Page MenuHomePhabricator
Create Task
Maniphest T43198

"Invalid argument supplied for foreach" in User::saveOptions() during automatic account creation
Closed, ResolvedPublic
Actions

Description

Since 1.21wmf2 we are logging "invalid argument supplied for foreach" errors in User::saveOptions(). Debugging on the live site indicates that this is caused by interaction between a recent change to CentralAuth (I92f57fc2) a long-standing bug in User::clearInstanceCache(), and AbuseFilter #18 on en.wikibooks.org.

User::clearInstanceCache() clears $this->mOptions but does not set $this->mOptionsLoaded to false, as would be expected for a cache clear. It is called by addToDatabase(). This is not normally a problem for CentralAuth:: attemptAddUser() since it calls User::loadDefaults() before it calls addToDatabase(), and loadDefaults() does set $this->mOptionsLoaded to false.

I92f57fc2 rearranged the calling sequence so that the AbortAutoAccount hook is called in between the loadDefaults() call and the addToDatabase() call. When an AbortAutoAccount hook function then loads the user options for some reason, the invalid state is created and User::addToDatabase() generates the warning.

AF #18 on en.wikibooks.org loads the user options when AbuseFilter::executeFilterActions() calls $wgOut->parseInline(), which constructs a ParserOptions object.

Version: 1.21.x
Severity: normal

Details

Reference
bz41198

Related Objects

Event Timeline

bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 1:01 AM
bzimport added a project: MediaWiki-User-login-and-signup.
bzimport set Reference to bz41198.
bzimport added a subscriber: Unknown Object (MLST).
tstarling created this task.Oct 19 2012, 2:54 AM
Aklapper added a comment.Oct 19 2012, 3:01 AM

Dup of bug 41175? However this one has a perfect analysis that I'd love to see copied to 41175 in case I'm correct. :)

tstarling added a comment.Oct 19 2012, 4:16 AM
  • Bug 41175 has been marked as a duplicate of this bug. ***
tstarling added a comment.Oct 19 2012, 4:18 AM

Fixed in https://gerrit.wikimedia.org/r/#/c/28659/ and deployed.

Tgr mentioned this in T43201: UserLoadFromSession considered evil.Aug 27 2015, 6:27 AM
Luke081515 removed a subscriber: wikibugs-l-list.Jan 28 2016, 6:12 PM
Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptJan 28 2016, 6:12 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL