Discourse completely dies on very trivial markup


(Michael - DiscourseHosting.com) #1

One of our customers managed to completely hang his forum in a reproducible manner.
We have isolated a minimum amount of markup that will reproduce this behavior.

On try.discourse.org, making a post containing this code gives a server error or gateway timeout (sometimes one, sometimes the other, even seems to alternate). On our servers and one external host we tried, thin completely locks up and does not come available again.

Error message in the log

Processing by PostsController#create as */*
  Parameters: {"raw"=>"  offending raw data removed ", "reply_to_post_number"=>"", "archetype"=>"regular", "title"=>"combination of markup and link", "auto_close_time"=>""}
Completed 500 Internal Server Error in 79ms

V8::Error (Cannot call method 'shift' of undefined):
  lib/pretty_text.rb:147:in `block in markdown'
  lib/pretty_text.rb:128:in `synchronize'
  lib/pretty_text.rb:128:in `markdown'
  lib/pretty_text.rb:169:in `cook'
  app/models/post_analyzer.rb:10:in `cook'
  app/models/post_analyzer.rb:111:in `cooked_document'
  app/models/post_analyzer.rb:56:in `raw_mentions'
  app/models/post.rb:128:in `block (2 levels) in <class:Post>'
  lib/validators/post_validator.rb:38:in `max_mention_validator'
  lib/validators/post_validator.rb:9:in `validate'
  lib/post_creator.rb:232:in `save_post'
  lib/post_creator.rb:60:in `block in create'
  lib/post_creator.rb:56:in `create'
  app/controllers/posts_controller.rb:36:in `block in create'
  lib/distributed_memoizer.rb:28:in `memoize'
  app/controllers/posts_controller.rb:34:in `create'
  lib/middleware/anonymous_cache.rb:104:in `call'
  config/initializers/quiet_logger.rb:10:in `call_with_quiet_assets'
  config/initializers/silence_logger.rb:19:in `call'

Since these few lines can effectively DoS a forum, I will not be posting the markup here. Where can they be sent to?


(Sam Saffron) #2

emails it to team@discourse.org and sam.saffron@gmail.com


(Dan Porter) #3

This also seems to be a recent issue we’ve noticed over at Farset Labs Discourse

I will also e-mail my example text.


(Régis Hanol) #4

For the record, I think I’ve fixed it in:

https://github.com/discourse/discourse/commit/659589e56335ed7a8be7e242bdb3cab06ba74393

I’m awaiting @eviltrout’s review as he’s the creator of that library in order to make sure I didn’t break anything.


(Michael - DiscourseHosting.com) #5

I can confirm that your fix solves the problem, at least the specific issue we were encountering.


(Jeff Atwood) #6

(Sam Saffron) #7

(Sam Saffron) #8

Reopening this till I fix the timeout code in therubyracer.


(Michael - DiscourseHosting.com) #9

Just out of curiosity, do you know why our forum was hanging itself up and try.discourse.org wasn’t, or at least in a much lesser way?

Is this a difference between unicorn (you’re running unicorn, right) and thin? Or didn’t I try hard enough ? :smile:


(Sam Saffron) #10

We use unicorn and it does terminate non-responsive workers. Unicorn is awesome and my recommended web server for Discourse.


(Sam Saffron) #11

This is now REALLY fixed:

https://github.com/discourse/discourse/commit/1556548ff6633cbfac8f463a82628f45afb24856

AND

https://github.com/cowboyd/therubyracer/issues/290


(Jacob) #12

Will the Ubuntu guide be updated with Unicorn as a default?


(Jeff Atwood) #13

The Docker install is our new preferred default and will be replacing the ubuntu guide. @sam will also be posting an upgrade guide howto soon for switching your old and busted Ubuntu install to a new hotness Docker install.

(Docker runs great on Ubuntu, recent Ubuntu Server anyway!)


(Sam Saffron) #14

This topic was automatically closed after 24 hours. New replies are no longer allowed.