Issue metadata
Sign in to add a comment
|
How to crash chrome with one line of javascript...
Reported by
mamek...@googlemail.com,
Jul 22
|
||||||||||||||||||||||||
Issue description
UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
Steps to reproduce the problem:
1. Open developer console
2. enter text of step 3:
3. "function(_inventoryOxydObject,_initiatorOxydObject=null,_trueInsertFalseRemove=true){".replace(/((\W)((\w+[^\.])+)\.ArrayindexOf\(?(([^\)]+)))/gm,"$2Array.IndexOf($5,$4");
What is the expected behavior?
to get the result of the statement and not to have to kill the chrome process because chrome freeze
What went wrong?
chrome tab freeze
Did this work before? N/A
Chrome version: 67.0.3396.99 Channel: stable
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version:
,
Jul 23
Not really crashing is it? The dev console becomes unresponsive and I can't enter anything else.
,
Jul 28
>>> Not really crashing is it? yes, the tab-content freezed if this was called in a web page. but the only way to stop it, is to kill the complete chrome process via task manager.
,
Jul 31
I guess this is the already, well known limitation of the regexp engine?
,
Jul 31
Upps, the same problem in firefox. But on this page https://regex101.com/ it works with the same input string. I never hear about a limitation, where I can get information about it? And there is no way to catch it with a try catch statement :-(
,
Aug 1
Another instance of catastrophic backtracking (you'll find info about this on the web). A smaller repro of similar form:
/(\w+[^.])+%/.exec("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
Currently, the only possible fix is to write a more efficient regexp.
,
Aug 1
|
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by krajshree@chromium.org
, Jul 22