Issue #15237 has been updated by bannable (Joe Truba).


This seems to have been fixed in r65190.

~~~
$ ./ruby --version
ruby 2.6.0dev (2018-10-24 trunk 65355) [x86_64-linux]
$ ./ruby -e '-888888888888888i**88888888888888'
-e:1: warning: in a**b, b may be too big
$
~~~

----------------------------------------
Bug #15237: Extreme memory/CPU utilization when calculating some exponents
https://bugs.ruby-lang.org/issues/15237#change-74604

* Author: bannable (Joe Truba)
* Status: Rejected
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: ruby 2.6.0dev (2018-10-16 trunk 65097) [x86_64-linux]
* Backport: 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN
----------------------------------------
During a recent fuzzing session, AFL identified a simple input which causes extreme memory and CPU utilization when processing certain exponentiation operations.

When running ruby against the reproducer below, ruby will consume 100% of available CPU and allocate continually larger portions of memory. I'm not actually sure if this exits or not -- so far I've let it run for up to 10 minutes and it hasn't exited. My rubies are compiled with jemalloc, so I expect that the memory allocations would be significantly larger for rubies compiled without.

Reproducer:
~~~
jtruba@dev118:~/rubies/ruby-trunk$ cat ../repro
-888888888888888i**88888888888888
jtruba@dev118:~/rubies/ruby-trunk$ xxd ../repro
00000000: 2d38 3838 3838 3838 3838 3838 3838 3838  -888888888888888
00000010: 692a 2a38 3838 3838 3838 3838 3838 3838  i**8888888888888
00000020: 380a                                     8.
~~~

Memory usage over time:
~~~
jtruba@dev118:~/rubies/ruby-trunk$ while true; do ps ef -o command,vsize,rss,%mem,size | grep "[r]epro"; sleep 5; done
 \_ ./ruby ../repro MODULE_ 188100 90504  0.1 156108
 \_ ./ruby ../repro MODULE_ 794308 488896  0.7 762316
 \_ ./ruby ../repro MODULE_ 1310404 546368  0.8 1278412
 \_ ./ruby ../repro MODULE_ 1625796 852828  1.3 1593804
 \_ ./ruby ../repro MODULE_ 2301636 1342196  2.0 2269644
 \_ ./ruby ../repro MODULE_ 2989764 1945696  3.0 2957772
 \_ ./ruby ../repro MODULE_ 2989764 1374148  2.1 2957772
# 1G rss, 1.5G vsize at 2m30s
 \_ ./ruby ../repro MODULE_ 15072964 10132860 15.7 15040972
~~~



-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>