I have done a little bit of investigation – here’s the situation as
relayed to us by David G. at Planet Argon:
Within the last few weeks it was up, we were seeing cpu usage
and memory usage skyrocket, IT’d peg the cpu at 100%, peg memory
usage at 2 gigs. Disabling it was the only way we could keep
the server usable for the other people on it. This happens with
trac via mod_python, cgi, and tracd.
… and in a later message he said …
…it seems programmatic in nature as it takes a very short period
of time for it to start blowing out our resources. I didn’t
find anything conclusive in my testing, except that it occurs
under cgi, mod_python as well as tracd.
Just to complete the picture, David said this is what our installation
Trac .10 from subversion
Akismet for spam protection
This weekend I sent the following back to David, Scott, and Kevin:
I was digging through Trac’s mail list, and I found references to
two tickets that might be similar to our problem:
So if one of our attacking spambots posted changes to a page
that triggered either of these bugs, we would see the CPU
spike whenever someone viewed that page. None of the messages
on the list mention excessive memory usage, so perhaps these
bugs aren’t the same as what we are seeing.
These changes have been rolled into branches/0.10-stable of Trac.
So we basically need someone with both time and a shell account on the
machine to test fixes for our Trac instance. Sprewell and I have some
time, but no shell account.
Anyone with experience fixing broken Trac installations, now would be a
great time to offer up any advice gained from the experience.
Tim C. wrote: