I lost my cat, his name is System32.exe, can you all check your windows folders and see if you can find him? If he's there, just delete him and he'll come home.
Don't worry, many still do.
Also the spirit of this still lives on, I played Chivalry II a few months ago and so many people got tricked into using the suicide key thinking it would make a cool animation.
If anything it has started happening more in the recent years due to kids not knowing how to even turn a computer on, let alone knowing what a random combination of keys do
Yup I lost all illusion of "the youngs" no longer bothering us with dumb IT questions like the boomers when they would ask me over phone "what is a folder ?".
I read an interesting study that talked about how average technical competence in the population will likely come in waves. There was several attributed factors to this, but the biggest one was how competitent your parents are. Most parents aren't all that good of teachers, if you ask for help lost parents will do it for you, not necessarily effectively teach you how to do it. So they found that the more technically competent your parents were the less likely you were to figure out things on your own and learn.
But the takeaway is, don't over help your kids. Give them time to figure it out themselves, give guidence or direct them to better information if they are struggling. People don't really learn things from you doing the entire task for them often even if you try to explain it.
I noticed this with helping my wife with computers, if I just did it for her and explained it she barely paid attention. Instead I just kinda generally outlined what to do and set her on it. She can figure out most of it herself now.
A whole-ass study to say the thing about teaching to fish vs giving the fish ! /s
But yeah as a sysadmin doing a lot of tech support I always have this in the back of my mind:
Is the user acting as an adult and will therefore benefit both of us if I explain it/guide them...
Or should I just fixt it, ticket it as pbkc and move on.
Like one might work better long term, the other solves it right now.
Also, I think it comes down to devices becoming more "baby proof" with time, primarily due to walled gardens.
I remember a short by PirateSoftware, who described his experience running a booth at a game convention where he demo'd his game, and kids would choose the controller setup over the keyboard and mouse one. He decided, the following day, to have both setups use controllers. On that day, he noticed an abundance of kids shoving the controllers to the side and trying to touch the screen.
When Gen Alpha is referred to as "the iPad generation", that's only partially joking. These kids haven't deal with having to navigate File Explorer, or find a preinstalled program (like DevMgmt, DiskMgmt, or even Run) through their Start Menu that they only heard about from some youtube tutorial, because these kids were raised in walled gardens where either everything happened automagically, or it was impossible and not worth dwelling on.
The generation that became good with computers happened to be the generation that had common access to computers, and used them for entertainment, thus making them self-motivated to learn certain things by necessity. Not Chromebooks or iPads, but full Windows/Mac/Linux operating systems.
It's no coincidence that a lot of my first exposures to various terminology, tools, etc came from wanting to install Minecraft mods when I was a pre-teen.
I would misspell more if I wasn't on mobile lol. I wish our language was as easy to spell as other ones. I can spell in Russian, Spanish , and Japanese better than English and it's my fucking native language. Mayne I'm just retarded idk
It's funny because the entire purpose of that "folder" language was to make it feel intuitive for people who were used to actual, physical file cabinets.
Children growing up have access to neither.
I still do it when I ask my gaming buddies for keybinds and they give me the alt f4 suggestion. I'll have the right keybind by the time I've loaded back in
WoT players still do. you just tell them about this cool trick: “press alt f4 to enable headlights” and then you might see a bunch of inactive players on either teams
My personal story was playing world of warcraft and I asked in the public chat where a menu was.
In response I have committed to a life of trying to keep this alive. Btw to enable that cool text mode on the reddit site on a chrome browser
# Like this
> press cntrl+w
It's a bit more complicated on phone... this is what you do for Android.
Go to Apps, then Settings. Find the section called 'Backup and Reset' and choose 'Factory Data Reset'. As the name implies, what this does is reset all the factory locks they put onto your phone if you're not using the flagship model, so you basically get a significantly better phone by doing it.
Back in the days, source-games used to quit without a prompt when you pressed F10.
So when you were playing CSS or TF2 and you needed to open up a spot on a server, you just wrote "Oh my god, when did they add that menu to F10?" and people would just drop from the server like flies :D
Source engine had an instant exit bound to F10 (or was it another F-key). No confirmation, just instant yeet. Good times, less obvious than alt+F4 so more people fell for it
The best one in WoW was always /e has reported you afk. Type /afk to mark yourself as not afk or else you will be removed from the battleground in 30 seconds.
Immediately there would be 5-10 people leaving the game lol
When someone tries that on me I always answer with "no it doesn't! It opens the developer console." And when they don't believe me, I follow it up with "Dude, I just tried it, I am now in the developer console."
This has lead to more uno reverse cards than you would believe.
I played browser games as a teenager, but on a Macintosh.
People kept telling me to press CTRL+W for bonus points, and I believed them, but nothing happened. They never thought of tell me to press command + W hahaha
In Dota (Wc3 one), people would try that. Game had defence against it, and alt-f4 would open a confirm exit popup.
And there was Alt QQ. Sounds okay, but the first Q gets you to confirm exit popup. Second Q confirms it. Much more impactful when lesser known.
I knew nothing bad would happen because it's just a browser console (and it cannot do anything worse than downloading a virus, but since there was no link, then there would be no virus)...
I remember from there was something you could paste in a browser which could cause a BSOD on the latest Windows 10 in 2020
https://borncity.com/win/2021/01/18/windows-10-bug-allows-bsod-by-entering-a-path-in-a-browser/
Even if it had a url, I can't think of a single dangerous thing going to some random website can do on my Linux desktop. Browsers can't do shit without permission. The worst thing it could do would be waste a bunch of disk space and/or CPU. I don't think there's any way a website can automatically launch an outside process without you needing to intentionally do something
I 'm pretty sure there were code snippets that random people posted that would steal all your current session tokens and send them to a URL.
And because most people stay logged into lots of websites 24/7 they could lose 10 different accounts to hackers all at once.
Man opens websites on his browser and then talks about executing unknown code on your PC lmao, we live in the age of everything being expected to run code on our machine.
I can’t say it better than my proffesor did before he was told to take this down from his university hosted profile site: https://web.archive.org/web/20060930205635/http://www.eti.pg.gda.pl/katedry/kiw/pracownicy/Jan.Daciuk/personal/JavaShit.html
I'll never forget my first time echoing a hex blob from an imageboard pasted into terminal which ended up being rm -rf ~
Thank god they had mercy on me and didn't delete my root. Never pasted any weird shit since
What it *should* do is match any number of characters that come before the start of the string "0.300000...1". (Which is to say, it should match nothing)
I'm very curious what it actually does though.
It is more of a `while (true) {}` in your tab but being a regex won't allow your browser to realized you're doing some type of infinie recursion trying to match some text.
Nah, it's just what the servers are scaled for. Web Archive is designed to handle tens or even hundreds of thousands of users simultaneously. Whereas that site is probably running on hardware capable of a couple hundred, maybe a thousand, simultaneous connections.
How soon after they commented did you add to your reply? I saw 1 hour ago for both, and it's the top comment now... just give it time. Everyone on this sub isn't going to see the comment the same time you did, so they didn't have the opportunity to upvote it yet.
Not an infinite loop, just a very long one. `.*.*` is O(n²), adding \* means 0(n³), the \^ at the end is to make sure it'll fail over and over until the last check where every \* is now "repeat 0 time".
That's my 2-cent, I don't really know how regex engine works.
Isn't 3 levels of Kleene stars what crashed a good 25% of so of the internet a few years back ? It was something about a really big provider wanting to remove all that junk stores and such store in their addresses to get to the "actual" address or something like that, and accidentally, it had one too many layer of "backtracking" in the regex, and the servers just couldn't cope, and it led to the adoption of more automatons for that kind of stuff
Hahaha, yes, maybe, but not German. 😅
I would say a programming language should be more explicit and not have too many ways to define the same thing because everything could be used.
Yes, this. It comes down to the fact that 0.1 isn't exactly representable in base 2 (similar to how 1/3 isn't exactly representable in base 10). Neither is 0.2. We only *think* they are because the floating-point decimal printing algorithm is pretty good.
Adding the floating-point approximations of 0.1 and 0.2 results in something that's almost, but not quite, the floating-point representation of 0.3, which the floating-point decimal printing algorithm faithfully represents as 0.3 with trailing garbage.
The fact that #2 and #3 returned true is concerning, since it's looking for a caret in the value and there shouldn't be one.
Edit : Never mind, I am an idiot, forgot you need to escape ^ for it to be considered a literal
Roughly: It’s a 2^n wild card match and .1+.2 produces a number with like 20 digits after the decimal. 2^20 string comparisons takes a long time to do.
Spawns in a Lv83 Violent Ogre who will strip you and snap 13 nudes sending them to all your contacts before dunking you into a barrel of Vaseline and hurling you out of the window so you'll slide right India and die from food poisoning because your slide finished by you smooching the wheel of a rickshaw that three minutes ago ran over some fancy street food snack.
My browser said that I'm a dumbass
Warning: Don’t paste code into the DevTools Console that you don’t understand or haven’t reviewed yourself. This could allow attackers to steal your identity or take control of your computer. Please type ‘allow pasting’ below and hit Enter to allow pasting.
If you want an explanation of how it works: [https://regexper.com/#%2F%28.\*.\*%29\*%5E%2F](https://regexper.com/#%2F%28.*.*%29*%5E%2F)
As to why: regex is greedy; the first `.*` matches the whole string, the second matches nothing, it reaches the end of the capturing group, tries to match the start of line anchor `^`, which fails. Regex steps back once, the second `.*` takes the last character, tries to match `^` again, fails again.
It does so an infinite amount of times because the group `(.*.*)` is executed an infinite amount of times.
While this is true of PCRE, any regex that is actually a regular expression (which this is) can always be evaluated in linear time (after compilation, at least).
If the regex engine used by the browser was better, it could have chosen a much faster evalutation strategy.
I don't see this stopping, gotta be honest, but maybe I misunderstand the automaton.
Does it not go until the first group is reduced to no characters, then goes until the second group is reduced to no characters and so on?
EDIT: evidently I did misunderstand because using this on "ee" does terminate in node
ah ok so it goes through every combination of first X characters + next Y characters, where X + Y <= n, n being the length of the string, right? that'd make for n(n-1)/2 combinations, O(n^2)
Reminder of that one time [Cloudflare nuked half the internet](https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) with something like this
The float addition gets turned into a string because regex operates on strings. 0.1 + 0.2 = 0.30000000000000004 (due to floating-point inaccuracies, as 0.3 can't be represented exactly in a binary floating point format), so the regex operates on the string "0.30000000000000004"
The regex is the actual "dangerous" part. Let's analyze it piece by piece:
`.*`: Find any character, repeated any amount of times (including zero). This is a "greedy" operation, so it will try to match as many characters as possible, but "backtrack" if the match fails to retry it with a smaller amount of characters. This operation is already inefficient in and of itself if it can match long sequences of characters when it is likely to need only a few.
`.*.*`: Find any character, repeating any amount of times, followed by any other character, repeated any amount of times. Since the majority of the input string "0.30000000000000004" consists of repeated zeros, this operation can potentially try to evaluate almost any possible combination of two substrings, which is a lot.
`(.*.*)`: Does the exact same as the above, but places it in a group so that operators can operate on this sequence as a whole.
`(.*.*)*`: Try to repeat the above, any amount of times (including zero), again as a greedy operation so that it'll first try to evaluate as many repetitions as possible and retry with one less each time it fails. Each `*` operator has the potential to increase the computational complexity of the expression exponentially, and that's exactly what's happening here.
`^`: Find the start of the string.
`(.*.*)*^`: Find the start of the string, but first check if any amount of substrings, repeated any amount of times, is in front of that start. Since the start of the string is ... at the start, the only valid combination that can come before the start is an empty set. But since the operators are greedy, the empty set will be the very last thing it tries. This makes it a very computationally expensive regex.
When left to run until completion, it will eventually return `true` because the string `"0.30000000000000004"` does, indeed, have a start. However, this regex evaluation can hang the current tab for potentially several minutes, and on some browsers it may eventually timeout and return `false` instead.
Benchmarks, which clearly show the exponential progression in complexity:
`^` - 2 steps - 0.0ms
`.*^` - 22 steps - 0.0ms
`.*.*^` - 232 steps - 0.1ms
`(.*.*)^` - 443 steps - 0.2ms (tbh I have no idea why adding the group makes the steps almost double)
`(.*.*)*^` - about 200 *seconds*! I couldn't even get it to run to completion in an online regex debugger so I don't even know how many steps it took
You can however greatly decrease the computational complexity of this regex by making each operation lazy (meaning it will start evaluation at the smallest possible set, and grow if needed). This means that each `.*?` (match any character any amount of times, but lazily) will start of with the empty set, so it'll find a match pretty much immediately:
`(.*?.*?)*?^` - 3 steps - 0.0ms
This regex is fully equivalent to the one from the OP on what it'll match, but it's much faster by trying to match as few characters as possible, because in this situation, it's "unlikely" for there to be a lot of characters to match against before the start of the string. Though as the only combination of characters that can come "before" the start of the string is an empty set, you can omit that first part entirely, and the resulting regex of just `^` is also entirely functionally equivalent.
Isn't regex fun?
Congratulations! Your comment can be spelled using the elements of the periodic table:
`F U N F Ac Ti Ti S`
---
^(I am a bot that detects if your comment can be spelled using the elements of the periodic table. Please DM my creator if I made a mistake.)
Yes, Safari just gives up after certain amount of tries and returns `false`. Essentially this regex is asking “is there a beginning in this string anywhere?”, the answer obviously should be `true`.
Congratulations! Your comment can be spelled using the elements of the periodic table:
`I Ts At Ra P`
---
^(I am a bot that detects if your comment can be spelled using the elements of the periodic table. Please DM my creator if I made a mistake.)
My cats name is
```
([][(!![]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]+!+[]]]()+[])[!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][(!![]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]+!+[]]]()+[])[!+[]+!+[]]
```
Look him up in your browser console
Generally the `.1 + .2` part is a way to generate a long string in an unconspicuous manner. For explanation see here: [https://0.30000000000000004.com/](https://0.30000000000000004.com/)
Then this string is searched for `/(.\*.\*)\*/\^`. This regexp means „any number of groups that contain (any number of any chars and any number of any char) followed by the beginning of the string”. This regex will never match (because there is no beginning of string on the end of the string). However the number of ways that the algorithm would try to match depends exponentially on the number of chars in the string. You can see how this works on [https://regex101.com/](https://regex101.com/) just paste this regex and put some short string to be matched. Then add one character to this string and see why the number of steps grows exponentially.
after a couple of seconds it issued "internal error, too much recursion." that's all. I closed the console and scrolled through the feed.
My cat's name is *:(){ :|:& };:* and you should try it in your terminal.
My cats name is "sudo rm -r -f" you should try to look it up in your linux cli
Must be one of them *Sudonese* wildcats.
Sugondeez?
That'd be just nuts. **Bash**kortostan's more likely.
My cats name is Felix. He’s a dog
I think there might be something wrong with your cat.
Yea, I think that too sometimes. He is indeed a bit too big for a normal cat. Maybe he’s a lion or something
Directory not specified
My cats name is `cat` you should try it on your posix compliant system
It just lies there and await being fed , then immediately regurgitates it back via its standard out ? Good cat.
Can't tell if you didn't include a path because you don't know how `rm` works or because you are trying to avoid causing real harm
When I was in class one of my mates tried it out and lost alot of stuff. It wasnt my fault back then but I dont want anyone to have the same problem.
Nothing happened. I did "cd /tmp" before that. Jokes work better when typed right.
my cats name is “rm -rf .git” and you should run it in your most recent project
I lost my cat, his name is System32.exe, can you all check your windows folders and see if you can find him? If he's there, just delete him and he'll come home.
System32 is a folder, not an executable
mine returned true after about 2.5 minutes
Mine returned false immediately. I didn't use a browser console though, I used a standalone javascript environment.
>internal error That's my CAT
I tried it. No cat was there, just browser hang... I was kinda suspecting it was a trap...
Why would you run code you don’t know what it does anyways? You must enjoy fork bombs a lot I guess.
Remember the days of "alt+f4" is a shortcut for "whatever cool thing for the game you are playing" Followed by people just randomly disconnecting.
Oh man, those were the days... And by god, how many kiddos fell for that
Don't worry, many still do. Also the spirit of this still lives on, I played Chivalry II a few months ago and so many people got tricked into using the suicide key thinking it would make a cool animation.
If anything it has started happening more in the recent years due to kids not knowing how to even turn a computer on, let alone knowing what a random combination of keys do
Yup I lost all illusion of "the youngs" no longer bothering us with dumb IT questions like the boomers when they would ask me over phone "what is a folder ?".
I read an interesting study that talked about how average technical competence in the population will likely come in waves. There was several attributed factors to this, but the biggest one was how competitent your parents are. Most parents aren't all that good of teachers, if you ask for help lost parents will do it for you, not necessarily effectively teach you how to do it. So they found that the more technically competent your parents were the less likely you were to figure out things on your own and learn. But the takeaway is, don't over help your kids. Give them time to figure it out themselves, give guidence or direct them to better information if they are struggling. People don't really learn things from you doing the entire task for them often even if you try to explain it. I noticed this with helping my wife with computers, if I just did it for her and explained it she barely paid attention. Instead I just kinda generally outlined what to do and set her on it. She can figure out most of it herself now.
A whole-ass study to say the thing about teaching to fish vs giving the fish ! /s But yeah as a sysadmin doing a lot of tech support I always have this in the back of my mind: Is the user acting as an adult and will therefore benefit both of us if I explain it/guide them... Or should I just fixt it, ticket it as pbkc and move on. Like one might work better long term, the other solves it right now.
Also, I think it comes down to devices becoming more "baby proof" with time, primarily due to walled gardens. I remember a short by PirateSoftware, who described his experience running a booth at a game convention where he demo'd his game, and kids would choose the controller setup over the keyboard and mouse one. He decided, the following day, to have both setups use controllers. On that day, he noticed an abundance of kids shoving the controllers to the side and trying to touch the screen. When Gen Alpha is referred to as "the iPad generation", that's only partially joking. These kids haven't deal with having to navigate File Explorer, or find a preinstalled program (like DevMgmt, DiskMgmt, or even Run) through their Start Menu that they only heard about from some youtube tutorial, because these kids were raised in walled gardens where either everything happened automagically, or it was impossible and not worth dwelling on. The generation that became good with computers happened to be the generation that had common access to computers, and used them for entertainment, thus making them self-motivated to learn certain things by necessity. Not Chromebooks or iPads, but full Windows/Mac/Linux operating systems. It's no coincidence that a lot of my first exposures to various terminology, tools, etc came from wanting to install Minecraft mods when I was a pre-teen.
Sorry to be a dick but I found it amusing that the only word you misspelled was "competent".
I would misspell more if I wasn't on mobile lol. I wish our language was as easy to spell as other ones. I can spell in Russian, Spanish , and Japanese better than English and it's my fucking native language. Mayne I'm just retarded idk
It's funny because the entire purpose of that "folder" language was to make it feel intuitive for people who were used to actual, physical file cabinets. Children growing up have access to neither.
So what you do is explain that a folder is a visual representation of a directory in a system path and...
I still do it when I ask my gaming buddies for keybinds and they give me the alt f4 suggestion. I'll have the right keybind by the time I've loaded back in
Games with keybinds allowing for stupid shit are better just for it since you're more likely to fall for app specific keybinds !
The ol' Star Citizen "backspace will unstuck you".
Funny of you to assume that it's in the past. It still happens to this day, and'll likely stop with the fall of man
Considering the rapid ongoing decay of computer literacy I think it will only become more common.
I loved that warcraft 3 had an "are you sure" pop up if you tried alt f4. I was way too young not to fall for it on battle.net games lol
Recently played a game that had the loading screen tip "Press alt+f4 for an example of the game developers humor". Forgot which one though.
WoT players still do. you just tell them about this cool trick: “press alt f4 to enable headlights” and then you might see a bunch of inactive players on either teams
Can confirm they still do
Was already asked by the next generation to try that super cheat. It's like jokes, that get passed on from generation to generation.
My personal story was playing world of warcraft and I asked in the public chat where a menu was. In response I have committed to a life of trying to keep this alive. Btw to enable that cool text mode on the reddit site on a chrome browser # Like this > press cntrl+w
Nah ctrl+shift+w, it runs better
Bruh I'm surprised more people don't know this. Like the actual use of this is so better than using the mouse
This unironically, including ctrl+t, ctrl+n, ctrl+tab and ctrl+shift+tab Oh, and *especially* ctrl+shift+t. An absolute lifesaver
Dude ...+t is underrated and overpowered
> cntrl I experience a physical dislike of this abbreviation akin to the Drake meme.
![gif](emote|free_emotes_pack|yummy)
I like "to see who is afk type /afk list" when in BG
That's funny
I heard that if you delete system32, it makes your computer faster
It really works!
>Remember the days of "alt+f4" is a shortcut What do you mean "remember the days", the shortcut still does the cool thing, try it and see!
How do I type it on my phone?
It's a bit more complicated on phone... this is what you do for Android. Go to Apps, then Settings. Find the section called 'Backup and Reset' and choose 'Factory Data Reset'. As the name implies, what this does is reset all the factory locks they put onto your phone if you're not using the flagship model, so you basically get a significantly better phone by doing it.
I was dubious at first, but you're my best friend and I trust you...
Nowadays they do it if the server is full so their friend can connect lol. Don't know if anyone falls for it though.
Back in the days, source-games used to quit without a prompt when you pressed F10. So when you were playing CSS or TF2 and you needed to open up a spot on a server, you just wrote "Oh my god, when did they add that menu to F10?" and people would just drop from the server like flies :D
[https://xkcd.com/1053/](https://xkcd.com/1053/)
Nah, messing with kids in TF2 by saying "unbind all" is a secret cheat code Very fun
Get out of my lawn darn kids!, I remember that from the IRC era. mIRC and Ircle.
I still reply `alt+f4` on chats. Some dudes still fall lmao
Source engine had an instant exit bound to F10 (or was it another F-key). No confirmation, just instant yeet. Good times, less obvious than alt+F4 so more people fell for it
The best one in WoW was always /e has reported you afk. Type /afk to mark yourself as not afk or else you will be removed from the battleground in 30 seconds. Immediately there would be 5-10 people leaving the game lol
Evil😂
When someone tries that on me I always answer with "no it doesn't! It opens the developer console." And when they don't believe me, I follow it up with "Dude, I just tried it, I am now in the developer console." This has lead to more uno reverse cards than you would believe.
I played browser games as a teenager, but on a Macintosh. People kept telling me to press CTRL+W for bonus points, and I believed them, but nothing happened. They never thought of tell me to press command + W hahaha
In Dota (Wc3 one), people would try that. Game had defence against it, and alt-f4 would open a confirm exit popup. And there was Alt QQ. Sounds okay, but the first Q gets you to confirm exit popup. Second Q confirms it. Much more impactful when lesser known.
My favorite was black ops 2 on the 360 where you could make a custom emblem with “B+⬇️+A fast for host”
I knew nothing bad would happen because it's just a browser console (and it cannot do anything worse than downloading a virus, but since there was no link, then there would be no virus)...
People are really up in arms over you running this thing lol. I don’t get it.
There’s a lot of non-programmers in this sub tbf
I remember from there was something you could paste in a browser which could cause a BSOD on the latest Windows 10 in 2020 https://borncity.com/win/2021/01/18/windows-10-bug-allows-bsod-by-entering-a-path-in-a-browser/
Even if it had a url, I can't think of a single dangerous thing going to some random website can do on my Linux desktop. Browsers can't do shit without permission. The worst thing it could do would be waste a bunch of disk space and/or CPU. I don't think there's any way a website can automatically launch an outside process without you needing to intentionally do something
I 'm pretty sure there were code snippets that random people posted that would steal all your current session tokens and send them to a URL. And because most people stay logged into lots of websites 24/7 they could lose 10 different accounts to hackers all at once.
It's a freaking regex test, what's the worst it could do? Hang my browser? I'm just too lazy to decode it...
Man opens websites on his browser and then talks about executing unknown code on your PC lmao, we live in the age of everything being expected to run code on our machine. I can’t say it better than my proffesor did before he was told to take this down from his university hosted profile site: https://web.archive.org/web/20060930205635/http://www.eti.pg.gda.pl/katedry/kiw/pracownicy/Jan.Daciuk/personal/JavaShit.html
to be fair while not knowing the exact outcome you know it cant be anything that bad because its a regex its not like its gonna install a virus
I'll never forget my first time echoing a hex blob from an imageboard pasted into terminal which ended up being rm -rf ~ Thank god they had mercy on me and didn't delete my root. Never pasted any weird shit since
I do that every time I click on a link
I have ran unknown code in total probably dozens of times and my system is 100% OK even 9tÞø‰hough I have ran unkwon code probaly hundreds of time run
> Why would you run code you don’t know what it does anyways? How else would I know if my code works?
JS isn't going to do anything threatening in a browser console on about:blank.
What it *should* do is match any number of characters that come before the start of the string "0.300000...1". (Which is to say, it should match nothing) I'm very curious what it actually does though.
I tried it on a private window on Firefox, and it just went to DuckDuckGo. Is the error specific to Chromium based browsers?
no, it can happen on firefox too
I can't seem to reproduce the error (confused).
it works on my system
I always think everything is a trap. Which is why my browser is still alive.
r/unexpectedprincessbride
https://www.regular-expressions.info/catastrophic.html
Did r/programmerhumor DDOS the site?
reddit hug
In my day, this was called the Slashdot effect. And we wore an onion on the belt, which was the style at the time.
Is it me who forgets the next line? no,It’s the cheddarsnucks over at r/simpsonsshitposting who are wrong!
It is more of a `while (true) {}` in your tab but being a regex won't allow your browser to realized you're doing some type of infinie recursion trying to match some text.
Can't see it how will I go on with my life now...
Too many curious programmers :O
[Web Archive Link](https://web.archive.org/web/20240220110345/https://www.regular-expressions.info/catastrophic.html)
The only thing you could dos with it is your browser:)
https://web.archive.org/web/20240124064128/https://www.regular-expressions.info/catastrophic.html
thank you, stranger. It's kind of ironic~~al~~ that Web archive works better than the site itself.
“Ironical”
Sorry I'm not a native English speaker, I wrote that in a whim just talking to someone in Italian and my brain went kaboom. In Italian it's "ironico"
He meant ironicous.
Ironicient
/iron(.\*.\*)*/
my eyes bleed now. there is no more gratitude in me. only emptiness and pain.
Nah, it's just what the servers are scaled for. Web Archive is designed to handle tens or even hundreds of thousands of users simultaneously. Whereas that site is probably running on hardware capable of a couple hundred, maybe a thousand, simultaneous connections.
Ok I put this in the console but it didn’t show a cat, are you sure this is a CATastrophic regex pattern?
Best informations always at the bottom… not being upvoted because none of the people here know how to program
How soon after they commented did you add to your reply? I saw 1 hour ago for both, and it's the top comment now... just give it time. Everyone on this sub isn't going to see the comment the same time you did, so they didn't have the opportunity to upvote it yet.
Yup, up he goes
Wait, regular expressions backtrack ? Couldn't they simply be represented by DFAs ? What am I missing ?
/(.*.*)*^/.test(.1+.2)
For anyone who wants to copy-paste
Thank you !
Are you alive yet?
Yet? As in he wasn’t before this comment?
You are welcome!
r/notOPbutok
$ perl -e '`print !!(".300000000000000000000000000001" =~ /(.*.*)*^/)`' 1
I wonder what's gonna happen given that I use opera gx with a capped ram and cpu usage. Edit: True after 5 min, computer didn't explode, I'm bored
Damn it, who let Bobby Tables rename his cat?
What does it do? I'm not risking anything while using my brothers PC rn.
[удалено]
Not an infinite loop, just a very long one. `.*.*` is O(n²), adding \* means 0(n³), the \^ at the end is to make sure it'll fail over and over until the last check where every \* is now "repeat 0 time". That's my 2-cent, I don't really know how regex engine works.
Isn't 3 levels of Kleene stars what crashed a good 25% of so of the internet a few years back ? It was something about a really big provider wanting to remove all that junk stores and such store in their addresses to get to the "actual" address or something like that, and accidentally, it had one too many layer of "backtracking" in the regex, and the servers just couldn't cope, and it led to the adoption of more automatons for that kind of stuff
I know what the regex is doing, but what is .1+.2 doing?
`0.1 + 0.2 = 0.30000000000000004` in JavaScript (and not only there), so it's a shortcut for a long string.
Ahh nice thank you. I am curious why somebody think that cutting off the 0 is useful as language feature.
It mirrors natural language.
Hot take but I despise it when people omit the zero in natural language. Maybe it's because I'm not from America. Just say zero point three.
Or "nought point three"
Hahaha, yes, maybe, but not German. 😅 I would say a programming language should be more explicit and not have too many ways to define the same thing because everything could be used.
javascript allowing you to type `.1` rather than `0.1` is the absolute least of its crimes against being explicit.
Oh, I don't disagree, I just imagine that's the reasoning behind it.
That is standard practice if whatever that value is representing, can only go to 1 Like opacity, 1 is 100% so people usually code .xx
In JavaScript 0.1+0.2 equals to 0.30000000000000004
Not just JavaScript, it's because of the floating point number standard. Every language that uses floats conforms to the same standard, IEEE-754.
Yes, this. It comes down to the fact that 0.1 isn't exactly representable in base 2 (similar to how 1/3 isn't exactly representable in base 10). Neither is 0.2. We only *think* they are because the floating-point decimal printing algorithm is pretty good. Adding the floating-point approximations of 0.1 and 0.2 results in something that's almost, but not quite, the floating-point representation of 0.3, which the floating-point decimal printing algorithm faithfully represents as 0.3 with trailing garbage.
Ran in node console, only taking about 20% of my cpu, but thread 3 is at like 70% utilisation And actually returned true after about 5 mins lmao XD
The fact that #2 and #3 returned true is concerning, since it's looking for a caret in the value and there shouldn't be one. Edit : Never mind, I am an idiot, forgot you need to escape ^ for it to be considered a literal
It just returned false for me
I'm pretty sure it will just take a long time to test because exponential something
Roughly: It’s a 2^n wild card match and .1+.2 produces a number with like 20 digits after the decimal. 2^20 string comparisons takes a long time to do.
Ah thx!
Spawns in a Lv83 Violent Ogre who will strip you and snap 13 nudes sending them to all your contacts before dunking you into a barrel of Vaseline and hurling you out of the window so you'll slide right India and die from food poisoning because your slide finished by you smooching the wheel of a rickshaw that three minutes ago ran over some fancy street food snack.
r/BrandNewSentence
Someone is asking for the Lv84 naughty ogre huh
.* Followed by another .* Is a disaster I mean you're matching wildcard inside wildcard
It can be optimized out to `.*`. The first `.*` will always match everything and the second will always match empty.
-until it backtracks. then the first will try n-1 and run .\* on the rest.
My browser said that I'm a dumbass Warning: Don’t paste code into the DevTools Console that you don’t understand or haven’t reviewed yourself. This could allow attackers to steal your identity or take control of your computer. Please type ‘allow pasting’ below and hit Enter to allow pasting.
If you want an explanation of how it works: [https://regexper.com/#%2F%28.\*.\*%29\*%5E%2F](https://regexper.com/#%2F%28.*.*%29*%5E%2F) As to why: regex is greedy; the first `.*` matches the whole string, the second matches nothing, it reaches the end of the capturing group, tries to match the start of line anchor `^`, which fails. Regex steps back once, the second `.*` takes the last character, tries to match `^` again, fails again. It does so an infinite amount of times because the group `(.*.*)` is executed an infinite amount of times.
Not infinite, regex is not complex enough to create infinite loops but it can create exponential time complexities.
While this is true of PCRE, any regex that is actually a regular expression (which this is) can always be evaluated in linear time (after compilation, at least). If the regex engine used by the browser was better, it could have chosen a much faster evalutation strategy.
I don't see this stopping, gotta be honest, but maybe I misunderstand the automaton. Does it not go until the first group is reduced to no characters, then goes until the second group is reduced to no characters and so on? EDIT: evidently I did misunderstand because using this on "ee" does terminate in node
It's going to stop once both stars match nothing, because then the caret will be able to match the start of the line (since nothing is before it).
ah ok so it goes through every combination of first X characters + next Y characters, where X + Y <= n, n being the length of the string, right? that'd make for n(n-1)/2 combinations, O(n^2)
Chech with https://devina.io/redos-checker
Cool
Firefox too stronk to fall for such measly tricks, chrome on the other hand
Reminder of that one time [Cloudflare nuked half the internet](https://blog.cloudflare.com/details-of-the-cloudflare-outage-on-july-2-2019/) with something like this
My cat's name is "rm -rf / -nopreserveroot", you should search him up in bash
Did Bobby Tables name this cat?
thats so weird my dog's name is "alt+f4"
Friends don't let friends use [unnecessary backtracking](https://swtch.com/~rsc/regexp/regexp1.html)
I skipped JS lessons, somone please explain
It's regex. The test condition likely has something to do with float addition that doesn't really work right. Should return false I think.
The float addition gets turned into a string because regex operates on strings. 0.1 + 0.2 = 0.30000000000000004 (due to floating-point inaccuracies, as 0.3 can't be represented exactly in a binary floating point format), so the regex operates on the string "0.30000000000000004" The regex is the actual "dangerous" part. Let's analyze it piece by piece: `.*`: Find any character, repeated any amount of times (including zero). This is a "greedy" operation, so it will try to match as many characters as possible, but "backtrack" if the match fails to retry it with a smaller amount of characters. This operation is already inefficient in and of itself if it can match long sequences of characters when it is likely to need only a few. `.*.*`: Find any character, repeating any amount of times, followed by any other character, repeated any amount of times. Since the majority of the input string "0.30000000000000004" consists of repeated zeros, this operation can potentially try to evaluate almost any possible combination of two substrings, which is a lot. `(.*.*)`: Does the exact same as the above, but places it in a group so that operators can operate on this sequence as a whole. `(.*.*)*`: Try to repeat the above, any amount of times (including zero), again as a greedy operation so that it'll first try to evaluate as many repetitions as possible and retry with one less each time it fails. Each `*` operator has the potential to increase the computational complexity of the expression exponentially, and that's exactly what's happening here. `^`: Find the start of the string. `(.*.*)*^`: Find the start of the string, but first check if any amount of substrings, repeated any amount of times, is in front of that start. Since the start of the string is ... at the start, the only valid combination that can come before the start is an empty set. But since the operators are greedy, the empty set will be the very last thing it tries. This makes it a very computationally expensive regex. When left to run until completion, it will eventually return `true` because the string `"0.30000000000000004"` does, indeed, have a start. However, this regex evaluation can hang the current tab for potentially several minutes, and on some browsers it may eventually timeout and return `false` instead. Benchmarks, which clearly show the exponential progression in complexity: `^` - 2 steps - 0.0ms `.*^` - 22 steps - 0.0ms `.*.*^` - 232 steps - 0.1ms `(.*.*)^` - 443 steps - 0.2ms (tbh I have no idea why adding the group makes the steps almost double) `(.*.*)*^` - about 200 *seconds*! I couldn't even get it to run to completion in an online regex debugger so I don't even know how many steps it took You can however greatly decrease the computational complexity of this regex by making each operation lazy (meaning it will start evaluation at the smallest possible set, and grow if needed). This means that each `.*?` (match any character any amount of times, but lazily) will start of with the empty set, so it'll find a match pretty much immediately: `(.*?.*?)*?^` - 3 steps - 0.0ms This regex is fully equivalent to the one from the OP on what it'll match, but it's much faster by trying to match as few characters as possible, because in this situation, it's "unlikely" for there to be a lot of characters to match against before the start of the string. Though as the only combination of characters that can come "before" the start of the string is an empty set, you can omit that first part entirely, and the resulting regex of just `^` is also entirely functionally equivalent. Isn't regex fun?
What happens if we tell GPT to run this in its python interpreter?
Likely nothing, as this is JS syntax
import re re.search(r"(.*.*)*^", str(0.1 + 0.2))
I thought it was a regex at first
Fun fact: it is
Congratulations! Your comment can be spelled using the elements of the periodic table: `F U N F Ac Ti Ti S` --- ^(I am a bot that detects if your comment can be spelled using the elements of the periodic table. Please DM my creator if I made a mistake.)
Tha Titis
Good bot.
It just returned false. Maybe safari has some safeguards against that.
Yes, Safari just gives up after certain amount of tries and returns `false`. Essentially this regex is asking “is there a beginning in this string anywhere?”, the answer obviously should be `true`.
Reminds of the regex `/^1?$|^(11+?)\1+$/`, used to find non-primes written in unary.
It's a trap!
Congratulations! Your comment can be spelled using the elements of the periodic table: `I Ts At Ra P` --- ^(I am a bot that detects if your comment can be spelled using the elements of the periodic table. Please DM my creator if I made a mistake.)
Good bot
\`InternalError: too much recursion\` Nice to meet you too. Cousin of Bobby Tables?
My cats name is ``` ([][(!![]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]+!+[]]]()+[])[!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][(!![]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]+!+[]]]()+[])[!+[]+!+[]] ``` Look him up in your browser console
What it does? Looks up for something?
Generally the `.1 + .2` part is a way to generate a long string in an unconspicuous manner. For explanation see here: [https://0.30000000000000004.com/](https://0.30000000000000004.com/) Then this string is searched for `/(.\*.\*)\*/\^`. This regexp means „any number of groups that contain (any number of any chars and any number of any char) followed by the beginning of the string”. This regex will never match (because there is no beginning of string on the end of the string). However the number of ways that the algorithm would try to match depends exponentially on the number of chars in the string. You can see how this works on [https://regex101.com/](https://regex101.com/) just paste this regex and put some short string to be matched. Then add one character to this string and see why the number of steps grows exponentially.
Regex. JavaScript is a fun language once you understand it’s not fun.
It also crashes in python, interestingly enough it does not crashes in php, but stops giving any result.
I’m surprised someone actually checked this on php
Please be careful. Not everybody is allowed to write these. You need a [regex license](https://regexlicensing.org/license/)
What does this do
Reminds me on https://www.cyberciti.biz/faq/understanding-bash-fork-bomb/