Page MenuHomePhabricator

PHP Notice: Unable to unserialize in AbuseFilter.php
Open, Needs TriagePublic

Description

Error

Request ID: AWhh9wR0zpjgITg63PIw
Request URL: here (contains cyrillic letters, pretty long to write here)

message
PHP Notice: Unable to unserialize: [Here is a serialized AbuseFilterVariableHolder object]. Unexpected end of buffer during unserialization.
trace
#0 /srv/mediawiki/php-1.33.0-wmf.13/extensions/AbuseFilter/includes/AbuseFilter.php(1525): MWExceptionHandler::handleError(integer, string, string, integer, array, array)
#1 /srv/mediawiki/php-1.33.0-wmf.13/extensions/AbuseFilter/includes/Views/AbuseFilterViewExamine.php(172): AbuseFilter::loadVarDump(string)
#2 /srv/mediawiki/php-1.33.0-wmf.13/extensions/AbuseFilter/includes/Views/AbuseFilterViewExamine.php(27): AbuseFilterViewExamine->showExaminerForLogEntry(string)
#3 /srv/mediawiki/php-1.33.0-wmf.13/extensions/AbuseFilter/includes/special/SpecialAbuseFilter.php(122): AbuseFilterViewExamine->show()
#4 /srv/mediawiki/php-1.33.0-wmf.13/includes/specialpage/SpecialPage.php(569): SpecialAbuseFilter->execute(string)
#5 /srv/mediawiki/php-1.33.0-wmf.13/includes/specialpage/SpecialPageFactory.php(558): SpecialPage->run(string)
#6 /srv/mediawiki/php-1.33.0-wmf.13/includes/MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#7 /srv/mediawiki/php-1.33.0-wmf.13/includes/MediaWiki.php(862): MediaWiki->performRequest()
#8 /srv/mediawiki/php-1.33.0-wmf.13/includes/MediaWiki.php(517): MediaWiki->main()
#9 /srv/mediawiki/php-1.33.0-wmf.13/index.php(42): MediaWiki->run()
#10 /srv/mediawiki/w/index.php(3): include(string)
#11 {main}

Impact

Presumably low, seen twice in the last 7 days.

Notes

Probably due to something bad happened in the past. Should be handled within T213006.

Details

Related Gerrit Patches:
mediawiki/extensions/AbuseFilter : masterAdd a maintenance script to clean afl_var_dump

Event Timeline

Daimona created this task.Jan 18 2019, 6:17 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 18 2019, 6:17 PM
Daimona updated the task description. (Show Details)Jan 18 2019, 6:23 PM

OK, so I think I understood this. First of, this is the link with the broken log entry. Using quarry for abuse_filter_log.afl_id === 101, you can get the whole row. Since it was inserted in 2009, the var dump is inside afl_var_dump instead of the text table/external storage. Reading it, you can see that the serialized string is truncated, and thus unserialization obviously fails. My guess is that this happened because the string was too long for an SQL blob [1], thus being truncated upon insertion. In fact, strlen returns 65361 of length, whereas BLOB is capped at 65535. I guess the delta has some explanation unrelated to this bug (maybe I didn't count bytes properly). The only thing I'm not sure of is the presence of the special character U+FFFD at the end of the serialized string. But again, I guess this is unrelated to the bug, and probably added e.g. by quarry or upon DB insertion.

As anticipated in the task description, this can and should be handled within the script for T213006. Since having a truncated serialized string is a pretty common problem, there are several PHP scripts around the web to recover partial data. I'll try to see if we can use any of them, or write one myself, and will add it to the script.

[1]: Curiously, the afl_var_dump was changed from BLOB to LONGBLOB in rEABFa7bc94cc80487f0b3063fa5ff19b6e6ff7917ddd, just a couple of days before this bug happened.

Change 482499 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/extensions/AbuseFilter@master] [WIP] Add a maintenance script to clean afl_var_dump

https://gerrit.wikimedia.org/r/482499

Daimona claimed this task.Jan 22 2019, 6:22 PM
Alroilim closed this task as Declined.Feb 2 2019, 7:19 PM
Alroilim removed Daimona as the assignee of this task.
Alroilim triaged this task as Lowest priority.
Alroilim set Due Date to Feb 1 2019, 9:00 PM.
Alroilim updated the task description. (Show Details)
Alroilim removed subscribers: gerritbot, Daimona, Aklapper.
Restricted Application changed the subtype of this task from "Task" to "Deadline". · View Herald TranscriptFeb 2 2019, 7:19 PM
Gopavasanth reopened this task as Open.Feb 2 2019, 7:42 PM
Gopavasanth assigned this task to Daimona.
Huji updated the task description. (Show Details)
Huji updated the task description. (Show Details)
Huji added subscribers: Aklapper, gerritbot.
Huji raised the priority of this task from Lowest to Needs Triage.Feb 2 2019, 7:56 PM
Huji removed Due Date.
Restricted Application changed the subtype of this task from "Deadline" to "Task". · View Herald TranscriptFeb 2 2019, 7:56 PM
Daimona moved this task from Next to Under review on the User-Daimona board.Feb 11 2019, 5:52 PM

Change 482499 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/extensions/AbuseFilter@master] [WIP] Add a maintenance script to clean afl_var_dump

https://gerrit.wikimedia.org/r/482499

mmodell changed the subtype of this task from "Task" to "Production Error".Aug 28 2019, 11:07 PM