Since 1.21wmf2 we are logging "invalid argument supplied for foreach" errors in User::saveOptions(). Debugging on the live site indicates that this is caused by interaction between a recent change to CentralAuth (I92f57fc2) a long-standing bug in User::clearInstanceCache(), and AbuseFilter #18 on en.wikibooks.org.
User::clearInstanceCache() clears $this->mOptions but does not set $this->mOptionsLoaded to false, as would be expected for a cache clear. It is called by addToDatabase(). This is not normally a problem for CentralAuth:: attemptAddUser() since it calls User::loadDefaults() before it calls addToDatabase(), and loadDefaults() does set $this->mOptionsLoaded to false.
I92f57fc2 rearranged the calling sequence so that the AbortAutoAccount hook is called in between the loadDefaults() call and the addToDatabase() call. When an AbortAutoAccount hook function then loads the user options for some reason, the invalid state is created and User::addToDatabase() generates the warning.
AF #18 on en.wikibooks.org loads the user options when AbuseFilter::executeFilterActions() calls $wgOut->parseInline(), which constructs a ParserOptions object.
Version: 1.21.x
Severity: normal