[Bug]: Control UI freezes when auto-opening /chat?session=main (session-specific crash); other sessions work

[TigerKay1926]

Bug type

Regression (worked before, now fails)

Summary

Opening the Control UI/Dashboard often auto-navigates to the main session and the tab becomes unresponsive (freeze). Opening a different session directly (e.g. work) works normally. This looks like session-data-dependent UI crash combined with “auto restore last/default session” that forces users into the broken main session.；High — opening the dashboard/root URL often forces navigation into session=main, which freezes the entire UI tab, preventing access to session list/settings needed to repair/export the corrupted session. Workaround exists by manually navigating to /chat?session=work, but it is non-obvious and fragile.

Steps to reproduce

1. Start OpenClaw gateway normally (token mode).
2. Open Control UI/Dashboard at http://127.0.0.1:18789/ (or via openclaw dashboard).
3. UI auto-navigates to something like:
   http://127.0.0.1:18789/chat?view=home&session=main
4. The tab freezes / becomes unresponsive (sometimes DevTools can’t open).
5. Open another session directly:
   http://127.0.0.1:18789/chat?session=work → loads and works.

Expected behavior

• A single corrupted/problematic session should not be able to freeze the entire UI.
• If restoring last/default session fails to render, UI should fall back to a safe screen (home/sessions list) and allow the user to export/delete/repair the session.
• Provide a “safe mode” / “skip session restore” option (e.g. query param like ?safe=1) and/or always respect explicit ?session= in the URL without overriding it.

Actual behavior

Auto-opening session=main causes the UI to freeze/hang.
• Because the UI forces navigation to main, the Control UI can become effectively unusable.

OpenClaw version

OpenClaw: 2026.3.12 (6472949)

Operating system

OS: Windows 10 x64

Install method

Browser: Chrome 146.0.7680.76 (Official Build) (64-bit)

Model

gpt5.4

Provider / routing chain

Control UI/Dashboard access: http://127.0.0.1:18789/ (local loopback) • UI route that freezes: auto-navigates to /chat?view=home&session=main • Working route (bypass): /chat?session=work loads normally • Gateway transport: WebSocket over HTTP on localhost (ws://127.0.0.1:18789) • Browser: Chrome 146.0.7680.76 (Official Build) (64-bit) • OS: Windows 10 x64 • OpenClaw: 2026.3.12 (6472949)

Config file / key location

2. Config file / key location (redacted) • Gateway config file: C:\Users\Administrator.openclaw\openclaw.json • Auth mode: gateway.auth.mode = "token" • Token location: gateway.auth.token (value redacted, 64-hex, single-line) • Gateway bind/listen: gateway.bind = "lan"; Listening: 0.0.0.0:18789 (verified via openclaw gateway status) • Important: No tokens or secrets are included in this report.

Additional provider/model setup details

• This issue is Control UI session rendering / session restore behavior, not model/provider-specific.
• Reproduces regardless of agent model configuration.
• Gateway is healthy (RPC probe: ok) while the UI tab freezes, suggesting a frontend/session-data-dependent crash rather than gateway not running.

Logs, screenshots, and evidence

A) Evidence (most important)

• Screenshot A: Browser address bar shows it navigates to
http://127.0.0.1:18789/chat?view=home&session=main
then the tab becomes unresponsive/frozen.
• Screenshot B: Opening
http://127.0.0.1:18789/chat?session=work
works normally (UI responsive).

B) Gateway status (text evidence)

From openclaw gateway status (redacted, no token):

• RPC probe: ok
• Listening: 0.0.0.0:18789
• Probe target: ws://127.0.0.1:18789

C) Logs (minimal + relevant)

From %LOCALAPPDATA%\Temp\openclaw\openclaw-*.log (redacted):

• [ws] ws client ready
• [ws] reconnect (seen at least once)

(Other [ws] log lines about Feishu event subscription are present but not relevant.)

D) User intent / constraint

• I do not want to delete the main session to recover.
The UI should provide a safe fallback (e.g., sessions list / safe mode) when auto-restoring a corrupted session causes a freeze.

Impact and severity

Severity: High (UI becomes unusable)
• Impact:
• If the UI auto-restores a corrupted session (main), the entire Control UI tab can freeze and become unresponsive.
• Users may be unable to access session list / settings to repair or delete the problematic session.
• Workaround exists by directly opening another session URL (/chat?session=work), but this is non-obvious and fragile.

Additional information

Repro frequency: 100% when navigating to session=main (in this environment)
• Workaround:
• Directly open http://127.0.0.1:18789/chat?session=work (or any non-main session) → UI works.
• Clearing site data helps with auth/cache but does not prevent the main-session freeze once navigated.
• Suggestion:
• Implement safe fallback if a session fails to render (auto redirect to sessions list)
• Add a “safe mode” query param to disable session restore
• Provide session export/repair tooling when a session causes UI crash

[dsantoreis]

This is a session-data-dependent UI crash. When the Control UI opens and auto-navigates to session=main, it loads the full conversation history for that session. If the main session has a very large history, malformed message payloads, or tool-call artifacts that the Lit rendering engine cannot handle, the tab hangs before it can even render the error boundary.

The fact that other sessions (like work) load fine confirms this is not a general UI regression but specific to the main session data.

A few things to try:

1. Access the session list directly: navigate to http://127.0.0.1:18789/chat?view=home (note: view=home, not session=main). This should load the home/session list view without trying to render any session history.

2. Archive the problematic session: if you can get to the session list or use the CLI:

   openclaw session archive main

   This preserves the data but removes it from active rendering.

3. Check session size:

   wc -l ~/.openclaw/sessions/main/*.jsonl

   If the transcript is very large (50k+ lines), that alone could cause the render stall.

The underlying fix should be pagination/virtualization of the message list in the Control UI so a single large session cannot lock the renderer, but that would be a bigger change. For now the workaround is avoiding auto-restore into the problematic session.

[GMTekAI]

Did a source pass on this one and the report looks credible.

A few concrete findings from current UI code:

• This does not look like a simple “too much history” issue by itself. The chat view already caps rendered history to the last 200 messages in ui/src/ui/views/chat.ts.
• The grouped chat renderer also has explicit JSON auto-parse size caps in ui/src/ui/chat/grouped-render.ts, so there is already some defense against large malformed payloads freezing the renderer.
• I could not find any Control UI handling for a view=home query param. Tab selection is based on the pathname (/chat, /sessions, etc.), not ?view=..., so /chat?view=home&session=main still routes to chat for that session.
• The “forced back into main” part also matches current behavior:
  • / resolves to the chat tab in ui/src/ui/navigation.ts
  • sidebar navigation back to Chat intentionally resets to the main session in ui/src/ui/app-render.helpers.ts
  • there is even a browser test asserting that reset-to-main behavior in ui/src/ui/navigation.browser.test.ts
• At the same time, explicit ?session=<id> is respected on initial load in ui/src/ui/app-settings.ts, which lines up with the reporter’s workaround that direct /chat?session=work still works.

So my read is:

• there is likely a real session-specific crash/render problem in the main session data path
• but the UX/product bug is amplified by navigation behavior that keeps steering the user back into that broken session
• and ?view=home does not currently provide the kind of safe fallback the report expects

That makes the issue stronger than “just archive the session”: a safe fallback / skip-session-restore path seems justified even before the root session-data bug is fully understood.

[dsantoreis]

@GMTekAI Excellent pass, agreed with your read.

You are right on all key points:

• ?view=home is not a real escape hatch in current routing,
• history caps/parsing guards exist but do not prevent all session-specific crash paths,
• reset-to-main navigation behavior amplifies impact once main is in a bad state.

So I agree this should be treated as two linked bugs, not one:

1. root main-session render crash/data-path fault,
2. missing safe fallback when the default target session is unhealthy.

A practical mitigation track would be:

• add a session-load fail-open path (/sessions fallback when selected session throws),
• persist last-known-good session id instead of unconditional reset-to-main,
• expose a startup skipSessionRestore guard for Control UI.

That gives operators a deterministic escape path while the deeper renderer/data bug is triaged.

[zhangfnf]

I encountered the exact same issue where the UI silently freezes (no network requests, no console errors) when switching to the Main Session.

By removing the session .jsonl files one by one, I managed to isolate the culprit file. Upon analyzing it, I found that some JSON lines contained extremely large text payloads (e.g., tool outputs with tens of thousands of characters).

I tried manually deleting/truncating these massive text blocks, and the page instantly loaded without any freezing. Based on this, we can speculate that this is a frontend rendering issue. When the UI tries to synchronously parse and render these giant strings (especially through a Markdown parser), it likely overloads the main thread and locks up the page completely.

Temporary Workaround:
I wrote a quick Python script to scan the session files and hard-truncate any text fields exceeding a safe threshold (e.g., MAX_TEXT_LENGTH = 2000).

Here is the core logic I used to process the corrupted files:

# [Fix Point]: Directly access data["message"]["content"]
if data.get("type") == "message" and "message" in data:
    msg_body = data["message"]
    if "content" in msg_body and isinstance(msg_body["content"], list):
        for content_item in msg_body["content"]:
            # Check if it is a text type and contains the text field
            if content_item.get("type") == "text" and "text" in content_item:
                original_text = content_item["text"]
                
                # If the text length exceeds the threshold, execute truncation
                if isinstance(original_text, str) and len(original_text) > MAX_TEXT_LENGTH:
                    truncation_notice = f"\n\n...[🛡️ Text too long, truncated by script! Original length: {len(original_text)} chars]..."
                    content_item["text"] = original_text[:MAX_TEXT_LENGTH] + truncation_notice
                    modified_count += 1
                    print(f"  ✂️ Found huge text at line {line_num} ({len(original_text)} chars) -> Truncated")

For context, here is the execution log from just one of my problematic session files, showing how massive some of these payloads can get:

  ✂️ Found huge text at line 14 (5511 chars) -> Truncated
  ✂️ Found huge text at line 33 (15801 chars) -> Truncated
  ✂️ Found huge text at line 40 (20295 chars) -> Truncated
  ✂️ Found huge text at line 54 (4918 chars) -> Truncated
  ✂️ Found huge text at line 55 (6549 chars) -> Truncated
  ✂️ Found huge text at line 60 (9593 chars) -> Truncated
  ✂️ Found huge text at line 61 (6082 chars) -> Truncated
  ✂️ Found huge text at line 63 (31212 chars) -> Truncated
  ✂️ Found huge text at line 65 (16332 chars) -> Truncated

Hopefully, this helps anyone else stuck on this, and points the maintainers toward a frontend optimization (like collapsing long texts or bypassing Markdown parsing for giant payloads)!

[dsantoreis]

@zhangfnf — excellent isolation work. The JSONL payload sizes you found (31k chars in a single content item) confirm the root cause: the frontend Markdown parser hits synchronous main-thread lock when it tries to render these in a single pass.

The Python truncation script is a good emergency workaround. For the permanent fix, the frontend should:

1. Virtualize long message content — only render the visible portion of large text blocks, not the entire string at once
2. Lazy-parse Markdown — defer or skip Markdown parsing for content above a threshold (e.g. 10k chars), rendering as plain preformatted text instead
3. Stream-render on hydration — instead of parsing all session JSONL on load, stream/chunk the rendering to avoid single-frame lock

The Python script you shared is also useful as a one-time session repair tool for affected users. Worth linking from the issue description or a pinned comment.

[zhangfnf]

Root Cause Analysis: ReDoS in marked.js Triggered by Backend Truncation

I investigated the silent UI freeze (where the page hangs permanently with no network or console errors when loading the Main Session) and isolated the root cause to a Catastrophic Backtracking (ReDoS) vulnerability in marked.js, which is triggered by the backend's message truncation logic.

The Call Chain & Failure Point

Here is the lifecycle of the payload that causes the main thread to lock:

1. User loads the session.
2. gateway: readSessionMessages() (session-utils.fs.ts:74) -> Reads the .jsonl file.
3. gateway: sanitizeChatHistoryMessages() (chat.ts) -> [Catalyst] Truncates message text to 12K characters.
4. Payload is pushed to the frontend via WebSocket.
5. UI: extractTextCached() (message-extract.ts:85).
6. UI: toSanitizedMarkdownHtml() (markdown.ts:110) -> Entry point for markdown rendering.
7. truncateText(input, 140_000) (markdown.ts:122).
8. The frontend has a MARKDOWN_PARSE_LIMIT of 40K. Since the 12K payload is well under 40K, it bypasses the safe plain-text fallback branch.
9. marked.parse(text, {gfm, breaks}) (markdown.ts:139) -> Permanent hang.

The Core Mechanism

The backend's 12K limit arbitrarily slices the raw text. If the original text contains code blocks (e.g., dense JSONL logs), this blunt truncation frequently leaves behind an odd number of triple backticks (`````).

When marked.js attempts to parse this unclosed fenced code block—especially when the remaining text is densely packed with brackets [ ] and JSON artifacts—it fails to find the closing tag and falls into an exponential regex backtracking loop.

(Note: I previously used a local script to manually delete these large payloads to unfreeze the UI and verify the cause, but focusing on the actual code fix here).

Proposed Solutions

I'd like to get the maintainers' thoughts on the preferred architectural path to fix this:

Option 1: Smart pre-processing / Stricter limits
Implement a quick regex check to balance backticks before parsing (if (count % 2 !== 0) text += '\n```';). Alternatively, significantly lower the MARKDOWN_PARSE_LIMIT from 40K to a safer threshold (e.g., 5K) so these truncated logs naturally fall back to plain text.

Option 2: Replace the parser
Migrate from marked.js to an AST-based parser like markdown-it. Since it uses a state machine instead of pure regex, it is inherently immune to this specific ReDoS vulnerability and handles unclosed tags gracefully.

[dsantoreis]

@zhangfnf — this is the definitive root cause. The combination of:

• backend 12K truncation slicing mid-fenced-code-block
• frontend MARKDOWN_PARSE_LIMIT=40K being well above the 12K payload (so no fallback)
• marked.js catastrophic backtracking on unclosed fences with dense [ / JSON content

...creates a deterministic hang that's hard to detect because the page appears loaded with no network or console errors.

Preferred fix path: Option 1b (lower the limit) + Option 1a (balance backticks), in that order:

1. Immediate: Lower MARKDOWN_PARSE_LIMIT from 40K to ~5K. This catches most real-world truncation artifacts without changing the parser. Pure threshold change, low risk.

2. Proper: Add a pre-parse backtick-balance guard:

   // Before calling marked.parse():
   const backtickCount = (text.match(/```/g) ?? []).length;
   if (backtickCount % 2 !== 0) text += '\n```';

   This is cheap, idempotent, and directly targets the exact failure mode.

3. Long-term: Migrate to markdown-it (Option 2). The state-machine approach is the right architectural fix, but higher effort and should follow the quick patches.

The backend truncation point (sanitizeChatHistoryMessages in chat.ts) should also be fixed to truncate at a code-block boundary rather than raw character count — but that's a separate PR from the frontend ReDoS fix.

[zhangfnf]

@dsantoreis Thanks for the thorough analysis.

I went directly with the markdown-it migration (#46707) rather than the incremental path. A few reasons:

1. The backtick-balance guard doesn't target the actual failure mode. The real trigger is double-escaped JSONL (\\n) where ``` never forms fenced code blocks — they stay as unmatched inline backtick tokens. The catastrophic backtracking happens in marked's inline tokenizer when it sees many unmatched backticks interleaved with [] brackets, so appending a closing fence wouldn't help.

2. Synthetic patterns failed to reproduce the hang. I tried many minimal backtick + bracket combinations — none triggered the exponential backtracking. Only a desensitized real session extract reliably triggered it, making any heuristic guard hard to validate.

3. Lowering MARKDOWN_PARSE_LIMIT to ~5K would degrade normal content. Assistant responses of 5–15K are common and would lose markdown rendering (tables, code highlighting, links).

4. The migration was lower effort than expected. 4 files changed, all 8066 tests passing. markdown-it processes the same poison input in <9ms where marked hangs indefinitely.

Given that the implementation effort was comparable, going straight to the parser swap felt like the most pragmatic path — it addresses this issue and removes the broader ReDoS surface without needing to tune thresholds or maintain pre-parse guards.

[smallmj]

Related: Large Text Input Causes Gateway Freeze

I'm experiencing the same issue but via channel inputs (Feishu/DingTalk/Telegram):

Steps to Reproduce

1. Send a long text (2KB+) via any channel
2. Gateway becomes completely unresponsive
3. All channels freeze - no responses
4. Requires manual Gateway restart

Environment

• OpenClaw: 2026.3.13
• Model: MiniMax M2.5-highspeed
• contextTokens: 150k

This seems related to issue #7725. Is there a fix or workaround?

---

Feedback from user

[steipete]

Closing this as implemented after Codex review.

Current main already contains the reported Control UI freeze fix for chat/session markdown rendering. The chat markdown path now uses markdown-it instead of marked, there is a targeted regression test for the backtick+bracket ReDoS pattern described in the issue, and the changelog records that fix under release 2026.4.14 via PR #46707.

What I checked:

• Current chat markdown renderer no longer uses marked.js: ui/src/ui/markdown.ts:2-3 imports markdown-it, and ui/src/ui/markdown.ts:153-157 constructs the shared MarkdownIt renderer used by toSanitizedMarkdownHtml at ui/src/ui/markdown.ts:477-517. This is the chat/session render path implicated by the freeze report. (ui/src/ui/markdown.ts:2, 028b6c9b13c9)
• Regression test covers the reported poison pattern: ui/src/ui/markdown.test.ts:441-467 adds does not hang on backtick + bracket ReDoS pattern and asserts render completes in under 500ms for a payload shaped like escaped session/tool-result markdown, matching the issue's session-specific freeze mechanism. (ui/src/ui/markdown.test.ts:441, 028b6c9b13c9)
• Release notes explicitly record the fix: CHANGELOG.md:694 says: UI/chat: replace marked.js with markdown-it so maliciously crafted markdown can no longer freeze the Control UI via ReDoS. (#46707) under the ## 2026.4.14 section. (CHANGELOG.md:694, 028b6c9b13c9)
• Fix is shipped in the latest release snapshot too: Inspecting release commit 00bd2cf7a376f1fba26291c6c4766f1f15cbdfa5 shows the same markdown-it chat renderer and the same ReDoS regression test already present there, so this is not only on unreleased main. (ui/src/ui/markdown.ts:2, 00bd2cf7a376)
• Checkout remained clean: Read-only inspection only; git diff --stat --exit-code returned clean after review. (028b6c9b13c9)

So I’m closing this as already implemented rather than keeping a duplicate issue open.

Review notes: reviewed against 028b6c9b13c9; fix evidence: release v2026.4.14.