Page MenuHomePhabricator
Create Task
Maniphest T268055

Occasional phan-taint-check-plugin crashes with “Illegal offset type in isset or empty”
Closed, ResolvedPublic
Actions

Description

I noticed this in build #83250:

Analyzing files...
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░/mediawiki/extensions/Wikibase/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:404 [2] Illegal offset type in isset or empty
(Phan 2.6.1 crashed when parsing/analyzing 'client/includes/Api/ApiPropsEntityUsage.php')
More details:
#2: MWVisitor->handleGetQueryInfoReturn() called at [/mediawiki/extensions/Wikibase/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:354] Args: [ast\Node({"kind":129,"flags":3,"lineno":755,"children":[{"kind":525,"flags":0,"lineno":755,"children":{"value":{"kind":513,"flags":0,"lineno":755,"children":{"expr":{"kind":256,"flags":0,"lineno":755,"children":{"name":"this"}},"prop":"tables"}},"key":"tables"}},{"kind":525,"flags":0,"lineno":756,"children":{"value":{"kind":513,"flags":0,"lineno":756,"children":{"expr":{"kind":256,"flags":0,"lineno":756,"children":{"name":"this"}},"prop":"fields"}},"key":"fields"}},{"kind":525,"flags":0,"lineno":757,"children":{"value":{"kind":513,"flags":0,"lineno":757,"children":{"expr":{"kind":256,"flags":0,"lineno":757,"children":{"name":"this"}},"prop":"conds"}},"key":"conds"}},{"kind":525,"flags":0,"lineno":758,"children":{"value":{"kind":513,"flags":0,"lineno":758,"children":{"expr":{"kind":256,"flags":0,"lineno":758,"children":{"name":"this"}},"p...

(The Gerrit change for this build doesn’t touch ApiPropsEntityUsage.php, or indeed any file below client/.) But looking through the mwext-php72-phan-docker build history I also found some other occurrences of what seems to be the same error:

#83256

18:55:00 Analyzing files...
18:55:14 ░░░░░░░░░░░░░░/mediawiki/extensions/AbuseFilter/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:404 [2] Illegal offset type in isset or empty
18:55:20 (Phan 2.6.1 crashed when parsing/analyzing 'includes/api/ApiQueryAbuseFilters.php')
18:55:20 More details:
18:55:20 #2: MWVisitor->handleGetQueryInfoReturn() called at [/mediawiki/extensions/AbuseFilter/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:354] Args: [ast\Node({"kind":129,"flags":3,"lineno":755,"children":[{"kind":525,"flags":0,"lineno":755,"children":{"value":{"kind":513,"flags":0,"lineno":755,"children":{"expr":{"kind":256,"flags":0,"lineno":755,"children":{"name":"this"}},"prop":"tables"}},"key":"tables"}},{"kind":525,"flags":0,"lineno":756,"children":{"value":{"kind":513,"flags":0,"lineno":756,"children":{"expr":{"kind":256,"flags":0,"lineno":756,"children":{"name":"this"}},"prop":"fields"}},"key":"fields"}},{"kind":525,"flags":0,"lineno":757,"children":{"value":{"kind":513,"flags":0,"lineno":757,"children":{"expr":{"kind":256,"flags":0,"lineno":757,"children":{"name":"this"}},"prop":"conds"}},"key":"conds"}},{"kind":525,"flags":0,"lineno":758,"children":{"value":{"kind":513,"flags":0,"lineno":758,"children":{"expr":{"kind":256,"flags":0,"lineno":758,"children":{"name":"this"}}...

#83254

18:54:19 Analyzing files...
18:54:34 ░░░░░░░░░░░░░░/mediawiki/extensions/AbuseFilter/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:404 [2] Illegal offset type in isset or empty
18:54:34 (Phan 2.6.1 crashed when parsing/analyzing 'includes/api/ApiQueryAbuseFilters.php')
18:54:34 More details:
18:54:34 #2: MWVisitor->handleGetQueryInfoReturn() called at [/mediawiki/extensions/AbuseFilter/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:354] Args: [ast\Node({"kind":129,"flags":3,"lineno":755,"children":[{"kind":525,"flags":0,"lineno":755,"children":{"value":{"kind":513,"flags":0,"lineno":755,"children":{"expr":{"kind":256,"flags":0,"lineno":755,"children":{"name":"this"}},"prop":"tables"}},"key":"tables"}},{"kind":525,"flags":0,"lineno":756,"children":{"value":{"kind":513,"flags":0,"lineno":756,"children":{"expr":{"kind":256,"flags":0,"lineno":756,"children":{"name":"this"}},"prop":"fields"}},"key":"fields"}},{"kind":525,"flags":0,"lineno":757,"children":{"value":{"kind":513,"flags":0,"lineno":757,"children":{"expr":{"kind":256,"flags":0,"lineno":757,"children":{"name":"this"}},"prop":"conds"}},"key":"conds"}},{"kind":525,"flags":0,"lineno":758,"children":{"value":{"kind":513,"flags":0,"lineno":758,"children":{"expr":{"kind":256,"flags":0,"lineno":758,"children":{"name":"this"}}...

Details

SubjectRepoBranchLines +/-
Follow-up I4034ba70e9: Adjust codestyle to make phan happymediawiki/coremaster+3 -2
Bump taint-check to 3.0.4mediawiki/tools/phanmaster+2 -2
Bump taint-check to 3.0.4mediawiki/tools/phanstable-0.10+2 -2
Skip non-literal keys in getQueryInfomediawiki/tools/phan/SecurityCheckPluginmaster+21 -2
Customize query in gerrit

Related Objects

Event Timeline

Lucas_Werkmeister_WMDE created this task.Nov 17 2020, 6:13 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 17 2020, 6:13 PM
Jdforrester-WMF subscribed.Nov 17 2020, 6:16 PM

Another one of these in WikiLambda change 641262, #83260:

00:01:25.748 Analyzing files...
00:01:28.454 ░░/mediawiki/extensions/WikiLambda/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:404 [2] Illegal offset type in isset or empty
00:01:28.454 (Phan 2.6.1 crashed when parsing/analyzing 'includes/API/ApiQueryZObjectLabels.php')
00:01:28.454 More details:
00:01:28.485 #2: MWVisitor->handleGetQueryInfoReturn() called at [/mediawiki/extensions/WikiLambda/vendor/mediawiki/phan-taint-check-plugin/src/MWVisitor.php:354] Args: [ast\Node({"kind":129,"flags":3,"lineno":755,"children":[{"kind":525,"flags":0,"lineno":755,"children":{"value":{"kind":513,"flags":0,"lineno":755,"children":{"expr":{"kind":256,"flags":0,"lineno":755,"children":{"name":"this"}},"prop":"tables"}},"key":"tables"}},{"kind":525,"flags":0,"lineno":756,"children":{"value":{"kind":513,"flags":0,"lineno":756,"children":{"expr":{"kind":256,"flags":0,"lineno":756,"children":{"name":"this"}},"prop":"fields"}},"key":"fields"}},{"kind":525,"flags":0,"lineno":757,"children":{"value":{"kind":513,"flags":0,"lineno":757,"children":{"expr":{"kind":256,"flags":0,"lineno":757,"children":{"name":"this"}},"prop":"conds"}},"key":"conds"}},{"kind":525,"flags":0,"lineno":758,"children":{"value":{"kind":513,"flags":0,"lineno":758,"children":{"expr":{"kind":256,"flags":0,"lineno":758,"children":{"name":"this"}},...
DannyS712 subscribed.Nov 17 2020, 6:17 PM

Could this have been caused by T267859: Future of tests/phan in MW Core ?

Jdforrester-WMF added a comment.Nov 17 2020, 6:18 PM

It seems unlikely (that's not meant to be live), but the timing fits.

Daimona subscribed.Nov 17 2020, 6:20 PM
In T268055#6628277, @DannyS712 wrote:

Could this have been caused by T267859: Future of tests/phan in MW Core ?

Isn't it dead code?

Looking at the failure, seems like some code is using a non-literal key in getQueryInfo, which taint-check is not expecting. I'm investigating now, no guarantees to finish soon though. Please raise your voice if the world starts breaking for real.

Jdforrester-WMF added a comment.Nov 17 2020, 6:24 PM

Joy, this seems entirely deterministic, and so now the whole of WikiLambda codebase is unmergeable. Joy.

gerritbot added a comment.Nov 17 2020, 6:37 PM

Change 641477 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/tools/phan/SecurityCheckPlugin@master] Skip non-literal keys in getQueryInfo

https://gerrit.wikimedia.org/r/641477

gerritbot added a project: Patch-For-Review.Nov 17 2020, 6:37 PM
Daimona claimed this task.Nov 17 2020, 6:40 PM
gerritbot added a comment.Nov 17 2020, 6:44 PM

Change 641477 merged by jenkins-bot:
[mediawiki/tools/phan/SecurityCheckPlugin@master] Skip non-literal keys in getQueryInfo

https://gerrit.wikimedia.org/r/641477

Ammarpad subscribed.Nov 17 2020, 6:48 PM
In T268055#6628291, @Daimona wrote:

Looking at the failure, seems like some code is using a non-literal key in getQueryInfo, which taint-check is not expecting.

Probably this https://gerrit.wikimedia.org/r/c/mediawiki/core/+/640667

gerritbot added a comment.Nov 17 2020, 6:50 PM

Change 641304 had a related patch set uploaded (by Jforrester; owner: DannyS712):
[mediawiki/core@master] Follow-up I4034ba70e9: Adjust codestyle to make phan happy

https://gerrit.wikimedia.org/r/641304

gerritbot added a comment.Nov 17 2020, 6:53 PM

Change 641481 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/tools/phan@master] Bump taint-check to 3.0.4

https://gerrit.wikimedia.org/r/641481

gerritbot added a comment.Nov 17 2020, 6:54 PM

Change 641488 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/tools/phan@stable-0.10] Bump taint-check to 3.0.4

https://gerrit.wikimedia.org/r/641488

gerritbot added a comment.Nov 17 2020, 7:11 PM

Change 641488 merged by jenkins-bot:
[mediawiki/tools/phan@stable-0.10] Bump taint-check to 3.0.4

https://gerrit.wikimedia.org/r/641488

gerritbot added a comment.Nov 17 2020, 7:12 PM

Change 641481 merged by jenkins-bot:
[mediawiki/tools/phan@master] Bump taint-check to 3.0.4

https://gerrit.wikimedia.org/r/641481

gerritbot added a comment.Nov 17 2020, 7:19 PM

Change 641304 merged by jenkins-bot:
[mediawiki/core@master] Follow-up I4034ba70e9: Adjust codestyle to make phan happy

https://gerrit.wikimedia.org/r/641304

Jdforrester-WMF closed this task as Resolved.Nov 17 2020, 7:34 PM

OK, @DannyS712's quick hack merged in core to unbreak the world, and new release of mw-phan made and will be upgraded by LibUp. Thanks all!

ReleaseTaggerBot added a project: MW-1.36-notes (1.36.0-wmf.20; 2020-12-01).Nov 17 2020, 8:00 PM
Maintenance_bot removed a project: Patch-For-Review.Nov 17 2020, 8:10 PM
Daimona mentioned this in rMTPS0be782b1971a: Skip non-literal keys in getQueryInfo.Nov 17 2020, 9:11 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL