Open Bug 1839630 Opened 2 years ago Updated 10 months ago

Expose irregexp backtrack limit

Categories

(Core :: JavaScript Engine, task, P3)

Product:
Core
Component:
JavaScript Engine
Type:
task

Tracking

()

People

(Reporter: vhilla, Unassigned)

References

(Blocks 2 open bugs)

Details

Certain regexp can hang a tab through catastrophic backtracking, see Bug 1837772.
Irregexp introduced a backtrack limit to counter this problem in Chromium (see here) which we might use to fix the problem in Gecko too.

Blocks: 1837772
Blocks: sm-meta
Severity: -- → N/A
Priority: -- → P3

Hello Will, this bug blocks us from fixing a wpt failure to interop-2023. So I am bringing this to your radar and see if this could be something reasonable for your team's H2 roadmap. Thank you.

Flags: needinfo?(wmedina)
Flags: needinfo?(wmedina) → needinfo?(iireland)

This would be pretty straightforward. The regexp interpreter should already support this limit, so we would just need to patch SMRegExpMacroAssembler to impose the limit in compiled regexps (here is V8's patch; ours would be smaller, because we have one implementation shared across architectures) and then expose it via the public API.

How would you be intending to use this? What should the API that we expose to Gecko look like?

Flags: needinfo?(iireland) → needinfo?(vhilla)

For bug 1837772, I want to apply the limit in nsContentUtils::IsPatternMatching here, i.e. when calling JS::NewUCRegExpObject or JS::ExecuteRegExpNoStatics. So a function parameter, setter function or something in RegExpFlags would work.

Though I noticed that a backtracking limit is not part of the spec. I'll consider whether this should be changed and can update you next week on that, as that might also define how the API should look.

I filed a spec issue and we believe its best to wait to wait for a decision there.

Flags: needinfo?(vhilla)
No longer blocks: sm-meta
You need to log in before you can comment on or make changes to this bug.