Hello,
By using a specific regExp query, I am able to cause 100% cpu for a long time.
I would expect the internal Lucene regExp engine to limit the execution after short period. But unfortunately, it doesn’t.
Is there any way to overcome this?
If not, can it be fixed in next version?
I think Open Search must protect itself - and us the developers - in this case.
Here is how to reproduce it (opendistro 1.12):
POST regexp-test1/_doc/test01
{
"stringvalue" : "aaaaaaaaaaaaaaaaaaaaaaaaaasssssssssssssssssssssssssssssss"
}
GET regexp-test1/_search
{
"query": {
"regexp": {
"stringvalue": {
"value": "(.*a){2000}"
}
}
}
}
GET /_nodes/stats/process
{
"_nodes" : {
"total" : 2,
"successful" : 2,
"failed" : 0
},
"cluster_name" : "odfe-cluster",
"nodes" : {
"BlLGbL6ZQEOtI-Aj3jaXMg" : {
"timestamp" : 1620681797816,
"name" : "odfe-node2",
"transport_address" : "172.21.0.4:9300",
"host" : "172.21.0.4",
"ip" : "172.21.0.4:9300",
"roles" : [
"data",
"ingest",
"master",
"remote_cluster_client"
],
"process" : {
"timestamp" : 1620681797816,
"open_file_descriptors" : 639,
"max_file_descriptors" : 65536,
"cpu" : {
**"percent" : 25,**
"total_in_millis" : 6514870
},
"mem" : {
"total_virtual_in_bytes" : 5553577984
}
}
},
Thank you,
Ori.