+++ This bug was initially created as a clone of Bug #998785 +++ Browser hang up when evaluete the following regular expression. /<([\w\:]+)((?:[\s\w:=]+|'[^']*'|"[^"]*")*)(?:\/>|>([\d,]*)<\/[^>]+>)/g.test("<rdf:Description rdf:about=\"\" xmlns:test=\"http://test.com/pdf/1.3/\">2,<t>3,</t></rdf:Description>") Steps To Reproduce: 1. Open "Error Console" (devtools.errorconsole.enabled = true), OR "Browser Console" 2. Evaluate the above code. Actual Results: Browser hang up Expected Results: Browser should not hang up.

This isn't related to the Yarr issues: it only happens in builds from after the switch to V8's irregexp engine. Additionally, executing the same code in the Chrome devtools also causes a hang of the content process, so it seems to happen inside irregexp itself. Reported upstream at https://code.google.com/p/v8/issues/detail?id=3349.

I guess the ilooping here is an irregexp bug but we shouldn't be hanging. The attached patch checks the interrupt flag on the runtime when backtracking in irregexp, as is done by v8.

I'm guessing this would impact a small segment of users had this not been fixed. I'm comfortable not tracking this.

FWIW, dougt actually hit this problem in the wild, albeit on a site somebody posted as an example of browsers taking up a ridiculous amount of CPU.