diff -u b/includes/session.inc b/includes/session.inc
--- b/includes/session.inc
+++ b/includes/session.inc
@@ -372,7 +372,7 @@
   if (drupal_session_started()) {
     $old_session_id = session_id();
     // PHP 7.3 requires that we close session before setting new session ID.
-    $original_session_saving = drupal_save_session();
+    $original_save_session_status = drupal_save_session();
     drupal_save_session(FALSE);
     session_write_close();
     drupal_session_started(FALSE);
@@ -384,7 +384,7 @@
     $original_user = $user;
     drupal_session_start();
     $user = $original_user;
-    drupal_save_session($original_session_saving);
+    drupal_save_session($original_save_session_status);
     $params = session_get_cookie_params();
     $expire = $params['lifetime'] ? REQUEST_TIME + $params['lifetime'] : 0;
     setcookie(session_name(), session_id(), $expire, $params['path'], $params['domain'], $params['secure'], $params['httponly']);
only in patch2:
unchanged:
--- /dev/null
+++ b/modules/user/tests/user_session_test.info
@@ -0,0 +1,6 @@
+name = "User module session tests"
+description = "Support module for user session testing."
+package = Testing
+version = VERSION
+core = 7.x
+hidden = TRUE
only in patch2:
unchanged:
--- /dev/null
+++ b/modules/user/tests/user_session_test.module
@@ -0,0 +1,31 @@
+<?php
+
+/**
+ * @file
+ * Dummy module implementing a page callback to create an anon session.
+ */
+
+/**
+ * Implements hook_menu().
+ *
+ * Sets up a form that allows a user to validate password.
+ */
+function user_session_test_menu() {
+  $items = array();
+  $items['user_session_test_anon_session'] = array(
+    'page callback' => 'user_session_test_anon_session',
+    'access callback' => TRUE,
+  );
+  return $items;
+}
+
+/**
+ * Page callback.
+ *
+ * Creates an anonymous user session.
+ */
+function user_session_test_anon_session() {
+  $data = 'This dummy data will be stored in a user session.';
+  $_SESSION[__FUNCTION__] = $data;
+  return $data;
+}
only in patch2:
unchanged:
--- a/modules/user/user.test
+++ b/modules/user/user.test
@@ -321,6 +321,10 @@ class UserLoginTestCase extends DrupalWebTestCase {
     );
   }
 
+  function setUp() {
+    parent::setUp('user_session_test');
+  }
+
   /**
    * Test the global login flood control.
    */
@@ -421,6 +425,17 @@ class UserLoginTestCase extends DrupalWebTestCase {
     $this->assertIdentical(_password_get_count_log2($account->pass), DRUPAL_HASH_COUNT + 1);
   }
 
+  /**
+   * Test logging in when an anon session already exists.
+   */
+  function testLoginWithAnonSession() {
+    // Visit the callback to generate a session for this anon user.
+    $this->drupalGet('user_session_test_anon_session');
+    // Now login.
+    $account = $this->drupalCreateUser(array());
+    $this->drupalLogin($account);
+  }
+
   /**
    * Make an unsuccessful login attempt.
    *