From: Eric Wong Date: 2021-05-05T05:28:14+00:00 Subject: [ruby-core:103730] Re: [Ruby master Feature#17837] Add support for Regexp timeouts sam.saffron@gmail.com wrote: > Feature #17837: Add support for Regexp timeouts > https://bugs.ruby-lang.org/issues/17837 > I recommend against a "per Regexp" API as this decision is at > the application level. You want to apply it to all regular > expressions in all the gems you are consuming. The syscall costs are higher nowadays and this will penalize good regexps. IME with unicorn, global timeouts of this type means problems go unfixed for too long and fester into worse problems. Ultimately many Ruby problems come from tolerating excessively deep/complex dependency stacks(*) and developers having too much crap to manage. Anecdotally, my experience with Perl5 RE is better than with Onig*. I know Perl5 has the same underlying problems as Onig*, however Perl5 RE seems less bad in practice. Again, Perl5 RE does have underlying problems, but they don't manifest nearly as much as they do with Ruby (I've as much or more Perl experience than I have in Ruby). One example I remember off the top of my head is [ruby-core:74030]. I just tested that again after 5 years: Ruby still infinite loops; Perl still terminates as it should. Your example translated to Perl5 also stops fine for me: ("A" . "C" x 100 . "X") =~ /A(B|C+)+D/; Onig* might be able to learn a thing or three from Perl5 when it comes to common real-world cases. Again, I know Perl5 RE has underlying problems just like Onig*, they do not manifest as easily. (*) and I apologize for letting crap like unicorn become too popular and perpetuating the existence of of buggy/broken code; I'll try to find more time to scare users away from it. > I recommend against a move to RE2 at the moment as way too > much would break RE2 could be done gradually, like frozen strings: %re2[foo] Or a magic comment: "# regexp-engine: re2" Perl supports pluggable re::engine since 2007, so more things Ruby can learn from Perl :> ``` Unsubscribe: