmodell changed the subtype of this task from "Task" to "Production Error".Aug 28 2019, 11:10 PM
Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:42 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits